dramacool9.co/
188.114.96.1301 Moved Permanently 0 B IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: dramacool9.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 00:35:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 02 Dec 2022 01:35:57 GMT
Location: https://dramacool9.co/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46mBZurRyFN7QasrwgWg4iHn6%2FC392EmdX9QV1VI5FgcSi7cxxpz56wG4rC41DTmYPjyT6mbppmw%2BXNr8e5FvcLTLNrGhg2vpBd3CcrISMkbQGaJuDinIzDNchfgkZUW"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772ffc4c1ddcb4f4-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10462
Expires: Fri, 02 Dec 2022 03:30:19 GMT
Date: Fri, 02 Dec 2022 00:35:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 834
Cache-Control: max-age=122949
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:35:57 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 10:45:06 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 00:19:50 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 967
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6738
Expires: Fri, 02 Dec 2022 02:28:15 GMT
Date: Fri, 02 Dec 2022 00:35:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 44c338c64edd4072687b861957476ad1
bb1d3d8eca99bb830e46cb0d97650021c595d145
89c98ff6cde3d305a9da77a5f784db26b89c28c31f4319a0604581a0576dd3eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3582
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:35:57 GMT
Etag: "6388bc0e-116"
Last-Modified: Thu, 01 Dec 2022 23:36:15 GMT
Server: ECS (amb/6B9C)
X-Cache: HIT
Content-Length: 278
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: z2nILS+CN9MDvboG1PkV2foQQPObBLfI992m3b+BgvxwV3FzxG0dOpn3WhlADFri3SKvi4+wsFg=
x-amz-request-id: 902WNQKJWRKM77B2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 23:45:51 GMT
age: 3006
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:35:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 44c338c64edd4072687b861957476ad1
bb1d3d8eca99bb830e46cb0d97650021c595d145
89c98ff6cde3d305a9da77a5f784db26b89c28c31f4319a0604581a0576dd3eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3582
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:35:57 GMT
Last-Modified: Thu, 01 Dec 2022 23:36:15 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
dramacool9.co/
188.114.97.1301 Moved Permanently 162 B IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET / HTTP/1.1
Host: dramacool9.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Fri, 02 Dec 2022 00:35:57 GMT
content-type: text/html
location: http://www.dramacool9.co/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7f8xgMyTT%2FCCbdTlAGOKCaCt6GN2uGhttCLq9N3iRgnX8WX2vM9a06GVxr82vx%2FayQQBASvxDh2iIOLTYVxAUdK3qUo4mfNcZIHXejWcnXrA9X68wk%2BCeGwHcgydgm0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ffc4e5db6b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 00:11:15 GMT
cache-control: public,max-age=3600
age: 1483
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 849
Cache-Control: max-age=117900
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:35:58 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 09:20:58 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
cdnjs.cloudflare.com/ajax/libs/jquery_lazyload/1.9.7/jquery.lazyload.min.js?ver=1
104.17.25.14200 OK 1.1 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery_lazyload/1.9.7/jquery.lazyload.min.js?ver=1
IP 104.17.25.14:0
File type ASCII text, with very long lines (3309)
Hash edf1dd25b1ab3d24fbf2444b4061838c
e59cb30ed49d56313ee1f770f6784f5faaa1199f
c31915d8a610a15ca29180348abb37bdaff9d8bde76f13c0e78bc841e633c06e
GET /ajax/libs/jquery_lazyload/1.9.7/jquery.lazyload.min.js?ver=1 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:35:58 GMT
content-type: application/javascript; charset=utf-8
content-length: 1120
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-d35"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2529433
expires: Wed, 22 Nov 2023 00:35:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MqSZ%2BI8Xbvqa7TjeaxTwP9j0%2FEeeMpAZJu7YxKHlJTj8kKxagk0cObVc5IWXSkuSv%2ByuwZ9jZPVss7xGFx3rA6RzQ6wLFgqU9s477%2FolWNgrU0BwPpRHoZXLUMIBE%2B020UsEMK9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 772ffc52a8820b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 12 kB IP 93.184.220.29:0
Hash d407a09e85b8b6ac8ca39823bfe60312
55999777532a7757fe966a4513cb5f211635589c
92758a1e225dd8695adcdb6d86deae3ed8a00c7035e68df5aa5077cd4438b82e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3968
Cache-Control: max-age=105927
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:35:58 GMT
Etag: "638833b6-117"
Expires: Sat, 03 Dec 2022 06:01:25 GMT
Last-Modified: Thu, 01 Dec 2022 04:55:18 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ceda070a9fc7993204ff5483bca5d3f1
efdcf72a7ad19bbecfb22504a1e257b46a9abcb8
ef08948ea83314c78c4938926da4cbe539d2d8817a82a96ee2acfdb8c5f491c2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3968
Cache-Control: max-age=105927
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:35:58 GMT
Etag: "638833b6-117"
Expires: Sat, 03 Dec 2022 06:01:25 GMT
Last-Modified: Thu, 01 Dec 2022 04:55:18 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ceda070a9fc7993204ff5483bca5d3f1
efdcf72a7ad19bbecfb22504a1e257b46a9abcb8
ef08948ea83314c78c4938926da4cbe539d2d8817a82a96ee2acfdb8c5f491c2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 604
Cache-Control: max-age=102564
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:35:58 GMT
Etag: "638833b6-117"
Expires: Sat, 03 Dec 2022 05:05:22 GMT
Last-Modified: Thu, 01 Dec 2022 04:55:18 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ceda070a9fc7993204ff5483bca5d3f1
efdcf72a7ad19bbecfb22504a1e257b46a9abcb8
ef08948ea83314c78c4938926da4cbe539d2d8817a82a96ee2acfdb8c5f491c2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3968
Cache-Control: max-age=105927
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:35:58 GMT
Etag: "638833b6-117"
Expires: Sat, 03 Dec 2022 06:01:25 GMT
Last-Modified: Thu, 01 Dec 2022 04:55:18 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 1.5 kB IP 142.250.74.131:0
Hash 49567aeac6475f6d11969f39bea526ae
40ae9e22dba5d54e1601e9435426481d7fbfba8c
6123ccb9c22ae9df52af6e241ad8bfe5a0593ead64871de1e1e9eeffc9e58008
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d8516c7c4119452635ad1f6157cf7543
324886bc68c344a121d485d93962d7cdd0430a46
3c43bd29eec037fdf1186e45a4f28d9a21a3d46772edadc355999da2b89d508c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C43BD29EEC037FDF1186E45A4F28D9A21A3D46772EDADC355999DA2B89D508C"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1065
Expires: Fri, 02 Dec 2022 00:53:43 GMT
Date: Fri, 02 Dec 2022 00:35:58 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=UA-131447009-1
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-131447009-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash f6eebe2076083b6fde94feef192077f8
a3e96073e81d8c789e63fd5a3e7496f1c31b904f
a3fb8dfa1d72430cb1a16101839a12c2b3d77977e3c4a3b5b7d7e837cdbeb185
GET /gtag/js?id=UA-131447009-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 00:35:58 GMT
expires: Fri, 02 Dec 2022 00:35:58 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Dec 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43577
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f995cd5e287e29d262a6cfb662c43138
f80a5a28b07de053d9cb70302801229202f5747d
c22fd239b11d0bdbabf76b2294783d1c7730d608c5c9d1ef223df145ca7bc229
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C22FD239B11D0BDBABF76B2294783D1C7730D608C5C9D1EF223DF145CA7BC229"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8828
Expires: Fri, 02 Dec 2022 03:03:06 GMT
Date: Fri, 02 Dec 2022 00:35:58 GMT
Connection: keep-alive
cenaclesuccoth.com/1clkn/16782
172.255.6.58200 OK 26 B URL HTTP/1.1 cenaclesuccoth.com/1clkn/16782
IP 172.255.6.58:0
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
GET /1clkn/16782 HTTP/1.1
Host: cenaclesuccoth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 00:35:58 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Sat, 03-Dec-2022 00:35:58 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Sat, 03-Dec-2022 00:35:58 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
push.services.mozilla.com/
52.41.91.37101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.91.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QVp0OZL5OpxG8d5tRlE6vg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Veg3lO43UxZSamY2LeRhJRzGE0U=
cdn.purpleads.io/agent.js?publisherId=b2ceb012c83b9a7144bd1478208f267a:9ab0b065d3810b2fd9aeb6065b8ee85871db6fe4c4ad32f49fd0fc672f69e09f3081599e2f6e24b5210a9db2e188856bcf18a03638f2ecaa4014d5b7915c430d
143.204.55.67200 OK 14 kB URL HTTP/2 cdn.purpleads.io/agent.js?publisherId=b2ceb012c83b9a7144bd1478208f267a:9ab0b065d3810b2fd9aeb6065b8ee85871db6fe4c4ad32f49fd0fc672f69e09f3081599e2f6e24b5210a9db2e188856bcf18a03638f2ecaa4014d5b7915c430d
IP 143.204.55.67:0
File type Unicode text, UTF-8 text, with very long lines (55480), with no line terminators
Hash a3bfc94d9e4a8dd2d5b78ad5fa404ae5
e217a54a2287525807532aef1ad9aaff2bba5be1
a2abcf9d6141c7aa9c628e99def49a14b3532ec215015822cdb348cb82da186c
GET /agent.js?publisherId=b2ceb012c83b9a7144bd1478208f267a:9ab0b065d3810b2fd9aeb6065b8ee85871db6fe4c4ad32f49fd0fc672f69e09f3081599e2f6e24b5210a9db2e188856bcf18a03638f2ecaa4014d5b7915c430d HTTP/1.1
Host: cdn.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 13848
last-modified: Thu, 24 Nov 2022 08:42:09 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 01:22:54 GMT
etag: "a3bfc94d9e4a8dd2d5b78ad5fa404ae5"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: u0YK5k2R08mA5qcSGA6st78lRqUEPYe8A7Ln3ri4lleN6E3J8sVaeA==
age: 83585
X-Firefox-Spdy: h2
js.wpadmngr.com/static/adManager.m.js
45.133.44.25200 OK 35 kB URL HTTP/2 js.wpadmngr.com/static/adManager.m.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash d85c43891c2e2652d1303d8aaa4eb203
e87e9df9c0762e8e37ad1a581338c3627102039a
bbcd8ea9c3dd26c5a96d84c92aafdc1ba23ac237bd04b40aa68d6890bc36d392
GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:35:58 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 30 Nov 2022 13:10:49 GMT
etag: W/"63875659-17718"
content-encoding: gzip
expires: Fri, 02 Dec 2022 00:40:58 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
imp9.bidgear.com/rec?t=1&z=3133&uuid=802ff45d3b294633810e5ed8eca9f58c&p=61&g=NO&token=4a44335432&tbg=1669941358
104.26.3.107200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=3133&uuid=802ff45d3b294633810e5ed8eca9f58c&p=61&g=NO&token=4a44335432&tbg=1669941358
IP 104.26.3.107:0
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=3133&uuid=802ff45d3b294633810e5ed8eca9f58c&p=61&g=NO&token=4a44335432&tbg=1669941358 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:35:58 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mw2spTNDpPM0hrVuqZf49as%2BK9p5pQw60b3Wwta6%2BjWenLwoTgBKiG%2BECedOFohgQWD0QMWKPW%2FqSqW6NUPrPEHPadClxg9wFFmO45SI5uubzlXVXYZqNBnSOAFPJWcm62E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ffc5448f2b51e-OSL
X-Firefox-Spdy: h2
imp9.bidgear.com/rec?t=1&z=6833&uuid=55da96fc8019425785015c424240fb15&p=47&g=NO&token=4a44335432&tbg=1669941358
104.26.3.107200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=6833&uuid=55da96fc8019425785015c424240fb15&p=47&g=NO&token=4a44335432&tbg=1669941358
IP 104.26.3.107:0
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=6833&uuid=55da96fc8019425785015c424240fb15&p=47&g=NO&token=4a44335432&tbg=1669941358 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:35:58 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTs98sOkkkLWDhl8Qq5A1dzOtMlLmmxjYl8jDrRlRFDEaD7OYY6Qn90aMmpqK83p8rXAz4UuM2HtjTh33ENgdSIJqTL88738Wy8LgkYmdCPcUmE243zdJ7MSHNye%2BRUSA9A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ffc5448f0b51e-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash db96aea7c6137a84b51e0a4920c2ae1c
c1f65ce0ffe318d37dbd711a8e3c292bc9c24bf8
eb79be65721739b162a1fc4f85b01e63ed09075ccf8ff77f9605b81e8c21f494
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB79BE65721739B162A1FC4F85B01E63ED09075CCF8FF77F9605B81E8C21F494"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1763
Expires: Fri, 02 Dec 2022 01:05:21 GMT
Date: Fri, 02 Dec 2022 00:35:58 GMT
Connection: keep-alive
na.nawpush.com/tags/20140?version_name=a
45.133.44.25200 OK 6.9 kB URL HTTP/2 na.nawpush.com/tags/20140?version_name=a
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (6862), with no line terminators
Hash fa76147ba713071af50226846bfaf05d
b5c07be0debe8f33e5d487439ffe2471faf73dcc
e2e88a7539980d7ecffacdd5e59800c1ef36f5729af4c6af0582601e95dd1133
GET /tags/20140?version_name=a HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:35:58 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300, public
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
platform.bidgear.com/ads.php?domainid=2175&sizeid=2&zoneid=3133
104.26.3.107200 OK 16 kB URL HTTP/2 platform.bidgear.com/ads.php?domainid=2175&sizeid=2&zoneid=3133
IP 104.26.3.107:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1449), with no line terminators
Hash ed845246cf1b7fd8bafba215e5ace582
583251f15810ac461b16d54a87823debd45c674d
64c89ba257555a9d8f7a39330d89378ac1ce521510c68e12fefe2945d1f9673e
GET /ads.php?domainid=2175&sizeid=2&zoneid=3133 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:35:58 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ASlq6H1EhotOdSzsRv%2BGN5NNfaZuFvT8vF%2FvmHvN0TGXAlx8NuVN2g3sMpYWtOGDcrZBkQVLLq3r19WZE7nnMllGz%2FWVz9RiQPOH5PkEKp7LmwR1KaZ5Zo17VOVY8AfZp3rtmIg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ffc535865b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
pixel-dsp.bidgear.com/rec?t=1366&p=1&l1=3272&l2=19737&d1=3187&d2=3188&b=3124&token=b804f8cb56&time=1669941358
104.26.3.107200 OK 1 B URL HTTP/2 pixel-dsp.bidgear.com/rec?t=1366&p=1&l1=3272&l2=19737&d1=3187&d2=3188&b=3124&token=b804f8cb56&time=1669941358
IP 104.26.3.107:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
GET /rec?t=1366&p=1&l1=3272&l2=19737&d1=3187&d2=3188&b=3124&token=b804f8cb56&time=1669941358 HTTP/1.1
Host: pixel-dsp.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:35:59 GMT
content-type: text/plain; charset=utf-8
content-length: 1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfL1UJeByCODeACRL53UamfsSROTq3vZ6XrP2DHUfFLBaUy1Winb6LFZJIqDwoqILFgDnHvI2dUiJZM29ogWY5JZAWTfyPB3LV9ZRaeZcfsrNDGo%2BDOEFkrYmFAX6kWNLvstq8v2%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ffc55d9e7b51e-OSL
X-Firefox-Spdy: h2
imp-dsp.bidgear.com/rec?viewId=aDWbMMF2XzB001GYOx1caKQHVB000GztKVFIOcf7DYVJB000G3U9Oen68eGkzAtH31yzj2BDJO9mPJMB000GekLM3CPJwWU41eB001GA2gYqXyHONqtKd7loIUvbF9xknuKojw4MLZUzj5iwzzU29YYwbQllLISSBCNeuXKK0k4jgPDQeme8IKU5YjdKzbJ7SMEHsfTRKlVzazksxsAi7OQZEg0dnkzJltZDWT9reQR8KICTy45ySAZdNplcqmPNhgH8i3gkcdbhOQeEGIYPpqUcjgB002GB002G&token=b804f8cb56&time=1669941358
104.26.3.107200 OK 1 B URL HTTP/2 imp-dsp.bidgear.com/rec?viewId=aDWbMMF2XzB001GYOx1caKQHVB000GztKVFIOcf7DYVJB000G3U9Oen68eGkzAtH31yzj2BDJO9mPJMB000GekLM3CPJwWU41eB001GA2gYqXyHONqtKd7loIUvbF9xknuKojw4MLZUzj5iwzzU29YYwbQllLISSBCNeuXKK0k4jgPDQeme8IKU5YjdKzbJ7SMEHsfTRKlVzazksxsAi7OQZEg0dnkzJltZDWT9reQR8KICTy45ySAZdNplcqmPNhgH8i3gkcdbhOQeEGIYPpqUcjgB002GB002G&token=b804f8cb56&time=1669941358
IP 104.26.3.107:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
GET /rec?viewId=aDWbMMF2XzB001GYOx1caKQHVB000GztKVFIOcf7DYVJB000G3U9Oen68eGkzAtH31yzj2BDJO9mPJMB000GekLM3CPJwWU41eB001GA2gYqXyHONqtKd7loIUvbF9xknuKojw4MLZUzj5iwzzU29YYwbQllLISSBCNeuXKK0k4jgPDQeme8IKU5YjdKzbJ7SMEHsfTRKlVzazksxsAi7OQZEg0dnkzJltZDWT9reQR8KICTy45ySAZdNplcqmPNhgH8i3gkcdbhOQeEGIYPpqUcjgB002GB002G&token=b804f8cb56&time=1669941358 HTTP/1.1
Host: imp-dsp.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:35:59 GMT
content-type: text/plain; charset=utf-8
content-length: 1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KkQfLy0PFm5UG4BIJY%2B456xER4rGC1eQ9JeafHut4Y4Ih%2F%2BYg0drfJMtq3nc6C6qQho4cL04PfpUCn44dX3Ygua4tT7D25VqCqcCXNCqo5cznzeYYdog1lCqUMYMNmECYsh%2BEbI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ffc55e9f1b51e-OSL
X-Firefox-Spdy: h2
imp9.bidgear.com/rec?t=1&z=7307&uuid=fb3fd6cec7844eaa8b70940c676eb065&p=17&g=NO&token=4a44335432&tbg=1669941358
104.26.3.107200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=7307&uuid=fb3fd6cec7844eaa8b70940c676eb065&p=17&g=NO&token=4a44335432&tbg=1669941358
IP 104.26.3.107:0
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=7307&uuid=fb3fd6cec7844eaa8b70940c676eb065&p=17&g=NO&token=4a44335432&tbg=1669941358 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:35:59 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H57XOnGEo1oUFm052rqFJ3DopTFcpJqv9JV0L7cB%2B4D0krNhYovt7IdOGsGs4aHW0KITGyHBuxTsrmA%2F9v53c4xomhT9R%2FwwzCUiresMzVCa43WpUxf8zjJQ9Cs1ucayGz4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ffc55e9ecb51e-OSL
X-Firefox-Spdy: h2
platform.bidgear.com/ads.php?domainid=2175&sizeid=2&zoneid=6833
104.26.3.107200 OK 277 kB URL HTTP/2 platform.bidgear.com/ads.php?domainid=2175&sizeid=2&zoneid=6833
IP 104.26.3.107:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (590), with no line terminators
Size 277 kB (277079 bytes)
Hash 6d9201925350515c0bd564836de08c90
0b1a710ac2698d4c319318ff299a9fe0071cffca
3229fd7b0e824f2574caa7d4b399e22fb10e67d619727fc9b34b8c9f4b6eb071
GET /ads.php?domainid=2175&sizeid=2&zoneid=6833 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:35:58 GMT
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSU6a7HieANSwINSuUesTOtBRWF0xrEDZnsExnFBQqzu8xPNypn%2BkrVuif%2BiiqZ6D9Cyd%2B5TCo%2FCnX4iAmydlLP0yDQlsQiTdY71RDdQseFyKvJ6pRrXO8AhOxp0XzIEXRge59RW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ffc533851b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 95bddb967ea61fa9bf1684d9eeff9812
06721f41f93f5a899d6f19c7c4ea2821807f4d73
8d4301f89723c71179acddf592ca18880204caad5ca3dd853ea1aae8a4daffc4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8D4301F89723C71179ACDDF592CA18880204CAAD5CA3DD853EA1AAE8A4DAFFC4"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7556
Expires: Fri, 02 Dec 2022 02:41:55 GMT
Date: Fri, 02 Dec 2022 00:35:59 GMT
Connection: keep-alive
platform.bidgear.com/ads.php?domainid=2175&sizeid=28&zoneid=7307
104.26.3.107200 OK 77 kB URL HTTP/2 platform.bidgear.com/ads.php?domainid=2175&sizeid=28&zoneid=7307
IP 104.26.3.107:0
File type HTML document, ASCII text, with very long lines (823), with no line terminators
Hash 62f863239797a1f7a9b4f8294554e917
82d3d7d9fafbc84a59832eb7520810cddb74ed8a
a350f99bea28ec47f60eab4fcf898eb62d3d0f45f6bd0e629987c56ab7a9f43f
GET /ads.php?domainid=2175&sizeid=28&zoneid=7307 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:35:59 GMT
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSSA2n3pv48xJNrhKlfmq2mxah0jyEH8SWjtXHNDQuQBkKO%2BmWbIp0h5YgyJR5S4Y%2F62SOHmc5hqjKoAIAVWWhilWqvUu3goU0iEkdlDpd04A6nZqeGTxCe4zEEHSHWMprZArf2g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ffc533858b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
js.wpadmngr.com/static/adManager.js
45.133.44.25200 OK 80 kB URL HTTP/2 js.wpadmngr.com/static/adManager.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash 7bd5c34c9245cd54c1fbfe73638d51fc
4bcdda8e759c8a50689e7370c3c1cf7d1dce95dd
66909a37be300739e1c7b503aaf2ec682ee408b62ba384ced44256aa0d81a25c
GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:35:58 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 13 Jul 2022 06:52:04 GMT
etag: W/"62ce6b94-4e2"
content-encoding: gzip
expires: Fri, 02 Dec 2022 00:40:58 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
205.185.216.10200 OK 86 kB URL HTTP/2 cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
IP 205.185.216.10:0
File type ASCII text, with very long lines (65020)
Hash 700d1de734b4979c4c3059b613e9d7b1
0a7d2ad10cba258cfc2e0376240852a4ae5f4012
2031fbefbf1b070dcf0ebb746438e628fdd59c7daac6952000ef9056b7294eb6
GET /prebid-video-7.22.0-2022-10-26.gz.js HTTP/1.1
Host: cdn.psdn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:35:59 GMT
content-encoding: gzip
content-length: 86507
content-type: application/javascript
last-modified: Wed, 26 Oct 2022 13:24:00 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "700d1de734b4979c4c3059b613e9d7b1"
cache-control: max-age=31536000
x-amz-request-id: tx0000000000001178867eb-00635934f6-34c6886a-nyc3b
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1669941359.dop020.sk1.t,1669941359.cds071.sk1.hn,1669941359.cds218.sk1.c
X-Firefox-Spdy: h2
tags.h12-media.com/load2.js
154.51.131.137200 OK 98 kB URL HTTP/2 tags.h12-media.com/load2.js
IP 154.51.131.137:0
File type HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 23a5f46fa4ce325c30a3be4a2aef0c01
ca5893e62be0bce6884ec6ba96ea657b3724dff4
3ca6aee82460751181b5037387ed29a0316eaa3cefb66262be18497fbb64fb31
GET /load2.js HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 20:29:09 GMT
accept-ranges: bytes
etag: "86b5363fc3fad81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
date: Fri, 02 Dec 2022 00:35:58 GMT
content-length: 98011
X-Firefox-Spdy: h2
demand.bidgear.com/tag?z=1366&k=63033dbf298c0
104.26.3.107200 OK 3.5 kB URL HTTP/2 demand.bidgear.com/tag?z=1366&k=63033dbf298c0
IP 104.26.3.107:0
File type ASCII text, with very long lines (1855), with no line terminators
Hash cd6be16088ea84ce958e741149bda949
25d609321d4f0cf9644ee8e1d7c1b8bdcfaf2f09
637118bd84eaba2e45aec2f6a32d6d831bad9e6e1ac136f6fe9a17965569b8e0
GET /tag?z=1366&k=63033dbf298c0 HTTP/1.1
Host: demand.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:35:58 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _dsp_8_bg=U5531632fd0f349bf81957c271577f289; Domain=bidgear.com; Expires=Sat, 02 Dec 2023 00:35:58 GMT; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMohSiOmslx4FblZtraTc5CiqbqKDeXM3pNnh%2Bu4s2kiCy76f3%2Fz5n11BOx656ye9BKHO5PaW%2FfLmP3FQOKmABtC269PtbQMCEBAOM3eL85%2FUGZbo%2BMOqDYLkQpB7QIsE8ZaCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ffc546907b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/init?ts=1669941357232
52.204.242.76200 OK 89 B URL HTTP/2 api.purpleads.io/x/init?ts=1669941357232
IP 52.204.242.76:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0d87ef7e4d600d371efb20b85aad5249
c1ffdba7ff82c34dde36160a00417c2669dd8d3c
0922db680b6951385301ea921f64357700c286ed20d1a16beaf95ee8486d1b43
GET /x/init?ts=1669941357232 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Content-Type: application/json
x-purpleads-version: 2.2.13
x-request-url: aHR0cHM6Ly93d3cuZHJhbWFjb29sOS5jby8=
Authorization: Bearer b2ceb012c83b9a7144bd1478208f267a:9ab0b065d3810b2fd9aeb6065b8ee85871db6fe4c4ad32f49fd0fc672f69e09f3081599e2f6e24b5210a9db2e188856bcf18a03638f2ecaa4014d5b7915c430d
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:35:59 GMT
content-type: application/json; charset=utf-8
content-length: 89
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id: 8bc35ad0-5a44-42ec-8ccc-498cdcf95a95
etag: W/"59-wf/bp/+Cw03eNhYKAEF8JmndjTw"
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a40e191e2c32caa23c7ec1abea39e991
b03456fefb0156a48fae623cdc3c444c44d2481e
23abf43db4e7fafcd42f2114b823179fa4119c04f317cd0ee8c395e0688778cd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5979
Cache-Control: max-age=120158
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:35:59 GMT
Etag: "63886372-117"
Expires: Sat, 03 Dec 2022 09:58:37 GMT
Last-Modified: Thu, 01 Dec 2022 08:18:58 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 288f039d0a39bcd3d5395f035a3553cb
f71de6917a331e4b839de8e107d2020ea3d61d26
d7ce8c2d5a18473d7f9424a3c00fb09796790b9c59b088489b595ea83a5845f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D7CE8C2D5A18473D7F9424A3C00FB09796790B9C59B088489B595EA83A5845F3"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9694
Expires: Fri, 02 Dec 2022 03:17:33 GMT
Date: Fri, 02 Dec 2022 00:35:59 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a40e191e2c32caa23c7ec1abea39e991
b03456fefb0156a48fae623cdc3c444c44d2481e
23abf43db4e7fafcd42f2114b823179fa4119c04f317cd0ee8c395e0688778cd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5979
Cache-Control: max-age=120158
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:35:59 GMT
Etag: "63886372-117"
Expires: Sat, 03 Dec 2022 09:58:37 GMT
Last-Modified: Thu, 01 Dec 2022 08:18:58 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 86a12dbe6ec4108e05854b5760fb131b
6d1abccdbeb8536890093cb7eb60b65be31b1ec0
4f59b344c88d910835173a70f7d07c40488573c03fa0274d9b4d6cc66567c423
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F59B344C88D910835173A70F7D07C40488573C03FA0274D9B4D6CC66567C423"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5816
Expires: Fri, 02 Dec 2022 02:12:55 GMT
Date: Fri, 02 Dec 2022 00:35:59 GMT
Connection: keep-alive
api.purpleads.io/x/b/?idx=1&pid=eaa2a942d81344e6b14436884d7be463&sizes=[[160,600],[120,600]]&slotid=8ab20543-cc32-43ad-be83-cb31468640ea&ts=1669941357484
52.204.242.76200 OK 2.0 kB URL HTTP/2 api.purpleads.io/x/b/?idx=1&pid=eaa2a942d81344e6b14436884d7be463&sizes=[[160,600],[120,600]]&slotid=8ab20543-cc32-43ad-be83-cb31468640ea&ts=1669941357484
IP 52.204.242.76:0
Hash 52448d5d0cbc774bf108aa1cdb9d19bd
090c91e8be82a1452a51b5e250773543bba2890d
8bf3874b306f260fab008b5c8f27b4e1a8da2f0e05055b0e7b8c1a4ecbe7d7c5
GET /x/b/?idx=1&pid=eaa2a942d81344e6b14436884d7be463&sizes=[[160,600],[120,600]]&slotid=8ab20543-cc32-43ad-be83-cb31468640ea&ts=1669941357484 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Content-Type: application/json
x-purpleads-version: 2.2.13
x-request-url: aHR0cHM6Ly93d3cuZHJhbWFjb29sOS5jby8=
Authorization: Bearer b2ceb012c83b9a7144bd1478208f267a:9ab0b065d3810b2fd9aeb6065b8ee85871db6fe4c4ad32f49fd0fc672f69e09f3081599e2f6e24b5210a9db2e188856bcf18a03638f2ecaa4014d5b7915c430d
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:35:59 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id: 33adfc3d-04c2-4219-9389-27ca9f2be79b
etag: W/"d22-2+LuWezVhw9bEtE7Kzbx5nsMXo8"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
f.h12-media.com/?init=1&rnd=0.16765382123557282
188.114.96.1200 OK 305 B URL HTTP/2 f.h12-media.com/?init=1&rnd=0.16765382123557282
IP 188.114.96.1:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f43f9a8bcabfc628bf966f14bccc2be5
dca27e2ea9ec1be2d3e44b97e64cf0e2a5072a44
6b2f686fead1dcc6811bc662cd9a71a4dc3e02e17066dda75425f932999d0b6e
GET /?init=1&rnd=0.16765382123557282 HTTP/1.1
Host: f.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:35:59 GMT
content-type: application/json; Charset=UTF-8
cache-control: max-age=3600,private
vary: Accept-Encoding
access-control-allow-origin: *
x-powered-by: ASP.NET, ARR/3.0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXFzSwVRUE6OvYEOl%2BDmrMno6tbBJoXwXlulFDFAWNo7P%2FKTnctMZT8mEyZ%2BAFBsmO3a%2BO41BieOyOWNw5SYBsmdsNmwDEAZH642JJZ1ToXSlpFxWqyVVRM%2FaN1yaS4CjN0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ffc592ece0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.itskiddien.club/apu.php?zoneid=5290228
139.45.197.236200 OK 140 kB URL HTTP/2 cdn.itskiddien.club/apu.php?zoneid=5290228
IP 139.45.197.236:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 140 kB (139971 bytes)
Hash d3d4aa81130bf504697fda5fd5669f74
d74b83aceeec57d1617d0212abe239b47bcbdbea
ff0caf86e86a4e6f66b047c58e3709c75fa144d733bfa7e6077c379f45f7d0ca
GET /apu.php?zoneid=5290228 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:35:59 GMT
content-type: application/javascript
x-trace-id: 1055efbcf535e14e170de23863fd9f58
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=5dcdc0ef204f46bea9cbf9600ca7fa46; expires=Sat, 02 Dec 2023 00:35:59 GMT; path=/; secure; SameSite=None
oaidts=1669941359; expires=Sat, 02 Dec 2023 00:35:59 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
fp.metricswpsh.com/fp?tag_id=20140
157.90.84.242204 No Content 0 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=20140
IP 157.90.84.242:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=20140 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Fri, 02 Dec 2022 00:35:59 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.dramacool9.co
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9caeefc49be26de4b50c14df1aace81f
ef836496e49f843f0e4c2dc991c314aad13f0f2e
83203278dadec9319a72ccb142c413696d8bd09a25f1b6c8d1edef20405e90f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83203278DADEC9319A72CCB142C413696D8BD09A25F1B6C8D1EDEF20405E90F0"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11245
Expires: Fri, 02 Dec 2022 03:43:24 GMT
Date: Fri, 02 Dec 2022 00:35:59 GMT
Connection: keep-alive
notification.tubecup.net/tags?tag_id=20140&timezone_olson=UTC&version_name=a
168.119.25.64200 OK 6.9 kB URL HTTP/2 notification.tubecup.net/tags?tag_id=20140&timezone_olson=UTC&version_name=a
IP 168.119.25.64:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with very long lines (6852), with no line terminators
Hash ca6cfb253bfb5c17f2bf1b0c8f807e06
cc7cc3086029273c7c1906cff83214e57e2ca79b
1f034ecbf88b785feddcbc592787572e7ea1b383c8ca3b26b338acdde544aa6b
GET /tags?tag_id=20140&timezone_olson=UTC&version_name=a HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 02 Dec 2022 00:35:59 GMT
content-type: application/json
content-length: 6852
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d67b82fd176a5e5d8e1743fbf8c48171
e33065dcc94da79f01bd54451d70be2733e14f65
5c0c2d29914170bd250f517e0705474679fcab7ec48710490c9672d630e7c1be
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6411
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:35:59 GMT
Last-Modified: Thu, 01 Dec 2022 22:49:08 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 8e45cce02ff4e9031f4e32a307ec2e90
b9a6e524217442844a844b36b4ca75e2e7507c8c
5fcae2aa4b0e064d179a4b8b553979d45ed49ecdaa94282a899e712b86a1426b
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:35:59 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=74727c1ee4f347b18d0f6fd1cd8bf93c; expires=Sat, 02 Dec 2023 00:35:59 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 638c970d5d48ad931f97ce3f1043863c
a8ffd94ec75999137b26851ccbd027ee005a851c
4326f029ffddd31764863f22fd8baa8d84f4b04babeb11c157f6e64d044450d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 439
Cache-Control: max-age=137668
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:35:59 GMT
Etag: "6388bd7d-116"
Expires: Sat, 03 Dec 2022 14:50:27 GMT
Last-Modified: Thu, 01 Dec 2022 14:43:09 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
fp.metricswpsh.com/fp?tag_id=20140
157.90.84.242200 OK 28 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=20140
IP 157.90.84.242:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text
Hash e3af49472d683a217237a6ebaf79bcb7
378db4d7e6171a2676ee15c80b4475d7f5ec9742
7714898d715fb8b1ce7a1de73e0e7c9f6394acc8a08cf1a3b342a7829d4de84a
POST /fp?tag_id=20140 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22287
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 02 Dec 2022 00:35:59 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.dramacool9.co
Set-Cookie: id=11310820867438315233; Expires=Sat, 02 Dec 2023 00:35:59 GMT; Secure; SameSite=None
Vary: Origin
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash e7f182bc423c8e0b694072f316dfbf3c
cea3572598e1b5c8c5249cabf5ea99e56dc7e02d
02b4ac24bfa51f27fc2e507fb5d923751a9f6566eb98f3b8255a7d05f42d85c5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 00:35:59 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 12:52:22 GMT
Expires: Thu, 08 Dec 2022 12:52:21 GMT
Etag: "cea3572598e1b5c8c5249cabf5ea99e56dc7e02d"
Cache-Control: max-age=561981,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772ffc59e809b4f9-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 802d503df43173829f9560ea12ed3a43
e7f6a924a8019e67b41a01f3f2d611a7daab1212
64c6207aa52e3e458e4647c7cd2567961e1a7f3ff877dff542e242f9c7ec53d2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 729
Cache-Control: max-age=92954
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:35:59 GMT
Etag: "63880db0-1d7"
Expires: Sat, 03 Dec 2022 02:25:13 GMT
Last-Modified: Thu, 01 Dec 2022 02:13:04 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c0776af9d2ec5a96c4ea4954a2f7d27
59dcf8597359ad2749abff82f1dcf8bdf33c32f1
3f173a5b7d52a98eb9adad7835b24a268ec55827ac20cc3ef96a2b3f2bc8fe0b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 645
Cache-Control: max-age=93249
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:35:59 GMT
Etag: "63880f2b-1d7"
Expires: Sat, 03 Dec 2022 02:30:08 GMT
Last-Modified: Thu, 01 Dec 2022 02:19:23 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ea195f2ba94234dbc8901541d17a12c5
4a4002d69d134960b7dad44c5a1ab4549ca57159
660c5e09ee37a4926166d2f81be838c5bf23582790bca3f9b8fbb3b51ebb8262
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "660C5E09EE37A4926166D2F81BE838C5BF23582790BCA3F9B8FBB3B51EBB8262"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3877
Expires: Fri, 02 Dec 2022 01:40:36 GMT
Date: Fri, 02 Dec 2022 00:35:59 GMT
Connection: keep-alive
tags.h12-media.com/v3/tags.js?payload=%7B%22mtoken%22%3A%2291.90.42.154%22%2C%22adtype%22%3A%22sticky%22%2C%22adformat%22%3A%22stickybottom%22%2C%22pubid%22%3A%22f21629f80d751907d93079a5076d4249%22%2C%22adunitid%22%3A%2227138%22%2C%22topurl%22%3A%22https%3A%2F%2Fwww.dramacool9.co%2F%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%22fsvby6cbsn%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A5%2C%22hourofday%22%3A0%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22LTR%22%2C%22cdims%22%3A%5B1268%2C939%5D%2C%22ddims%22%3A%5B1268%2C3196%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B149%2C3187%5D%2C%22pwidth%22%3A%5B100%2C970%2C1268%5D%2C%22pheight%22%3A%5Bnull%2C0%2C3196%5D%2C%22maxwidth%22%3A1268%2C%22maxheight%22%3A939%7D&rnd=0.8007612170551879
154.51.131.137200 OK 25 kB URL HTTP/2 tags.h12-media.com/v3/tags.js?payload=%7B%22mtoken%22%3A%2291.90.42.154%22%2C%22adtype%22%3A%22sticky%22%2C%22adformat%22%3A%22stickybottom%22%2C%22pubid%22%3A%22f21629f80d751907d93079a5076d4249%22%2C%22adunitid%22%3A%2227138%22%2C%22topurl%22%3A%22https%3A%2F%2Fwww.dramacool9.co%2F%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%22fsvby6cbsn%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A5%2C%22hourofday%22%3A0%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22LTR%22%2C%22cdims%22%3A%5B1268%2C939%5D%2C%22ddims%22%3A%5B1268%2C3196%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B149%2C3187%5D%2C%22pwidth%22%3A%5B100%2C970%2C1268%5D%2C%22pheight%22%3A%5Bnull%2C0%2C3196%5D%2C%22maxwidth%22%3A1268%2C%22maxheight%22%3A939%7D&rnd=0.8007612170551879
IP 154.51.131.137:0
File type ISO-8859 text, with very long lines (10181), with CRLF line terminators
Hash fe5d133f83697a3b390df50cf89e068e
6821f80e2002772aefd95e5152caa14ec2fab34c
67f595cf0873a2e6f083a11b2b04bb52ea92822758f435943ffb13da944da6ae
GET /v3/tags.js?payload=%7B%22mtoken%22%3A%2291.90.42.154%22%2C%22adtype%22%3A%22sticky%22%2C%22adformat%22%3A%22stickybottom%22%2C%22pubid%22%3A%22f21629f80d751907d93079a5076d4249%22%2C%22adunitid%22%3A%2227138%22%2C%22topurl%22%3A%22https%3A%2F%2Fwww.dramacool9.co%2F%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%22fsvby6cbsn%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A5%2C%22hourofday%22%3A0%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22LTR%22%2C%22cdims%22%3A%5B1268%2C939%5D%2C%22ddims%22%3A%5B1268%2C3196%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B149%2C3187%5D%2C%22pwidth%22%3A%5B100%2C970%2C1268%5D%2C%22pheight%22%3A%5Bnull%2C0%2C3196%5D%2C%22maxwidth%22%3A1268%2C%22maxheight%22%3A939%7D&rnd=0.8007612170551879 HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-store,no-cache,max-age=0,private
content-type: application/x-javascript; Charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
set-cookie: 7thMile=db1ea844%2Db3c0%2D467c%2D9637%2De3d348998e63; Max-Age=5000000; Domain=.h12-media.com; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-origin:
srg-x: x-.138
x-powered-by: ARR/3.0
date: Fri, 02 Dec 2022 00:35:59 GMT
content-length: 25102
X-Firefox-Spdy: h2
b1h-euc1.zemanta.com/api/bidder/prebid/bid/
213.227.153.220204 No Content 0 B URL HTTP/1.1 b1h-euc1.zemanta.com/api/bidder/prebid/bid/
IP 213.227.153.220:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/bidder/prebid/bid/ HTTP/1.1
Host: b1h-euc1.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 483
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.dramacool9.co
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 867
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
cache-control: max-age=0, private, must-revalidate
date: Fri, 02 Dec 2022 00:35:59 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.90200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.90:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 31dfa797c8c0333e660a23e9a372cf70
59693d7c78582857ea5fe1e332917d1d91317402
4180470ff347b6387a4592077314c12c94bd7ff835a0fd0e0d74f01177727f5d
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 618
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 00:35:59 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.dramacool9.co
AN-X-Request-Uuid: a4f899d2-2b87-454d-af07-7983fd74e307
Set-Cookie: icu=ChkI8aWIARAKGAEgASgBMO-QpZwGOAFAAUgBEO-QpZwGGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 00:35:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=5621019129390598734; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 00:35:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
api.purpleads.io/x/b/?idx=0&pid=eaa2a942d81344e6b14436884d7be463&sizes=[[300,250],[200,200],[250,250],[300,100]]&slotid=7aee423e-bceb-4c0e-9b66-94d009570cac&ts=1669941357483
52.204.242.76200 OK 12 B URL HTTP/2 api.purpleads.io/x/b/?idx=0&pid=eaa2a942d81344e6b14436884d7be463&sizes=[[300,250],[200,200],[250,250],[300,100]]&slotid=7aee423e-bceb-4c0e-9b66-94d009570cac&ts=1669941357483
IP 52.204.242.76:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
OPTIONS /x/b/?idx=0&pid=eaa2a942d81344e6b14436884d7be463&sizes=[[300,250],[200,200],[250,250],[300,100]]&slotid=7aee423e-bceb-4c0e-9b66-94d009570cac&ts=1669941357483 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:35:59 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: cda71a12-94e2-4724-a782-dd596a23ce19
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 411
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 02 Dec 2022 00:35:59 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 01 Dec 2022 22:41:08 GMT
expires: Fri, 02 Dec 2022 00:41:08 GMT
cache-control: public, max-age=7200
age: 6891
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:35:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 183182094f401e75e0a1d58325d28f89
106a3c25d075e12b9aa270e09926078dbd545f06
207c4be3da498b9f45b8035da0aab3fd7c57e54178760c8024d9d50675cc4424
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=132014
Date: Fri, 02 Dec 2022 00:35:59 GMT
Etag: "6388a5a2-1d7"
Expires: Sat, 03 Dec 2022 13:16:13 GMT
Last-Modified: Thu, 01 Dec 2022 13:01:22 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JhmqBWkFa8ASZsQk_0RZKvJ0I9eeKpC_BsvyffJhIY_PKMedV0YAAA==
Age: 891
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 4ad57facebf9d41210530e2b3f75a5eb
1734c05cbea5088089655223c45f08424a3775cb
99ce452e5881b749fe8e64ae6de49cec1f76395ad3b223d10c5f73d8555f5e51
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 00:35:59 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 06:34:09 GMT
Expires: Tue, 06 Dec 2022 06:34:08 GMT
Etag: "1734c05cbea5088089655223c45f08424a3775cb"
Cache-Control: max-age=366488,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772ffc5b98fdb4f9-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7662
Expires: Fri, 02 Dec 2022 02:43:42 GMT
Date: Fri, 02 Dec 2022 00:36:00 GMT
Connection: keep-alive
imasdk.googleapis.com/js/sdkloader/ima3.js
216.58.207.234200 OK 127 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP 216.58.207.234:0
File type ASCII text, with very long lines (2791)
Size 127 kB (126620 bytes)
Hash f641dae66d812e803cbfc91d689e2ea8
96372a7ba661528d13bc774536d04ab3e03b82d6
e78b718ac77697fbb92e88ac394141adc4e016830eb04d53279238cbcd65435b
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 126620
date: Fri, 02 Dec 2022 00:35:59 GMT
expires: Fri, 02 Dec 2022 00:35:59 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.statcounter.com/counter/counter.js
104.20.218.77200 OK 14 kB URL HTTP/2 www.statcounter.com/counter/counter.js
IP 104.20.218.77:0
File type ASCII text, with very long lines (43632), with no line terminators
Hash bc905e80540ed707a6306d3ed4fe5062
ddfc0cf6c86a82894a39241c5a344d157359fd4e
182a664781ffa59e7818a9beddc4359d89f94897edc39e51c6bf264f395116db
GET /counter/counter.js HTTP/1.1
Host: www.statcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:00 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 01 Dec 2022 18:49:39 GMT
etag: W/"6388f743-aa70"
expires: Fri, 02 Dec 2022 10:49:03 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 6417
server: cloudflare
cf-ray: 772ffc5bff7fb4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:49:56 GMT
age: 9964
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d147ccb10bda82b153a596c3c967cd6a
ffd0763f997e71a8c1458523fc17cafe8849dfdf
1cfeb90a4ba027195f903d938d4a0aac418a1c2f0b52215ec023263f15905971
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7591
x-amzn-requestid: e179862e-f840-4e50-a9dc-09f325479b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgMFRZIAMFl7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e01-676a1571459f2d83488f2765;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oB5K_ZCWWwCltMx8FQSjDdXRMzSTSyRLSYSLAooQXuCrUxadLUiWkA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:51 GMT
age: 10029
etag: "ffd0763f997e71a8c1458523fc17cafe8849dfdf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 376
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 02 Dec 2022 00:36:00 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe82fdd03-be1f-4def-adb8-61eefd79def6.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe82fdd03-be1f-4def-adb8-61eefd79def6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e65083422468e512aa73eb68f20b2ec
73884daab5e71e4917637b3679c0bb5a1f0447de
f0d97bb9e3f01bbdbe91ba1f9b6ea0f649c66192383c51fe5c7ca9ac2a38ebdb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe82fdd03-be1f-4def-adb8-61eefd79def6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9719
x-amzn-requestid: 39981ecd-af22-47a9-842d-40b6b263d715
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZxtjH1CIAMF5zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386fcbc-425aa655559d8a705ad5cd1a;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 06:48:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UF15YGVchuTAGgY-zWYpQbenOUNf4y1CF9TFY0RL0TBxKhb7i2j1eQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 03:43:46 GMT
etag: "73884daab5e71e4917637b3679c0bb5a1f0447de"
content-type: image/jpeg
age: 75134
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.90200 OK 144 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.90:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 61336011def7a69b5e89ab5f7043110a
7adca923e721783976744e440386ca2c9f6eb657
ebeb82410f581e36032ff0848011b37281eaab5878dc3617017e130fa4b184ac
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 562
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 00:36:00 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.dramacool9.co
AN-X-Request-Uuid: a8c3aac6-1281-455e-a8a4-3716ebde66f2
Set-Cookie: icu=ChkI8aWIARAKGAEgASgBMPCQpZwGOAFAAUgBEPCQpZwGGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 00:36:00 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=8025523448306633496; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 00:36:00 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
b1h-euc1.zemanta.com/api/bidder/prebid/bid/
213.227.153.220204 No Content 0 B URL HTTP/1.1 b1h-euc1.zemanta.com/api/bidder/prebid/bid/
IP 213.227.153.220:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/bidder/prebid/bid/ HTTP/1.1
Host: b1h-euc1.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 447
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.dramacool9.co
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 826
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
cache-control: max-age=0, private, must-revalidate
date: Fri, 02 Dec 2022 00:35:59 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:20:09 GMT
age: 62151
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fwww.dramacool9.co%2F&tmax=3000
3.64.191.9200 OK 4.6 kB URL HTTP/2 tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fwww.dramacool9.co%2F&tmax=3000
IP 3.64.191.9:0
File type JSON data\012- HTML document, ASCII text, with very long lines (9405), with no line terminators
Hash 551bae63ed159c06536a733fb40bc6a0
fe90f0b48d9e90eb99fc7557b2275f032a2b3c83
7eaecc6ec90b62d787660c2f04c83ab37fd3279a8cc8b3955eb427df0f28ebe3
POST /header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fwww.dramacool9.co%2F&tmax=3000 HTTP/1.1
Host: tlx.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 382
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:00 GMT
content-type: application/json; charset=utf-8
content-length: 4550
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
pragma: no-cache
x-xss-protection: 0
accept-ch: sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25c68d8b1fae82820f93efca500fd848
45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48
f0ec6b6f6ba0a931c9b71f5bc7ad1e5b89c8e4d8b7441f35eeebfba418d0e588
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6882
x-amzn-requestid: 6b5f15a5-c15b-46bf-9fd5-5d013d37a0eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGfrG3WIAMFc9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891dfd-6038ca700dfb4489230c2683;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2O6x-8-ESFDtlhcjVyGxEXCZcLbbfhsCVQeX02lbNMupPWmM-fKuLA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:54 GMT
age: 10866
etag: "45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
script.4dex.io/adagio.js
104.26.8.169304 Not Modified 0 B IP 104.26.8.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 22 Nov 2022 09:44:15 GMT
If-None-Match: W/"c56b6332dacf72f135afcd153ae22448"
TE: trailers
HTTP/2 304 Not Modified
date: Fri, 02 Dec 2022 00:36:00 GMT
x-amz-id-2: 6PeMiMauwVpaIa7ZXWsIZE4fYPuBp4wCgfDclWCkL8EsnXeWlayXOVWt7Enwf8ldl7u/ig+6zXQ=
x-amz-request-id: JCYNYTZYG1ZDMXWB
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 22 Nov 2022 09:44:15 GMT
etag: "c56b6332dacf72f135afcd153ae22448"
cache-control: public, max-age=1800
cf-cache-status: HIT
age: 830816
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KtlTjDYcfurwb9NyzyZLbU%2FknmG2iG%2Bqeks7erKF0lTzX10DftpzD4A%2FnUiiBRsLCF%2BO%2B0RIgJSjtp6cU9aFvqXaunEgMUpGjtNXTKA5o2mG4zI%2BgA4lumiQAlJdDAz4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ffc5c9c76b506-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c80b8025242ddfcc816ec612456b99e
aa944d10fe4a44b790b01ef62edc0f85a6d558e3
a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11402
x-amzn-requestid: 20c2c359-1e43-40c0-885d-1c90e76ea12b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGzJHu-IAMFbYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e7a-1d89722e767daa014b174a39;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OJBnbjJB_kvPuJcePGnno3zI0CTWAzV-Osb2L1hPZZhlNYhFHWmLsA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:51:33 GMT
age: 9867
etag: "aa944d10fe4a44b790b01ef62edc0f85a6d558e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mp.4dex.io/prebid
104.18.3.114200 OK 601 B IP 104.18.3.114:0
Hash 4ec033ac11611258ad7d42d109504c95
5ab6699c08f08d087067e18e824d67e6c9f19336
efdd2d9c6676ab485cfb326b252764293b4fdcc21c1f1a905d9a87b0917a367c
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1722
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:00 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 772ffc5c58fa1c16-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 1ce8e8b43423a0935c6fa6896b606c8d
13c0688dff0c4260fb05c20b04befba5388ab0f2
0713e2716c721f7c7916a4c8ede812818605bbdb94afa403ee12a1913fcf7f98
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 02 Dec 2022 00:36:00 GMT
Last-Modified: Fri, 02 Dec 2022 00:17:38 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mpP73Li4VngPYDYziZf9ke2zIYjmZnhO6dmP23m8YFvD-geP_V2Frg==
Age: 1102
tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fwww.dramacool9.co%2F&tmax=3000
3.64.191.9200 OK 4.6 kB URL HTTP/2 tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fwww.dramacool9.co%2F&tmax=3000
IP 3.64.191.9:0
File type JSON data\012- HTML document, ASCII text, with very long lines (9433), with no line terminators
Hash bcbc40f224bb9f11b1b20d3e05d8ea1a
aa012fe99bc3c6b2fd3fc0ac8ec20c319dce85bd
4d8606599badf365e029ff9ca9ac49541c611c8642acad2269295c81f8727c65
POST /header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fwww.dramacool9.co%2F&tmax=3000 HTTP/1.1
Host: tlx.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 346
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:00 GMT
content-type: application/json; charset=utf-8
content-length: 4572
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
pragma: no-cache
x-xss-protection: 0
accept-ch: sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
hb.minutemedia-prebid.com/hb-mm-multi
54.208.231.147200 OK 105 B URL HTTP/2 hb.minutemedia-prebid.com/hb-mm-multi
IP 54.208.231.147:0
File type JSON data\012- , ASCII text
Hash a9857db2804a44039d67c109fbf5ea81
7c87cd32dd3539cd8fb5b2e6e87245132522ad83
0291a31ffa3aef636a436a2b83e1e128c45bc5e3f9acddc52c37b8e26bd48d64
POST /hb-mm-multi HTTP/1.1
Host: hb.minutemedia-prebid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 865
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:00 GMT
content-type: application/json
content-length: 105
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.dramacool9.co
x-reason: gdpr is not applied
X-Firefox-Spdy: h2
hb.minutemedia-prebid.com/hb-mm-multi
54.208.231.147200 OK 105 B URL HTTP/2 hb.minutemedia-prebid.com/hb-mm-multi
IP 54.208.231.147:0
File type JSON data\012- , ASCII text
Hash 25ddb02d32fb8667d4480e4693fc2b20
4c0ff96ea3daa23d5f99c525c69b31945097e39a
04acbbd8bc93c32dffb70a3d0229113bca657fbc9341c5169f2ad14250999802
POST /hb-mm-multi HTTP/1.1
Host: hb.minutemedia-prebid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 885
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:00 GMT
content-type: application/json
content-length: 105
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.dramacool9.co
x-reason: gdpr is not applied
X-Firefox-Spdy: h2
cdn.uponelectabuzzor.club/9?z=5305455&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.dramacool9.co%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&oaid=74727c1ee4f347b18d0f6fd1cd8bf93c
139.45.197.239204 No Content 0 B URL HTTP/2 cdn.uponelectabuzzor.club/9?z=5305455&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.dramacool9.co%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&oaid=74727c1ee4f347b18d0f6fd1cd8bf93c
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /9?z=5305455&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.dramacool9.co%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&oaid=74727c1ee4f347b18d0f6fd1cd8bf93c HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 02 Dec 2022 00:36:00 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1c49a7a3f35dfae2d3ccbbc916569325
9560c9efd01480de45935d14b9fe1885fb71fe84
a53cf8d7075b922dcb00aa22c2ea86ee9b939bb766662059d5a405f5ff6a49a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A53CF8D7075B922DCB00AA22C2EA86EE9B939BB766662059D5A405F5FF6A49A9"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6088
Expires: Fri, 02 Dec 2022 02:17:28 GMT
Date: Fri, 02 Dec 2022 00:36:00 GMT
Connection: keep-alive
c.statcounter.com/t.php?sc_project=11857087&u1=B668BC9837754F34F568E70930DCC678&java=1&security=513b4a2c&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//www.dramacool9.co/&t=Dramacool%3A%20Asian%20Drama%2C%20Movies%20and%20KShow%20English%20Sub%20in%20HD%20(2022)&invisible=1&sc_rum_e_s=2693&sc_rum_e_e=2697&sc_rum_f_s=0&sc_rum_f_e=2631&get_config=true
104.20.218.77200 OK 157 B URL HTTP/2 c.statcounter.com/t.php?sc_project=11857087&u1=B668BC9837754F34F568E70930DCC678&java=1&security=513b4a2c&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//www.dramacool9.co/&t=Dramacool%3A%20Asian%20Drama%2C%20Movies%20and%20KShow%20English%20Sub%20in%20HD%20(2022)&invisible=1&sc_rum_e_s=2693&sc_rum_e_e=2697&sc_rum_f_s=0&sc_rum_f_e=2631&get_config=true
IP 104.20.218.77:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e771dad829036df3caf71c95d8f00ff6
769a01ee8f676ba330b273cca4f216108cb979b2
29ee3dd36bff93b45db341e00714b62ed6ae6219c398023c50c10216dd8100d7
GET /t.php?sc_project=11857087&u1=B668BC9837754F34F568E70930DCC678&java=1&security=513b4a2c&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//www.dramacool9.co/&t=Dramacool%3A%20Asian%20Drama%2C%20Movies%20and%20KShow%20English%20Sub%20in%20HD%20(2022)&invisible=1&sc_rum_e_s=2693&sc_rum_e_e=2697&sc_rum_f_s=0&sc_rum_f_e=2631&get_config=true HTTP/1.1
Host: c.statcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:00 GMT
content-type: application/json
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
expires: Mon, 26 Jul 1997 05:00:00 GMT
set-cookie: is_unique=sc11857087.1669941360.0; SameSite=None; Secure; Expires=Wednesday, 01-Dec-2027 08:36:00 CST; Path=/; Domain=.statcounter.com
is_visitor_unique=1669941360389004778; SameSite=None; Secure; Expires=Sunday, 01-Dec-2024 08:36:00 CST; Path=/; Domain=.statcounter.com
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 772ffc5caff2b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash aa434368e2f4378127ff86ea9fba2b1b
28dcc7871640b1103d49965a6df7e8d34ff77e9f
9219b3f3bade5b969822bded87e808423b152210cea6cb3da9bcb84daba1ce46
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9219B3F3BADE5B969822BDED87E808423B152210CEA6CB3DA9BCB84DABA1CE46"
Last-Modified: Thu, 01 Dec 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10910
Expires: Fri, 02 Dec 2022 03:37:50 GMT
Date: Fri, 02 Dec 2022 00:36:00 GMT
Connection: keep-alive
goomaphy.com/500/5287605?excludes=&oaid=74727c1ee4f347b18d0f6fd1cd8bf93c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.dramacool9.co%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 goomaphy.com/500/5287605?excludes=&oaid=74727c1ee4f347b18d0f6fd1cd8bf93c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.dramacool9.co%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5287605?excludes=&oaid=74727c1ee4f347b18d0f6fd1cd8bf93c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.dramacool9.co%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:36:00 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
bc5b242f88.86521e18d4.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI4NzAwNTI1OTE2NTE0NDcyMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTcuMyIsInRhZ19pZCI6MjAxNDAsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MS4zOCwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjpudWxsLCJ1c2VyX2tleXdvcmRzIjoiRHJhbWFjb29sJTJDQXNpYW4lMkNEcmFtYSUyQ01vdmllcyUyQ2FuZCUyQ0tTaG93JTJDRW5nbGlzaCUyQ1N1YiUyQ2luJTJDSEQlMkMoMjAyMiklMkNXYXRjaCUyQ2FuZCUyQ2Rvd25sb2FkJTJDS29yZWFuJTJDZHJhbWElMkNtb3ZpZXMlMkNLc2hvdyUyQ2FuZCUyQ290aGVyJTJDQXNpYW4lMkNkcmFtYXMlMkN3aXRoJTJDZW5nbGlzaCUyQ3N1YnRpdGxlcyUyQ29ubGluZSUyQ2ZyZWUlMkNEcmFtYWNvb2wlMkNmb3IlMkNldmVyeW9uZSElMjAifQ==
45.133.44.24200 OK 0 B URL HTTP/2 bc5b242f88.86521e18d4.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI4NzAwNTI1OTE2NTE0NDcyMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTcuMyIsInRhZ19pZCI6MjAxNDAsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MS4zOCwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjpudWxsLCJ1c2VyX2tleXdvcmRzIjoiRHJhbWFjb29sJTJDQXNpYW4lMkNEcmFtYSUyQ01vdmllcyUyQ2FuZCUyQ0tTaG93JTJDRW5nbGlzaCUyQ1N1YiUyQ2luJTJDSEQlMkMoMjAyMiklMkNXYXRjaCUyQ2FuZCUyQ2Rvd25sb2FkJTJDS29yZWFuJTJDZHJhbWElMkNtb3ZpZXMlMkNLc2hvdyUyQ2FuZCUyQ290aGVyJTJDQXNpYW4lMkNkcmFtYXMlMkN3aXRoJTJDZW5nbGlzaCUyQ3N1YnRpdGxlcyUyQ29ubGluZSUyQ2ZyZWUlMkNEcmFtYWNvb2wlMkNmb3IlMkNldmVyeW9uZSElMjAifQ==
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI4NzAwNTI1OTE2NTE0NDcyMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTcuMyIsInRhZ19pZCI6MjAxNDAsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MS4zOCwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjpudWxsLCJ1c2VyX2tleXdvcmRzIjoiRHJhbWFjb29sJTJDQXNpYW4lMkNEcmFtYSUyQ01vdmllcyUyQ2FuZCUyQ0tTaG93JTJDRW5nbGlzaCUyQ1N1YiUyQ2luJTJDSEQlMkMoMjAyMiklMkNXYXRjaCUyQ2FuZCUyQ2Rvd25sb2FkJTJDS29yZWFuJTJDZHJhbWElMkNtb3ZpZXMlMkNLc2hvdyUyQ2FuZCUyQ290aGVyJTJDQXNpYW4lMkNkcmFtYXMlMkN3aXRoJTJDZW5nbGlzaCUyQ3N1YnRpdGxlcyUyQ29ubGluZSUyQ2ZyZWUlMkNEcmFtYWNvb2wlMkNmb3IlMkNldmVyeW9uZSElMjAifQ== HTTP/1.1
Host: bc5b242f88.86521e18d4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:00 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1504
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
cache-control: max-age=0, private, must-revalidate
date: Fri, 02 Dec 2022 00:35:59 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
js.cabnnr.com/banner-admanager/build.m.js
45.133.44.24200 OK 21 kB URL HTTP/2 js.cabnnr.com/banner-admanager/build.m.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (56349), with no line terminators
Hash 0c96cc2396f1a0a20e9c45b969271eba
85e94bdba55ef12cce39d0e2536e232cbc51d738
068b55f8e12ee403b2421504731a70a282b5dfa6fc7a2a871e1e129383f4da9c
GET /banner-admanager/build.m.js HTTP/1.1
Host: js.cabnnr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:00 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 30 Nov 2022 14:18:35 GMT
etag: W/"6387663b-d063"
content-encoding: gzip
expires: Fri, 02 Dec 2022 00:41:00 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
goomaphy.com/500/5287605?excludes=&oaid=74727c1ee4f347b18d0f6fd1cd8bf93c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.dramacool9.co%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 1.6 kB URL HTTP/2 goomaphy.com/500/5287605?excludes=&oaid=74727c1ee4f347b18d0f6fd1cd8bf93c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.dramacool9.co%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash af374fbd15f21381e8d0912cc5a46b09
cc557fff18d36c8c4ece531f2a968506bf6b61ce
035f16ef8f28fff4225ac3055a325aad43badd067ef95759b69d90af4c9bba43
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5287605?excludes=&oaid=74727c1ee4f347b18d0f6fd1cd8bf93c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.dramacool9.co%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Cookie: OAID=5e25debda381461eb0b878302a0cb2ee
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:36:00 GMT
content-type: application/javascript
x-trace-id: 30d5738a2f0b3438e5732d57b955a067
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://www.dramacool9.co
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=74727c1ee4f347b18d0f6fd1cd8bf93c; expires=Sat, 02 Dec 2023 00:36:00 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 2d32250acb87fcde65ccaf9be20d6e6e
897d188617fb1c743fe8398202307b31e52f72a5
d503ce28e00cb28993f547a72c519f7cea3bd25e3447b98f3b81ab000ebffad5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 857
Cache-Control: max-age=125102
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:36:00 GMT
Etag: "63888ac5-138"
Expires: Sat, 03 Dec 2022 11:21:02 GMT
Last-Modified: Thu, 01 Dec 2022 11:06:45 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 312
tlx.3lift.com/header/notify?px=1&pr=0.008&ts=1669941360&aid=29696546391787901467520&ec=2711_67911_11235855&n=GpAFaHR0cDovL3J0Yi5mci5ldS5jcml0ZW8uY29tL3RyaXBsZWxpZnRvcnRiYmFubmVyL2F1Y3Rpb24vbm90aWZ5P3Byb2ZpbGU9Mjc4JmltcD04U0t2YUNXX0p3MHVPUGM1b0Q3Nld6eDZKSUsxX0ViUXJfSEJpYVU2XzFaS2tzaWhLaGt3dDJuSVlDa3Z6ZldLOXRTeWVKb09vZUlfUV8wZHY3WWlHa3RvVWR0TXBRTzYwd2czZTFyN2FWOWNGZEFoQmhocEc3S2E3Q05oU2hPdDZQc3c0eUFfN2kzOXZjRGVBcFZ2aXdLV0stSEE5ZW5hUFN0RUJaNFdObzhhUFJfdVg2TTFfbDY1Z3NTdWc0OXptbWJqWFFxSzNjdXA0dFBJUVFNajZ2eHlwRU5rel9yNUtHdXk5SjY3X1gtamxPUzBWaXAyMEZ4UkVGOFBQcW1vY0Z5NFE4MDBYb2FGdkVybGl4MXpMRXBJOHRMMW9VSzljQWZuNGtkanYwcnNWblZSbzZ3aVlGYV81bXZvSEVJbVRSSzl0MXFvdDN5cTV2N1lyZ204cW9uNTlId0cteEFhVVpVUm1JUjg2OHR4bkhCV25qc2p5LVBSN0lnRjNyaklXZEluNHY3ZFRpOUJVVF9mTXpVcjRrU0w5LVpfengyQWswSEtoVFljTzRjWXVkSDN6MUg3WVo0d21uLURjWWVvMmpqc204dEIxd05HclladjdOMWtYR3YxemZ4T3BPRkVENGdJRzhLX2lRQmp4b3JFMlk1bGJsd3ExS1FGYkxGSWQ3a252VFZZZ0I4SlM3VHlIemM3WklWaUZpSk9Qa0hQTnVFSnlQQkVKcjhfSDFxZ3c3YjFJdHdaRkstcFV1T2zyAr4BCAASFzI5Njk2NTQ2MzkxNzg3OTAxNDY3NTIwGAAgASiXFTDHkgRAAUgAUAFgCmgAcKqJHZABAJgBAKgBALgBBcABCMgBCvABAPgBCoACCJECAAAAAAAA8D%2BZAsP1KFyPwsU%2FqAIAsAIAyAIE2AIA8QJmZmZmZmbmP%2FgC%2FziAA6ABiAPYBJADAJgDAKADALgDhsUCyAMA0gMIMTEyMzU4NTXgA4O7gSnpAwAAAAAAAAAA8AMK%2BQMAAAAAAAAAAPgCDIgDAJIDBDAxM2KYAwCgA%2B7BEagDAA%3D%3D
3.64.191.9200 OK 37 B URL HTTP/2 tlx.3lift.com/header/notify?px=1&pr=0.008&ts=1669941360&aid=29696546391787901467520&ec=2711_67911_11235855&n=GpAFaHR0cDovL3J0Yi5mci5ldS5jcml0ZW8uY29tL3RyaXBsZWxpZnRvcnRiYmFubmVyL2F1Y3Rpb24vbm90aWZ5P3Byb2ZpbGU9Mjc4JmltcD04U0t2YUNXX0p3MHVPUGM1b0Q3Nld6eDZKSUsxX0ViUXJfSEJpYVU2XzFaS2tzaWhLaGt3dDJuSVlDa3Z6ZldLOXRTeWVKb09vZUlfUV8wZHY3WWlHa3RvVWR0TXBRTzYwd2czZTFyN2FWOWNGZEFoQmhocEc3S2E3Q05oU2hPdDZQc3c0eUFfN2kzOXZjRGVBcFZ2aXdLV0stSEE5ZW5hUFN0RUJaNFdObzhhUFJfdVg2TTFfbDY1Z3NTdWc0OXptbWJqWFFxSzNjdXA0dFBJUVFNajZ2eHlwRU5rel9yNUtHdXk5SjY3X1gtamxPUzBWaXAyMEZ4UkVGOFBQcW1vY0Z5NFE4MDBYb2FGdkVybGl4MXpMRXBJOHRMMW9VSzljQWZuNGtkanYwcnNWblZSbzZ3aVlGYV81bXZvSEVJbVRSSzl0MXFvdDN5cTV2N1lyZ204cW9uNTlId0cteEFhVVpVUm1JUjg2OHR4bkhCV25qc2p5LVBSN0lnRjNyaklXZEluNHY3ZFRpOUJVVF9mTXpVcjRrU0w5LVpfengyQWswSEtoVFljTzRjWXVkSDN6MUg3WVo0d21uLURjWWVvMmpqc204dEIxd05HclladjdOMWtYR3YxemZ4T3BPRkVENGdJRzhLX2lRQmp4b3JFMlk1bGJsd3ExS1FGYkxGSWQ3a252VFZZZ0I4SlM3VHlIemM3WklWaUZpSk9Qa0hQTnVFSnlQQkVKcjhfSDFxZ3c3YjFJdHdaRkstcFV1T2zyAr4BCAASFzI5Njk2NTQ2MzkxNzg3OTAxNDY3NTIwGAAgASiXFTDHkgRAAUgAUAFgCmgAcKqJHZABAJgBAKgBALgBBcABCMgBCvABAPgBCoACCJECAAAAAAAA8D%2BZAsP1KFyPwsU%2FqAIAsAIAyAIE2AIA8QJmZmZmZmbmP%2FgC%2FziAA6ABiAPYBJADAJgDAKADALgDhsUCyAMA0gMIMTEyMzU4NTXgA4O7gSnpAwAAAAAAAAAA8AMK%2BQMAAAAAAAAAAPgCDIgDAJIDBDAxM2KYAwCgA%2B7BEagDAA%3D%3D
IP 3.64.191.9:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /header/notify?px=1&pr=0.008&ts=1669941360&aid=29696546391787901467520&ec=2711_67911_11235855&n=GpAFaHR0cDovL3J0Yi5mci5ldS5jcml0ZW8uY29tL3RyaXBsZWxpZnRvcnRiYmFubmVyL2F1Y3Rpb24vbm90aWZ5P3Byb2ZpbGU9Mjc4JmltcD04U0t2YUNXX0p3MHVPUGM1b0Q3Nld6eDZKSUsxX0ViUXJfSEJpYVU2XzFaS2tzaWhLaGt3dDJuSVlDa3Z6ZldLOXRTeWVKb09vZUlfUV8wZHY3WWlHa3RvVWR0TXBRTzYwd2czZTFyN2FWOWNGZEFoQmhocEc3S2E3Q05oU2hPdDZQc3c0eUFfN2kzOXZjRGVBcFZ2aXdLV0stSEE5ZW5hUFN0RUJaNFdObzhhUFJfdVg2TTFfbDY1Z3NTdWc0OXptbWJqWFFxSzNjdXA0dFBJUVFNajZ2eHlwRU5rel9yNUtHdXk5SjY3X1gtamxPUzBWaXAyMEZ4UkVGOFBQcW1vY0Z5NFE4MDBYb2FGdkVybGl4MXpMRXBJOHRMMW9VSzljQWZuNGtkanYwcnNWblZSbzZ3aVlGYV81bXZvSEVJbVRSSzl0MXFvdDN5cTV2N1lyZ204cW9uNTlId0cteEFhVVpVUm1JUjg2OHR4bkhCV25qc2p5LVBSN0lnRjNyaklXZEluNHY3ZFRpOUJVVF9mTXpVcjRrU0w5LVpfengyQWswSEtoVFljTzRjWXVkSDN6MUg3WVo0d21uLURjWWVvMmpqc204dEIxd05HclladjdOMWtYR3YxemZ4T3BPRkVENGdJRzhLX2lRQmp4b3JFMlk1bGJsd3ExS1FGYkxGSWQ3a252VFZZZ0I4SlM3VHlIemM3WklWaUZpSk9Qa0hQTnVFSnlQQkVKcjhfSDFxZ3c3YjFJdHdaRkstcFV1T2zyAr4BCAASFzI5Njk2NTQ2MzkxNzg3OTAxNDY3NTIwGAAgASiXFTDHkgRAAUgAUAFgCmgAcKqJHZABAJgBAKgBALgBBcABCMgBCvABAPgBCoACCJECAAAAAAAA8D%2BZAsP1KFyPwsU%2FqAIAsAIAyAIE2AIA8QJmZmZmZmbmP%2FgC%2FziAA6ABiAPYBJADAJgDAKADALgDhsUCyAMA0gMIMTEyMzU4NTXgA4O7gSnpAwAAAAAAAAAA8AMK%2BQMAAAAAAAAAAPgCDIgDAJIDBDAxM2KYAwCgA%2B7BEagDAA%3D%3D HTTP/1.1
Host: tlx.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:00 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
104.26.8.169200 OK 740 B URL HTTP/2 script.4dex.io/localstore.js
IP 104.26.8.169:0
File type ASCII text, with very long lines (482)
Hash f1c154a79cb1a6dac2cd038e1f17f735
25c24246ef854bcf54e28a79e7aba4bc0b41c4c0
285e651c5670d2417075c4073d53e2ccbd723b6a854d936336ba80ff2edc3f93
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:35:59 GMT
content-type: application/javascript
cache-control: public, max-age=1800
etag: W/"922cffdd75f7192f75231d92684885aa"
last-modified: Wed, 23 Nov 2022 15:43:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 720288
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLxcS7D14qH%2FlG1rKVhgrveU37UVl4OWsXnSgYkxdZj9lCkMljfsoHcAWGwuyEqw%2BIhEpwTWC%2FhRF8934uKmiL8OBfLFz9Mb7kHMwLhWUinMWC4MU2dCMb5jbuQw%2BmgQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ffc5abb50b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
tlx.3lift.com/header/notify?px=1&pr=0.008&ts=1669941360&aid=29486629499941717353780&ec=2711_67911_11235855&n=GoYFaHR0cDovL3J0Yi5mci5ldS5jcml0ZW8uY29tL3RyaXBsZWxpZnRvcnRiYmFubmVyL2F1Y3Rpb24vbm90aWZ5P3Byb2ZpbGU9Mjc4JmltcD1Pb1dlM2FJbnFtbHBfdTBoX0NuZnlDdkZNa3lBWnFUOHo1d1B1eHdnQ3VzWGhmdFV3WWxxbkVLYU9EdnhxWHVXclJQWDZiYjNycVZ0RDFsZXhFUUk5eHJNUjFQVmZOMEROdHdRX1V3azdJcFhkMmNzRzdVQ0dBTzhIb2xDcDRQbmJDSm15ei16SC1PQks3OGM5T3lMMUVpUHlGa0VVdzM0RjhkMnVBQ1hXeEJiTWFWNUlRaV9yZHMyTW40dS1LVnlpLThNaEl6dG5reXNaek5zeHc2SXRhX05LRjZvbGliX2RPT0gtV0V2SkFTSTBDWEJ6bjQ3YWlBTDZ5OXVUQXJWdVhZYmdBUUdfbGVkT2xoUmwtWGRjWDFwWXZUMU5md1hTT0kyWE1VRkUtX0Y1dkotcjhDNGlMb2NuNmdJVDJKLW9zbkxlY3N4TmZUWjZBM0I5bFoxMjFOV3E5RTlGcGVfRUlUS3FqZ193WHVOSVRiV242NVY3amx6OWFoUVpaVTJiUWNpN3pkVFFyaWJlTkdjRFl3Vnp4ZG91ZlVIcmNvcXIydXlHZ1FPaDB3Q2U2NjFWSWFnTWR3NWw0YUtYTWg0cmtBNjZac1FXSkpuaE1ia21sNURyaENSVGNyUm4za2FqeU1lSWRBZkpsejVrNWpmeDNqYTEtYXVIWVh2Uy1TN29ZczJPTHkyYkc1aWdPV2stbXhrQ09zam4wTGRTaFE5V2JqVW5iMGYxdjBxMXFlLVB3VUlOd%2FICvgEIABIXMjk0ODY2Mjk0OTk5NDE3MTczNTM3ODAYACABKJcVMMeSBEABSABQAWAKaABwqokdkAEAmAEAqAEAuAEFwAEIyAEK8AEA%2BAEKgAIIkQIAAAAAAADwP5kCw%2FUoXI%2FCxT%2BoAgCwAgDIAgTYAgDxAmZmZmZmZuY%2F%2BAL%2FOIADrAKIA%2FoBkAMAmAMAoAMAuAOGxQLIAwDSAwgxMTIzNTg1NeADg7uBKekDAAAAAAAAAADwAwr5AwAAAAAAAAAA%2BAIMiAMAkgMEMDEzYpgDAKAD7sERqAMA
3.64.191.9200 OK 37 B URL HTTP/2 tlx.3lift.com/header/notify?px=1&pr=0.008&ts=1669941360&aid=29486629499941717353780&ec=2711_67911_11235855&n=GoYFaHR0cDovL3J0Yi5mci5ldS5jcml0ZW8uY29tL3RyaXBsZWxpZnRvcnRiYmFubmVyL2F1Y3Rpb24vbm90aWZ5P3Byb2ZpbGU9Mjc4JmltcD1Pb1dlM2FJbnFtbHBfdTBoX0NuZnlDdkZNa3lBWnFUOHo1d1B1eHdnQ3VzWGhmdFV3WWxxbkVLYU9EdnhxWHVXclJQWDZiYjNycVZ0RDFsZXhFUUk5eHJNUjFQVmZOMEROdHdRX1V3azdJcFhkMmNzRzdVQ0dBTzhIb2xDcDRQbmJDSm15ei16SC1PQks3OGM5T3lMMUVpUHlGa0VVdzM0RjhkMnVBQ1hXeEJiTWFWNUlRaV9yZHMyTW40dS1LVnlpLThNaEl6dG5reXNaek5zeHc2SXRhX05LRjZvbGliX2RPT0gtV0V2SkFTSTBDWEJ6bjQ3YWlBTDZ5OXVUQXJWdVhZYmdBUUdfbGVkT2xoUmwtWGRjWDFwWXZUMU5md1hTT0kyWE1VRkUtX0Y1dkotcjhDNGlMb2NuNmdJVDJKLW9zbkxlY3N4TmZUWjZBM0I5bFoxMjFOV3E5RTlGcGVfRUlUS3FqZ193WHVOSVRiV242NVY3amx6OWFoUVpaVTJiUWNpN3pkVFFyaWJlTkdjRFl3Vnp4ZG91ZlVIcmNvcXIydXlHZ1FPaDB3Q2U2NjFWSWFnTWR3NWw0YUtYTWg0cmtBNjZac1FXSkpuaE1ia21sNURyaENSVGNyUm4za2FqeU1lSWRBZkpsejVrNWpmeDNqYTEtYXVIWVh2Uy1TN29ZczJPTHkyYkc1aWdPV2stbXhrQ09zam4wTGRTaFE5V2JqVW5iMGYxdjBxMXFlLVB3VUlOd%2FICvgEIABIXMjk0ODY2Mjk0OTk5NDE3MTczNTM3ODAYACABKJcVMMeSBEABSABQAWAKaABwqokdkAEAmAEAqAEAuAEFwAEIyAEK8AEA%2BAEKgAIIkQIAAAAAAADwP5kCw%2FUoXI%2FCxT%2BoAgCwAgDIAgTYAgDxAmZmZmZmZuY%2F%2BAL%2FOIADrAKIA%2FoBkAMAmAMAoAMAuAOGxQLIAwDSAwgxMTIzNTg1NeADg7uBKekDAAAAAAAAAADwAwr5AwAAAAAAAAAA%2BAIMiAMAkgMEMDEzYpgDAKAD7sERqAMA
IP 3.64.191.9:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /header/notify?px=1&pr=0.008&ts=1669941360&aid=29486629499941717353780&ec=2711_67911_11235855&n=GoYFaHR0cDovL3J0Yi5mci5ldS5jcml0ZW8uY29tL3RyaXBsZWxpZnRvcnRiYmFubmVyL2F1Y3Rpb24vbm90aWZ5P3Byb2ZpbGU9Mjc4JmltcD1Pb1dlM2FJbnFtbHBfdTBoX0NuZnlDdkZNa3lBWnFUOHo1d1B1eHdnQ3VzWGhmdFV3WWxxbkVLYU9EdnhxWHVXclJQWDZiYjNycVZ0RDFsZXhFUUk5eHJNUjFQVmZOMEROdHdRX1V3azdJcFhkMmNzRzdVQ0dBTzhIb2xDcDRQbmJDSm15ei16SC1PQks3OGM5T3lMMUVpUHlGa0VVdzM0RjhkMnVBQ1hXeEJiTWFWNUlRaV9yZHMyTW40dS1LVnlpLThNaEl6dG5reXNaek5zeHc2SXRhX05LRjZvbGliX2RPT0gtV0V2SkFTSTBDWEJ6bjQ3YWlBTDZ5OXVUQXJWdVhZYmdBUUdfbGVkT2xoUmwtWGRjWDFwWXZUMU5md1hTT0kyWE1VRkUtX0Y1dkotcjhDNGlMb2NuNmdJVDJKLW9zbkxlY3N4TmZUWjZBM0I5bFoxMjFOV3E5RTlGcGVfRUlUS3FqZ193WHVOSVRiV242NVY3amx6OWFoUVpaVTJiUWNpN3pkVFFyaWJlTkdjRFl3Vnp4ZG91ZlVIcmNvcXIydXlHZ1FPaDB3Q2U2NjFWSWFnTWR3NWw0YUtYTWg0cmtBNjZac1FXSkpuaE1ia21sNURyaENSVGNyUm4za2FqeU1lSWRBZkpsejVrNWpmeDNqYTEtYXVIWVh2Uy1TN29ZczJPTHkyYkc1aWdPV2stbXhrQ09zam4wTGRTaFE5V2JqVW5iMGYxdjBxMXFlLVB3VUlOd%2FICvgEIABIXMjk0ODY2Mjk0OTk5NDE3MTczNTM3ODAYACABKJcVMMeSBEABSABQAWAKaABwqokdkAEAmAEAqAEAuAEFwAEIyAEK8AEA%2BAEKgAIIkQIAAAAAAADwP5kCw%2FUoXI%2FCxT%2BoAgCwAgDIAgTYAgDxAmZmZmZmZuY%2F%2BAL%2FOIADrAKIA%2FoBkAMAmAMAoAMAuAOGxQLIAwDSAwgxMTIzNTg1NeADg7uBKekDAAAAAAAAAADwAwr5AwAAAAAAAAAA%2BAIMiAMAkgMEMDEzYpgDAKAD7sERqAMA HTTP/1.1
Host: tlx.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:00 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-131447009-1&cid=63095124.1669941358&jid=1246143860&gjid=544390314&_gid=2056907980.1669941358&_u=YEBAAUAAAAAAACAAI~&z=474762035
108.177.14.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-131447009-1&cid=63095124.1669941358&jid=1246143860&gjid=544390314&_gid=2056907980.1669941358&_u=YEBAAUAAAAAAACAAI~&z=474762035
IP 108.177.14.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-131447009-1&cid=63095124.1669941358&jid=1246143860&gjid=544390314&_gid=2056907980.1669941358&_u=YEBAAUAAAAAAACAAI~&z=474762035 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.dramacool9.co
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 02 Dec 2022 00:36:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.16.0&cb=5627385726&lsavail=1
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.16.0&cb=5627385726&lsavail=1
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.16.0&cb=5627385726&lsavail=1 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1296
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:00 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://www.dramacool9.co
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8c1df2dfd76ae9331759ef8f0bd9a72d
1f5460deb91335e574e06c5d9a204370abb17ea5
0a89241a76e61dbbd9d295896b87f680c2f10cc95a50965875cd3a6e206cc127
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1372
Cache-Control: max-age=89625
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:36:00 GMT
Etag: "6387fe2d-117"
Expires: Sat, 03 Dec 2022 01:29:45 GMT
Last-Modified: Thu, 01 Dec 2022 01:06:53 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
eb2.3lift.com/pe?fid=10&peid=0&aid=29696546391787901467520
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/pe?fid=10&peid=0&aid=29696546391787901467520
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /pe?fid=10&peid=0&aid=29696546391787901467520 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:00 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
offerimage.com/www/images/766f2bff7b1b0b942e9c707491f9d867.jpeg
172.67.22.216200 OK 9.0 kB URL HTTP/2 offerimage.com/www/images/766f2bff7b1b0b942e9c707491f9d867.jpeg
IP 172.67.22.216:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 766f2bff7b1b0b942e9c707491f9d867
1cf5b1cbdf1f80b2d4adc44446d6f403b7c56b8a
bb0c41433a0cc421110da9d8d448cc83321c73a64772f14aecbec11e1bfc2a26
GET /www/images/766f2bff7b1b0b942e9c707491f9d867.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:00 GMT
content-type: image/jpeg
content-length: 8995
cache-control: max-age=86400
cf-bgj: h2pri
etag: "62d22dde-2323"
expires: Fri, 02 Dec 2022 22:28:25 GMT
last-modified: Sat, 16 Jul 2022 03:17:50 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 7655
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ffc5fbae3b4ed-OSL
X-Firefox-Spdy: h2
eb2.3lift.com/pe?fid=10&peid=0&aid=29486629499941717353780
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/pe?fid=10&peid=0&aid=29486629499941717353780
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /pe?fid=10&peid=0&aid=29486629499941717353780 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:00 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 51d5484b700426c5612c309bbf14b114
026994960bfaaa4e2604b66cb795b2787fe300a2
e3e30a64f2e4fc59120c46b320d104f1b9d9a8af90106ab78715d14e49e11ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:36:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.purpleads.io/x/a/winner?ts=1669941358857
52.204.242.76204 No Content 0 B URL HTTP/2 api.purpleads.io/x/a/winner?ts=1669941358857
IP 52.204.242.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /x/a/winner?ts=1669941358857 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Content-Type: application/json
x-purpleads-version: 2.2.13
x-request-url: aHR0cHM6Ly93d3cuZHJhbWFjb29sOS5jby8=
Authorization: Bearer b2ceb012c83b9a7144bd1478208f267a:9ab0b065d3810b2fd9aeb6065b8ee85871db6fe4c4ad32f49fd0fc672f69e09f3081599e2f6e24b5210a9db2e188856bcf18a03638f2ecaa4014d5b7915c430d
Origin: https://www.dramacool9.co
Content-Length: 53
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 02 Dec 2022 00:36:00 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id: 5481e413-2db9-455a-bcee-da8cbe151364
X-Firefox-Spdy: h2
api.purpleads.io/x/a/winner?ts=1669941358867
52.204.242.76204 No Content 0 B URL HTTP/2 api.purpleads.io/x/a/winner?ts=1669941358867
IP 52.204.242.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /x/a/winner?ts=1669941358867 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Content-Type: application/json
x-purpleads-version: 2.2.13
x-request-url: aHR0cHM6Ly93d3cuZHJhbWFjb29sOS5jby8=
Authorization: Bearer b2ceb012c83b9a7144bd1478208f267a:9ab0b065d3810b2fd9aeb6065b8ee85871db6fe4c4ad32f49fd0fc672f69e09f3081599e2f6e24b5210a9db2e188856bcf18a03638f2ecaa4014d5b7915c430d
Origin: https://www.dramacool9.co
Content-Length: 53
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 02 Dec 2022 00:36:00 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id: adfc6207-3331-4b24-bd26-985a4e6e24f0
X-Firefox-Spdy: h2
api.purpleads.io/x/a/af8d8420df4f6c6ea6360d8f6977f7c5:dc5fd42eae26fc8a2363cef8f064a75acc33d4505d9c774eb3c9598c0f168429ad12660faef934571c78f598eba9c096044260f36a91498d9787d145e5abd2f017317c45a4d7fb91c2a200cc899075102a7fb01da441de871d7b16b9e5e79059f1f6600fa34414dbf439a3208e4176c3cf780b747d9f8964f13ca084bb0af4102f950c262cb39e9cb3d78deff4d6604f/i?id=33adfc3d-04c2-4219-9389-27ca9f2be79b&ts=1669941358857
52.204.242.76204 No Content 0 B URL HTTP/2 api.purpleads.io/x/a/af8d8420df4f6c6ea6360d8f6977f7c5:dc5fd42eae26fc8a2363cef8f064a75acc33d4505d9c774eb3c9598c0f168429ad12660faef934571c78f598eba9c096044260f36a91498d9787d145e5abd2f017317c45a4d7fb91c2a200cc899075102a7fb01da441de871d7b16b9e5e79059f1f6600fa34414dbf439a3208e4176c3cf780b747d9f8964f13ca084bb0af4102f950c262cb39e9cb3d78deff4d6604f/i?id=33adfc3d-04c2-4219-9389-27ca9f2be79b&ts=1669941358857
IP 52.204.242.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/a/af8d8420df4f6c6ea6360d8f6977f7c5:dc5fd42eae26fc8a2363cef8f064a75acc33d4505d9c774eb3c9598c0f168429ad12660faef934571c78f598eba9c096044260f36a91498d9787d145e5abd2f017317c45a4d7fb91c2a200cc899075102a7fb01da441de871d7b16b9e5e79059f1f6600fa34414dbf439a3208e4176c3cf780b747d9f8964f13ca084bb0af4102f950c262cb39e9cb3d78deff4d6604f/i?id=33adfc3d-04c2-4219-9389-27ca9f2be79b&ts=1669941358857 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Content-Type: application/json
x-purpleads-version: 2.2.13
x-request-url: aHR0cHM6Ly93d3cuZHJhbWFjb29sOS5jby8=
Authorization: Bearer b2ceb012c83b9a7144bd1478208f267a:9ab0b065d3810b2fd9aeb6065b8ee85871db6fe4c4ad32f49fd0fc672f69e09f3081599e2f6e24b5210a9db2e188856bcf18a03638f2ecaa4014d5b7915c430d
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 02 Dec 2022 00:36:00 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id: df4b8007-a05e-49fd-9833-854012381a42
X-Firefox-Spdy: h2
api.purpleads.io/x/a/d4f8499867f777938ed7d2839216412b:1ebfc5a5a719b058859e6b7dd5989e1b2dbb552aa445373b9b39233cd2dd5b4c5c426f7355cde281e9f820c80c2452b6a7f84823b0a498ef0183809c0a957561269d0e8f412110b238a97dc51d31ee45b70e376880fa120360a8b3b0c1723b52a741e13ea09c7d13960b32fe9e6bf9ba0ac0ed871983c8cc985ee3d77948b90c1c966e6865828903c398c1521b9312d9/i?id=a9ee833d-0fef-43c9-a680-07233d0cdc7a&ts=1669941358867
52.204.242.76204 No Content 0 B URL HTTP/2 api.purpleads.io/x/a/d4f8499867f777938ed7d2839216412b:1ebfc5a5a719b058859e6b7dd5989e1b2dbb552aa445373b9b39233cd2dd5b4c5c426f7355cde281e9f820c80c2452b6a7f84823b0a498ef0183809c0a957561269d0e8f412110b238a97dc51d31ee45b70e376880fa120360a8b3b0c1723b52a741e13ea09c7d13960b32fe9e6bf9ba0ac0ed871983c8cc985ee3d77948b90c1c966e6865828903c398c1521b9312d9/i?id=a9ee833d-0fef-43c9-a680-07233d0cdc7a&ts=1669941358867
IP 52.204.242.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/a/d4f8499867f777938ed7d2839216412b:1ebfc5a5a719b058859e6b7dd5989e1b2dbb552aa445373b9b39233cd2dd5b4c5c426f7355cde281e9f820c80c2452b6a7f84823b0a498ef0183809c0a957561269d0e8f412110b238a97dc51d31ee45b70e376880fa120360a8b3b0c1723b52a741e13ea09c7d13960b32fe9e6bf9ba0ac0ed871983c8cc985ee3d77948b90c1c966e6865828903c398c1521b9312d9/i?id=a9ee833d-0fef-43c9-a680-07233d0cdc7a&ts=1669941358867 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Content-Type: application/json
x-purpleads-version: 2.2.13
x-request-url: aHR0cHM6Ly93d3cuZHJhbWFjb29sOS5jby8=
Authorization: Bearer b2ceb012c83b9a7144bd1478208f267a:9ab0b065d3810b2fd9aeb6065b8ee85871db6fe4c4ad32f49fd0fc672f69e09f3081599e2f6e24b5210a9db2e188856bcf18a03638f2ecaa4014d5b7915c430d
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 02 Dec 2022 00:36:00 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id: 507e5fd5-d927-4990-8627-8ff205453529
X-Firefox-Spdy: h2
ib.3lift.com/rev/6be1393e0ee56f63717d253e90fe0e4363b3e6d4/dist/bundle.js
54.230.111.101200 OK 55 kB URL HTTP/2 ib.3lift.com/rev/6be1393e0ee56f63717d253e90fe0e4363b3e6d4/dist/bundle.js
IP 54.230.111.101:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 57cca71df74418801685f137aa4584fc
95ddb04b48c37f82111aa902fc363745b4ca4442
867d8528069f4bb0e042363570de3042da3990b358ac153aaf6d66e10db22985
GET /rev/6be1393e0ee56f63717d253e90fe0e4363b3e6d4/dist/bundle.js HTTP/1.1
Host: ib.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 55196
date: Tue, 08 Nov 2022 17:26:20 GMT
last-modified: Tue, 08 Nov 2022 17:25:46 GMT
etag: "57cca71df74418801685f137aa4584fc"
cache-control: max-age=31536000, immutable
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4W2t-XNFFcWmRh3TT-sAmqt6_m3rRR0V_S1iFUeKZ_EwoDSuXYtfxA==
age: 2012981
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 316 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 9b7f8131bde5bafd1aa0ecdcd48a778b
a4099d05c32c1cd25cb4667111050a9451e9fe2f
02838bc3e2a5049cab00c96498736e0b535a3947077440c477982a7d5b84fc3e
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 00:36:00 GMT
Content-Type: application/ocsp-response
Content-Length: 316
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 22:03:26 GMT
Expires: Wed, 07 Dec 2022 22:03:25 GMT
Etag: "a4099d05c32c1cd25cb4667111050a9451e9fe2f"
Cache-Control: max-age=508644,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772ffc5faa62b4f3-OSL
script.4dex.io/localstore.js
104.26.8.169304 Not Modified 0 B URL HTTP/2 script.4dex.io/localstore.js
IP 104.26.8.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 23 Nov 2022 15:43:18 GMT
If-None-Match: W/"922cffdd75f7192f75231d92684885aa"
TE: trailers
HTTP/2 304 Not Modified
date: Fri, 02 Dec 2022 00:36:00 GMT
cache-control: public, max-age=1800
etag: W/"922cffdd75f7192f75231d92684885aa"
last-modified: Wed, 23 Nov 2022 15:43:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 720289
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9d9sY96rOlXE%2F5U6dgVNVABDFnm6JbWE9aTmoY%2Fofxd96qewXEKAaGGoap7bIGWjIOuf8HqYBxHrOhu5Ck19csAaNvrUfJELZfaXSx8LQj93OBYqCIcubKDsQULz73CX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ffc611fa4b51b-OSL
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1012
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
cache-control: max-age=0, private, must-revalidate
date: Fri, 02 Dec 2022 00:36:00 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
script.4dex.io/adagio.js
104.26.8.169304 Not Modified 0 B IP 104.26.8.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 22 Nov 2022 09:44:15 GMT
If-None-Match: W/"c56b6332dacf72f135afcd153ae22448"
TE: trailers
HTTP/2 304 Not Modified
date: Fri, 02 Dec 2022 00:36:00 GMT
x-amz-id-2: 6PeMiMauwVpaIa7ZXWsIZE4fYPuBp4wCgfDclWCkL8EsnXeWlayXOVWt7Enwf8ldl7u/ig+6zXQ=
x-amz-request-id: JCYNYTZYG1ZDMXWB
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 22 Nov 2022 09:44:15 GMT
etag: "c56b6332dacf72f135afcd153ae22448"
cache-control: public, max-age=1800
cf-cache-status: HIT
age: 830816
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXn1HzmNhxLgRZHahkcEm039lQvSyFdSBEo5CWilOJSNJwtV%2Baic%2Bx6JO108uy3gSDKdA2nOHtchyAf26vQ%2BQvPJXwuV%2Bvoq%2BW8VLLoR1qGX0KboSqM1fGVKHxQI3zgC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ffc612822b506-OSL
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.90200 OK 144 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.90:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0b3d403cfe8de3539d028c1225a494b6
d6a6a0f392a44bcb5210d31bd9268f36ef493ab3
cd7e6f6fc3780c99b8f3b852c58dbc7cb15064674aeb5322f3f0e6ef3c094e51
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 529
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 00:36:00 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.dramacool9.co
AN-X-Request-Uuid: 7e2ecf34-260a-464a-81a9-5389d69eccd2
Set-Cookie: icu=ChkI8aWIARAKGAEgASgBMPCQpZwGOAFAAUgBEPCQpZwGGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 00:36:00 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=3128697249680456317; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 00:36:00 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ghb.adtelligent.com/v2/auction/
185.239.173.226200 OK 1.1 kB URL HTTP/1.1 ghb.adtelligent.com/v2/auction/
IP 185.239.173.226:0
File type JSON data\012- , ASCII text, with very long lines (3413), with no line terminators
Hash 127854672235db3f882583c44a52842a
cdfb1babdda3d3ef8255af3e306015852ae73793
405f3d871b3e4d4a8c4602a0ad1fdd9a0b05d944fb5afe08e865f630f76f1f5f
POST /v2/auction/ HTTP/1.1
Host: ghb.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 809
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Fri, 02 Dec 2022 00:36:00 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 1117
Access-Control-Allow-Origin: https://www.dramacool9.co
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Encoding: gzip
tags.h12-media.com/rtb/?pname=hb_result_v3&impdata=8wCotIxh%5FjfxEPkh54RR0dYrUlNH7DpO%2DcJH1fsfposNQHp4BSGbBTBDo5TFt7J8MnFKqFGumHFqExsmu%5FkbDz1o%2DBfrz1hKaD2BlSUAe42aR%2DfvNiZvXDU9zOYiVW%2DQrrVfgIuZOfj%2DfSQthDE2A3Jy6HAlsGDjwKjsCqm%5FqzV5HpaOP%2Ds%2DCnlwuPWmrF%5Frr42UN75XSz0eanVADAeDSboS0011W3U86%5Fp57QWcbIzULgPUTs0tRA3rCbnXcOkRz3s3JIXzGnaPlfGYn19kILGbrrjfP7bgIK07dRF0T2dVRJini7C9HySF%5FU%2D16Xpv2fcrAbNoGuilVtSgXYyaDO%5FPro79RKxJPy52DL3z23JfGMQO%2Dbbp96Nw%2DQR%5Fmf%2Dp1wL6UjwCtEcfcA3jRrwTmyLBnyosYoKV3I3W9rO2RvGVClUVkzdI07X0io1hHSsVe80&size=970x90&wp=0%2E023&bd=OBT&d=1
154.51.131.137200 OK 145 B URL HTTP/2 tags.h12-media.com/rtb/?pname=hb_result_v3&impdata=8wCotIxh%5FjfxEPkh54RR0dYrUlNH7DpO%2DcJH1fsfposNQHp4BSGbBTBDo5TFt7J8MnFKqFGumHFqExsmu%5FkbDz1o%2DBfrz1hKaD2BlSUAe42aR%2DfvNiZvXDU9zOYiVW%2DQrrVfgIuZOfj%2DfSQthDE2A3Jy6HAlsGDjwKjsCqm%5FqzV5HpaOP%2Ds%2DCnlwuPWmrF%5Frr42UN75XSz0eanVADAeDSboS0011W3U86%5Fp57QWcbIzULgPUTs0tRA3rCbnXcOkRz3s3JIXzGnaPlfGYn19kILGbrrjfP7bgIK07dRF0T2dVRJini7C9HySF%5FU%2D16Xpv2fcrAbNoGuilVtSgXYyaDO%5FPro79RKxJPy52DL3z23JfGMQO%2Dbbp96Nw%2DQR%5Fmf%2Dp1wL6UjwCtEcfcA3jRrwTmyLBnyosYoKV3I3W9rO2RvGVClUVkzdI07X0io1hHSsVe80&size=970x90&wp=0%2E023&bd=OBT&d=1
IP 154.51.131.137:0
File type ASCII text, with no line terminators
Hash 7ed96945d942f7b2b6e8e42cdb5d8652
57bc32892c212b7aef47825c70af1e504b0b697b
b77d72cd756d30cb7838af0700cf1e6854df46596bb08c3ed2b60aa49db084a5
GET /rtb/?pname=hb_result_v3&impdata=8wCotIxh%5FjfxEPkh54RR0dYrUlNH7DpO%2DcJH1fsfposNQHp4BSGbBTBDo5TFt7J8MnFKqFGumHFqExsmu%5FkbDz1o%2DBfrz1hKaD2BlSUAe42aR%2DfvNiZvXDU9zOYiVW%2DQrrVfgIuZOfj%2DfSQthDE2A3Jy6HAlsGDjwKjsCqm%5FqzV5HpaOP%2Ds%2DCnlwuPWmrF%5Frr42UN75XSz0eanVADAeDSboS0011W3U86%5Fp57QWcbIzULgPUTs0tRA3rCbnXcOkRz3s3JIXzGnaPlfGYn19kILGbrrjfP7bgIK07dRF0T2dVRJini7C9HySF%5FU%2D16Xpv2fcrAbNoGuilVtSgXYyaDO%5FPro79RKxJPy52DL3z23JfGMQO%2Dbbp96Nw%2DQR%5Fmf%2Dp1wL6UjwCtEcfcA3jRrwTmyLBnyosYoKV3I3W9rO2RvGVClUVkzdI07X0io1hHSsVe80&size=970x90&wp=0%2E023&bd=OBT&d=1 HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Cookie: 7thMile=5fd269fd%2D2604%2D4949%2D9c6f%2D2376ddddd46d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-store,no-cache,max-age=0,private
content-type: application/x-javascript; Charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
srg-x: x-.138
x-powered-by: ARR/3.0
date: Fri, 02 Dec 2022 00:36:00 GMT
content-length: 145
X-Firefox-Spdy: h2
hb.minutemedia-prebid.com/hb-mm-multi
54.208.231.147200 OK 105 B URL HTTP/2 hb.minutemedia-prebid.com/hb-mm-multi
IP 54.208.231.147:0
File type JSON data\012- , ASCII text
Hash 379a5cbcb61b7c3dade2e30684d7c615
8636a5f8d317909155f3564623f6076b0a2c8e99
e197d272729a922576ddb7101f458157f86eb4a080d7e609e389b743f84468cd
POST /hb-mm-multi HTTP/1.1
Host: hb.minutemedia-prebid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 883
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:00 GMT
content-type: application/json
content-length: 105
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.dramacool9.co
x-reason: gdpr is not applied
X-Firefox-Spdy: h2
widgets.outbrain.com/outbrain.js
2.18.173.74200 OK 76 kB URL HTTP/2 widgets.outbrain.com/outbrain.js
IP 2.18.173.74:0
File type ASCII text, with very long lines (1595)
Hash 8f606c42085e2c7e068bf1db9d4dbabd
d4a4152ffac5e77d29c612df2d8f9d47e75220d4
1e835b2d35736b92e207debae64a075d3bd5a7430017719627574249128d5a68
GET /outbrain.js HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
x-traceid: c59c1d181c69febdda577af8ceecac40
cache-control: max-age=14400
last-modified: Thu, 01 Dec 2022 07:12:37 GMT
etag: "16-ciUntsc9Pt9/C80/5SgJdhveKcE"
vary: Accept-Encoding
content-encoding: gzip
content-length: 75929
date: Fri, 02 Dec 2022 00:36:00 GMT
edge-cache-tag: widget-cheetah
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
eb2.3lift.com/sync?max=10&cb=59853
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/sync?max=10&cb=59853
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /sync?max=10&cb=59853 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:00 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash e53bb8387ca9b101ed40339e2578e229
3d1fd0f30606271d144d87f3d40020f5e69b91e7
c66ddb124d99935fff477ff1d0b03ee4bd33a916e66a374635a12330ae49d159
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 510
Cache-Control: max-age=168347
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:36:01 GMT
Etag: "6389350e-139"
Expires: Sat, 03 Dec 2022 23:21:48 GMT
Last-Modified: Thu, 01 Dec 2022 23:13:18 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
api.purpleads.io/x/a/winner?ts=1669941358857
52.204.242.76200 OK 313 B URL HTTP/2 api.purpleads.io/x/a/winner?ts=1669941358857
IP 52.204.242.76:0
Hash e53bb8387ca9b101ed40339e2578e229
3d1fd0f30606271d144d87f3d40020f5e69b91e7
c66ddb124d99935fff477ff1d0b03ee4bd33a916e66a374635a12330ae49d159
OPTIONS /x/a/winner?ts=1669941358857 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:00 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: bce4b665-059f-4206-adc0-78da37683873
X-Firefox-Spdy: h2
tags.h12-media.com/rtb/?pname=hb_result_v3&impdata=8wCotIxh%5FjfxEPkh54RR0dYrUlNH7DpO%2DcJH1fsfposNQHp4BSGbBTBDo5TFt7J8MnFKqFGumHFqExsmu%5FkbDz1o%2DBfrz1hKaD2BlSUAe42aR%2DfvNiZvXDU9zOYiVW%2DQrrVfgIuZOfj%2DfSQthDE2A3Jy6HAlsGDjwKjsCqm%5FqzV5HpaOP%2Ds%2DCnlwuPWmrF%5Frr42UN75XSz0eanVADAeDSboS0011W3U86%5Fp57QWcbIzULgPUTs0tRA3rCbnXcOkRz3s3JIXzGnaPlfGYn19kILGbrrjfP7bgIK07dRF0T2dVRJini7C9HySF%5FU%2D16Xpv2fcrAbNoGuilVtSgXYyaDO%5FPro79RKxJPy52DL3z23JfGMQO%2Dbbp96Nw%2DQR%5Fmf%2Dp1wL6UjwCtEcfcA3jRrwTmyLBnyosYoKV3I3W9rO2RvGVClUVkzdI07X0io1hHSsVe80&size=970x90&wp=0%2E023&bd=OBT&d=1
154.51.131.137200 OK 144 B URL HTTP/2 tags.h12-media.com/rtb/?pname=hb_result_v3&impdata=8wCotIxh%5FjfxEPkh54RR0dYrUlNH7DpO%2DcJH1fsfposNQHp4BSGbBTBDo5TFt7J8MnFKqFGumHFqExsmu%5FkbDz1o%2DBfrz1hKaD2BlSUAe42aR%2DfvNiZvXDU9zOYiVW%2DQrrVfgIuZOfj%2DfSQthDE2A3Jy6HAlsGDjwKjsCqm%5FqzV5HpaOP%2Ds%2DCnlwuPWmrF%5Frr42UN75XSz0eanVADAeDSboS0011W3U86%5Fp57QWcbIzULgPUTs0tRA3rCbnXcOkRz3s3JIXzGnaPlfGYn19kILGbrrjfP7bgIK07dRF0T2dVRJini7C9HySF%5FU%2D16Xpv2fcrAbNoGuilVtSgXYyaDO%5FPro79RKxJPy52DL3z23JfGMQO%2Dbbp96Nw%2DQR%5Fmf%2Dp1wL6UjwCtEcfcA3jRrwTmyLBnyosYoKV3I3W9rO2RvGVClUVkzdI07X0io1hHSsVe80&size=970x90&wp=0%2E023&bd=OBT&d=1
IP 154.51.131.137:0
File type ASCII text, with no line terminators
Hash d45013d657142c297ef663156e1ef6ff
6f849481151f70f36ed3ce025573945893db0c9d
a754969f42738801be2ef332742b3fea538bba504a263a80faabf7bb75fddb8a
GET /rtb/?pname=hb_result_v3&impdata=8wCotIxh%5FjfxEPkh54RR0dYrUlNH7DpO%2DcJH1fsfposNQHp4BSGbBTBDo5TFt7J8MnFKqFGumHFqExsmu%5FkbDz1o%2DBfrz1hKaD2BlSUAe42aR%2DfvNiZvXDU9zOYiVW%2DQrrVfgIuZOfj%2DfSQthDE2A3Jy6HAlsGDjwKjsCqm%5FqzV5HpaOP%2Ds%2DCnlwuPWmrF%5Frr42UN75XSz0eanVADAeDSboS0011W3U86%5Fp57QWcbIzULgPUTs0tRA3rCbnXcOkRz3s3JIXzGnaPlfGYn19kILGbrrjfP7bgIK07dRF0T2dVRJini7C9HySF%5FU%2D16Xpv2fcrAbNoGuilVtSgXYyaDO%5FPro79RKxJPy52DL3z23JfGMQO%2Dbbp96Nw%2DQR%5Fmf%2Dp1wL6UjwCtEcfcA3jRrwTmyLBnyosYoKV3I3W9rO2RvGVClUVkzdI07X0io1hHSsVe80&size=970x90&wp=0%2E023&bd=OBT&d=1 HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Cookie: 7thMile=5fd269fd%2D2604%2D4949%2D9c6f%2D2376ddddd46d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-store,no-cache,max-age=0,private
content-type: application/x-javascript; Charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
srg-x: x-.136
x-powered-by: ARR/3.0
date: Fri, 02 Dec 2022 00:36:00 GMT
content-length: 144
X-Firefox-Spdy: h2
ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
54.230.111.101200 OK 3.1 kB URL HTTP/2 ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
IP 54.230.111.101:0
File type PNG image data, 19 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash ddf020e069f1706b72b7698b28fede09
a069c14bec652f1d6a531b80303db51deee27eef
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
GET /static/buttons/edaa/OBA_TRANS.png HTTP/1.1
Host: ib.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3125
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 30 Nov 2022 20:06:08 GMT
cache-control: max-age=604800,s-maxage=604800,public
etag: "ddf020e069f1706b72b7698b28fede09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _otc6lHQ7dkXMMtn8Df3cEYfAoZZhWLQrOqNtvhu8vwlhqk7y4dyzw==
age: 102593
X-Firefox-Spdy: h2
ib.3lift.com/static/buttons/edaa/OBA_UK.png
54.230.111.101200 OK 3.5 kB URL HTTP/2 ib.3lift.com/static/buttons/edaa/OBA_UK.png
IP 54.230.111.101:0
File type PNG image data, 72 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 7ceab27af00fa466072a3c3360041755
c1bc3497b095a637bef430169af3b48fae3a71e2
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
GET /static/buttons/edaa/OBA_UK.png HTTP/1.1
Host: ib.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3518
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Dec 2022 06:39:56 GMT
cache-control: max-age=604800,s-maxage=604800,public
etag: "7ceab27af00fa466072a3c3360041755"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rPz9nwdqQTLSXT5mQYO-A4Jb9MzQQ30-EN1BnERtI-Rt6Rl2plBk1w==
age: 64566
X-Firefox-Spdy: h2
eb2.3lift.com/r?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29696546391787901467520&rev=6be1393&pr=un&bc=AAABhNBC9goQMu_VW22qCQeuImNtmbl4jKXIxA%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669941360&bcud=10&ss=12&caid=0&unid=0&domain=www.dramacool9.co&ref=https%253A%252F%252Fwww.dramacool9.co%252F&rr=creative&fid=10&rb=0&g=0&cb=18807
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/r?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29696546391787901467520&rev=6be1393&pr=un&bc=AAABhNBC9goQMu_VW22qCQeuImNtmbl4jKXIxA%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669941360&bcud=10&ss=12&caid=0&unid=0&domain=www.dramacool9.co&ref=https%253A%252F%252Fwww.dramacool9.co%252F&rr=creative&fid=10&rb=0&g=0&cb=18807
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /r?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29696546391787901467520&rev=6be1393&pr=un&bc=AAABhNBC9goQMu_VW22qCQeuImNtmbl4jKXIxA%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669941360&bcud=10&ss=12&caid=0&unid=0&domain=www.dramacool9.co&ref=https%253A%252F%252Fwww.dramacool9.co%252F&rr=creative&fid=10&rb=0&g=0&cb=18807 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:01 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
script.4dex.io/adagio.js
104.26.8.169200 OK 23 kB IP 104.26.8.169:0
File type ASCII text, with very long lines (65354)
Hash 518406308d7ec0e567ebc3919915485b
1d2a8eaab86fae5251d4f771db120344ef0d5097
a3ef45e597a48d69091265327c283a090a61a5950aa8bbdfd1360cf611d799d8
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:35:59 GMT
content-type: application/javascript
x-amz-id-2: 6PeMiMauwVpaIa7ZXWsIZE4fYPuBp4wCgfDclWCkL8EsnXeWlayXOVWt7Enwf8ldl7u/ig+6zXQ=
x-amz-request-id: JCYNYTZYG1ZDMXWB
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 22 Nov 2022 09:44:15 GMT
etag: W/"c56b6332dacf72f135afcd153ae22448"
cache-control: public, max-age=1800
cf-cache-status: HIT
age: 830815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAkI9ZVfq1aOWwVW5nz9KdW3HgH3%2FMGlMBS3fF%2FnReg92Y8xhLarFZkJpMcisNjQQn8rS0laMgIr5M1PwjtEI9P6Szw1xakf3D3mk8bkLj4m4TrAdOkG70uy8rOM6at2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ffc5bbc07b506-OSL
content-encoding: br
X-Firefox-Spdy: h2
eb2.3lift.com/ctar?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29696546391787901467520&rev=6be1393&cta_render_method=1&cta_render_text=&cb=91639
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/ctar?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29696546391787901467520&rev=6be1393&cta_render_method=1&cta_render_text=&cb=91639
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /ctar?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29696546391787901467520&rev=6be1393&cta_render_method=1&cta_render_text=&cb=91639 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:01 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
eb2.3lift.com/dr?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29696546391787901467520&rev=6be1393&disclosure_render_method=3&disclosure_render_text=Sponsored%20By&cb=74197
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/dr?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29696546391787901467520&rev=6be1393&disclosure_render_method=3&disclosure_render_text=Sponsored%20By&cb=74197
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /dr?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29696546391787901467520&rev=6be1393&disclosure_render_method=3&disclosure_render_text=Sponsored%20By&cb=74197 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:01 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
eb2.3lift.com/r?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29486629499941717353780&rev=6be1393&pr=un&bc=AAABhNBC9cifmvXNg_urnrt4mAwsWhTZmTpE3w%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669941360&bcud=10&ss=12&caid=0&unid=0&domain=www.dramacool9.co&ref=https%253A%252F%252Fwww.dramacool9.co%252F&rr=creative&fid=10&rb=0&g=0&cb=41451
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/r?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29486629499941717353780&rev=6be1393&pr=un&bc=AAABhNBC9cifmvXNg_urnrt4mAwsWhTZmTpE3w%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669941360&bcud=10&ss=12&caid=0&unid=0&domain=www.dramacool9.co&ref=https%253A%252F%252Fwww.dramacool9.co%252F&rr=creative&fid=10&rb=0&g=0&cb=41451
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /r?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29486629499941717353780&rev=6be1393&pr=un&bc=AAABhNBC9cifmvXNg_urnrt4mAwsWhTZmTpE3w%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669941360&bcud=10&ss=12&caid=0&unid=0&domain=www.dramacool9.co&ref=https%253A%252F%252Fwww.dramacool9.co%252F&rr=creative&fid=10&rb=0&g=0&cb=41451 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:01 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
tlx.3lift.com/header/notify?px=1&pr=0.008&ts=1669941360&aid=29696546391787901467520&ec=2711_67911_11235855&n=GpAFaHR0cDovL3J0Yi5mci5ldS5jcml0ZW8uY29tL3RyaXBsZWxpZnRvcnRiYmFubmVyL2F1Y3Rpb24vbm90aWZ5P3Byb2ZpbGU9Mjc4JmltcD04U0t2YUNXX0p3MHVPUGM1b0Q3Nld6eDZKSUsxX0ViUXJfSEJpYVU2XzFaS2tzaWhLaGt3dDJuSVlDa3Z6ZldLOXRTeWVKb09vZUlfUV8wZHY3WWlHa3RvVWR0TXBRTzYwd2czZTFyN2FWOWNGZEFoQmhocEc3S2E3Q05oU2hPdDZQc3c0eUFfN2kzOXZjRGVBcFZ2aXdLV0stSEE5ZW5hUFN0RUJaNFdObzhhUFJfdVg2TTFfbDY1Z3NTdWc0OXptbWJqWFFxSzNjdXA0dFBJUVFNajZ2eHlwRU5rel9yNUtHdXk5SjY3X1gtamxPUzBWaXAyMEZ4UkVGOFBQcW1vY0Z5NFE4MDBYb2FGdkVybGl4MXpMRXBJOHRMMW9VSzljQWZuNGtkanYwcnNWblZSbzZ3aVlGYV81bXZvSEVJbVRSSzl0MXFvdDN5cTV2N1lyZ204cW9uNTlId0cteEFhVVpVUm1JUjg2OHR4bkhCV25qc2p5LVBSN0lnRjNyaklXZEluNHY3ZFRpOUJVVF9mTXpVcjRrU0w5LVpfengyQWswSEtoVFljTzRjWXVkSDN6MUg3WVo0d21uLURjWWVvMmpqc204dEIxd05HclladjdOMWtYR3YxemZ4T3BPRkVENGdJRzhLX2lRQmp4b3JFMlk1bGJsd3ExS1FGYkxGSWQ3a252VFZZZ0I4SlM3VHlIemM3WklWaUZpSk9Qa0hQTnVFSnlQQkVKcjhfSDFxZ3c3YjFJdHdaRkstcFV1T2zyAr4BCAASFzI5Njk2NTQ2MzkxNzg3OTAxNDY3NTIwGAAgASiXFTDHkgRAAUgAUAFgCmgAcKqJHZABAJgBAKgBALgBBcABCMgBCvABAPgBCoACCJECAAAAAAAA8D%2BZAsP1KFyPwsU%2FqAIAsAIAyAIE2AIA8QJmZmZmZmbmP%2FgC%2FziAA6ABiAPYBJADAJgDAKADALgDhsUCyAMA0gMIMTEyMzU4NTXgA4O7gSnpAwAAAAAAAAAA8AMK%2BQMAAAAAAAAAAPgCDIgDAJIDBDAxM2KYAwCgA%2B7BEagDAA%3D%3D&b=1
3.64.191.9200 OK 37 B URL HTTP/2 tlx.3lift.com/header/notify?px=1&pr=0.008&ts=1669941360&aid=29696546391787901467520&ec=2711_67911_11235855&n=GpAFaHR0cDovL3J0Yi5mci5ldS5jcml0ZW8uY29tL3RyaXBsZWxpZnRvcnRiYmFubmVyL2F1Y3Rpb24vbm90aWZ5P3Byb2ZpbGU9Mjc4JmltcD04U0t2YUNXX0p3MHVPUGM1b0Q3Nld6eDZKSUsxX0ViUXJfSEJpYVU2XzFaS2tzaWhLaGt3dDJuSVlDa3Z6ZldLOXRTeWVKb09vZUlfUV8wZHY3WWlHa3RvVWR0TXBRTzYwd2czZTFyN2FWOWNGZEFoQmhocEc3S2E3Q05oU2hPdDZQc3c0eUFfN2kzOXZjRGVBcFZ2aXdLV0stSEE5ZW5hUFN0RUJaNFdObzhhUFJfdVg2TTFfbDY1Z3NTdWc0OXptbWJqWFFxSzNjdXA0dFBJUVFNajZ2eHlwRU5rel9yNUtHdXk5SjY3X1gtamxPUzBWaXAyMEZ4UkVGOFBQcW1vY0Z5NFE4MDBYb2FGdkVybGl4MXpMRXBJOHRMMW9VSzljQWZuNGtkanYwcnNWblZSbzZ3aVlGYV81bXZvSEVJbVRSSzl0MXFvdDN5cTV2N1lyZ204cW9uNTlId0cteEFhVVpVUm1JUjg2OHR4bkhCV25qc2p5LVBSN0lnRjNyaklXZEluNHY3ZFRpOUJVVF9mTXpVcjRrU0w5LVpfengyQWswSEtoVFljTzRjWXVkSDN6MUg3WVo0d21uLURjWWVvMmpqc204dEIxd05HclladjdOMWtYR3YxemZ4T3BPRkVENGdJRzhLX2lRQmp4b3JFMlk1bGJsd3ExS1FGYkxGSWQ3a252VFZZZ0I4SlM3VHlIemM3WklWaUZpSk9Qa0hQTnVFSnlQQkVKcjhfSDFxZ3c3YjFJdHdaRkstcFV1T2zyAr4BCAASFzI5Njk2NTQ2MzkxNzg3OTAxNDY3NTIwGAAgASiXFTDHkgRAAUgAUAFgCmgAcKqJHZABAJgBAKgBALgBBcABCMgBCvABAPgBCoACCJECAAAAAAAA8D%2BZAsP1KFyPwsU%2FqAIAsAIAyAIE2AIA8QJmZmZmZmbmP%2FgC%2FziAA6ABiAPYBJADAJgDAKADALgDhsUCyAMA0gMIMTEyMzU4NTXgA4O7gSnpAwAAAAAAAAAA8AMK%2BQMAAAAAAAAAAPgCDIgDAJIDBDAxM2KYAwCgA%2B7BEagDAA%3D%3D&b=1
IP 3.64.191.9:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /header/notify?px=1&pr=0.008&ts=1669941360&aid=29696546391787901467520&ec=2711_67911_11235855&n=GpAFaHR0cDovL3J0Yi5mci5ldS5jcml0ZW8uY29tL3RyaXBsZWxpZnRvcnRiYmFubmVyL2F1Y3Rpb24vbm90aWZ5P3Byb2ZpbGU9Mjc4JmltcD04U0t2YUNXX0p3MHVPUGM1b0Q3Nld6eDZKSUsxX0ViUXJfSEJpYVU2XzFaS2tzaWhLaGt3dDJuSVlDa3Z6ZldLOXRTeWVKb09vZUlfUV8wZHY3WWlHa3RvVWR0TXBRTzYwd2czZTFyN2FWOWNGZEFoQmhocEc3S2E3Q05oU2hPdDZQc3c0eUFfN2kzOXZjRGVBcFZ2aXdLV0stSEE5ZW5hUFN0RUJaNFdObzhhUFJfdVg2TTFfbDY1Z3NTdWc0OXptbWJqWFFxSzNjdXA0dFBJUVFNajZ2eHlwRU5rel9yNUtHdXk5SjY3X1gtamxPUzBWaXAyMEZ4UkVGOFBQcW1vY0Z5NFE4MDBYb2FGdkVybGl4MXpMRXBJOHRMMW9VSzljQWZuNGtkanYwcnNWblZSbzZ3aVlGYV81bXZvSEVJbVRSSzl0MXFvdDN5cTV2N1lyZ204cW9uNTlId0cteEFhVVpVUm1JUjg2OHR4bkhCV25qc2p5LVBSN0lnRjNyaklXZEluNHY3ZFRpOUJVVF9mTXpVcjRrU0w5LVpfengyQWswSEtoVFljTzRjWXVkSDN6MUg3WVo0d21uLURjWWVvMmpqc204dEIxd05HclladjdOMWtYR3YxemZ4T3BPRkVENGdJRzhLX2lRQmp4b3JFMlk1bGJsd3ExS1FGYkxGSWQ3a252VFZZZ0I4SlM3VHlIemM3WklWaUZpSk9Qa0hQTnVFSnlQQkVKcjhfSDFxZ3c3YjFJdHdaRkstcFV1T2zyAr4BCAASFzI5Njk2NTQ2MzkxNzg3OTAxNDY3NTIwGAAgASiXFTDHkgRAAUgAUAFgCmgAcKqJHZABAJgBAKgBALgBBcABCMgBCvABAPgBCoACCJECAAAAAAAA8D%2BZAsP1KFyPwsU%2FqAIAsAIAyAIE2AIA8QJmZmZmZmbmP%2FgC%2FziAA6ABiAPYBJADAJgDAKADALgDhsUCyAMA0gMIMTEyMzU4NTXgA4O7gSnpAwAAAAAAAAAA8AMK%2BQMAAAAAAAAAAPgCDIgDAJIDBDAxM2KYAwCgA%2B7BEagDAA%3D%3D&b=1 HTTP/1.1
Host: tlx.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:01 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
api.purpleads.io/x/v/?ts=1669941358879
52.204.242.76200 OK 37 B URL HTTP/2 api.purpleads.io/x/v/?ts=1669941358879
IP 52.204.242.76:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
OPTIONS /x/v/?ts=1669941358879 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:00 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: ceb4898c-d037-4748-83f6-bc2ed517d87d
X-Firefox-Spdy: h2
widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
2.18.173.74200 OK 43 B URL HTTP/2 widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
IP 2.18.173.74:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /widget/detect/px.gif?ch=1 HTTP/1.1
Host: widget-pixels.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-length: 43
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
cache-control: max-age=2592000
expires: Sun, 01 Jan 2023 00:36:01 GMT
date: Fri, 02 Dec 2022 00:36:01 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
eb2.3lift.com/ctar?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29486629499941717353780&rev=6be1393&cta_render_method=1&cta_render_text=&cb=19683
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/ctar?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29486629499941717353780&rev=6be1393&cta_render_method=1&cta_render_text=&cb=19683
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /ctar?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29486629499941717353780&rev=6be1393&cta_render_method=1&cta_render_text=&cb=19683 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:01 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
eb2.3lift.com/ev1?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29696546391787901467520&rev=6be1393&pr=0.008&bc=AAABhNBC9goQMu_VW22qCQeuImNtmbl4jKXIxA%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669941360&bcud=10&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=71920
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/ev1?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29696546391787901467520&rev=6be1393&pr=0.008&bc=AAABhNBC9goQMu_VW22qCQeuImNtmbl4jKXIxA%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669941360&bcud=10&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=71920
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /ev1?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29696546391787901467520&rev=6be1393&pr=0.008&bc=AAABhNBC9goQMu_VW22qCQeuImNtmbl4jKXIxA%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669941360&bcud=10&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=71920 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:01 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
eb2.3lift.com/aop?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29486629499941717353780&rev=6be1393&pr=un&bc=AAABhNBC9cifmvXNg_urnrt4mAwsWhTZmTpE3w%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669941360&bcud=10&ss=12&caid=0&unid=0&domain=www.dramacool9.co&ref=https%253A%252F%252Fwww.dramacool9.co%252F&rr=creative&fid=10&rb=0&g=0&cb=38453
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/aop?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29486629499941717353780&rev=6be1393&pr=un&bc=AAABhNBC9cifmvXNg_urnrt4mAwsWhTZmTpE3w%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669941360&bcud=10&ss=12&caid=0&unid=0&domain=www.dramacool9.co&ref=https%253A%252F%252Fwww.dramacool9.co%252F&rr=creative&fid=10&rb=0&g=0&cb=38453
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /aop?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29486629499941717353780&rev=6be1393&pr=un&bc=AAABhNBC9cifmvXNg_urnrt4mAwsWhTZmTpE3w%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669941360&bcud=10&ss=12&caid=0&unid=0&domain=www.dramacool9.co&ref=https%253A%252F%252Fwww.dramacool9.co%252F&rr=creative&fid=10&rb=0&g=0&cb=38453 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:01 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
eb2.3lift.com/dr?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29486629499941717353780&rev=6be1393&disclosure_render_method=3&disclosure_render_text=Sponsored%20By&cb=63418
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/dr?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29486629499941717353780&rev=6be1393&disclosure_render_method=3&disclosure_render_text=Sponsored%20By&cb=63418
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /dr?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29486629499941717353780&rev=6be1393&disclosure_render_method=3&disclosure_render_text=Sponsored%20By&cb=63418 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:01 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
platform.bidgear.com/ads.php?domainid=2175&sizeid=3&zoneid=5787
104.26.3.107200 OK 33 kB URL HTTP/2 platform.bidgear.com/ads.php?domainid=2175&sizeid=3&zoneid=5787
IP 104.26.3.107:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1380), with no line terminators
Hash ab584cc0983c85084fd0934db35260f9
8aca9425a1a6839fe466615b34b8c84f9992f44c
b1ebeef58a92da9552fc397ad01551158071579dd99c30a2fe6f763c7bc99c98
GET /ads.php?domainid=2175&sizeid=3&zoneid=5787 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:35:58 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z24LgTeBXq1dPQ1V8Yzz25R8Q06Drd4vng%2FzAAaMAF7WSycUGfa7RgOb2cwj4PWxi%2BpORUFPc%2FsVQJkVhDHd3nKDRXHjeeQ7MNx67opkfK8z029x9yA5V3qtQw%2FWzxcRd1pt7YbR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ffc53284fb51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
tcheck.outbrainimg.com/tcheck/check/d3d3LmRyYW1hY29vbDkuY28=
2.18.173.172200 OK 16 B URL HTTP/1.1 tcheck.outbrainimg.com/tcheck/check/d3d3LmRyYW1hY29vbDkuY28=
IP 2.18.173.172:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ce08a60aa308225db15c98edf4ae2447
bacf25489bad0312aa2f37fc735fa7e57b2d7306
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
GET /tcheck/check/d3d3LmRyYW1hY29vbDkuY28= HTTP/1.1
Host: tcheck.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 16
X-TraceId: f206b7fea235fb17fdf5c24c38ee556a
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Cache-Control: max-age=28445
Expires: Fri, 02 Dec 2022 08:30:06 GMT
Date: Fri, 02 Dec 2022 00:36:01 GMT
Connection: keep-alive
Access-Control-Max-Age: 43200
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
api.purpleads.io/x/v/?demand=unifiedPb&ts=1669941359356
52.204.242.76200 OK 0 B URL HTTP/2 api.purpleads.io/x/v/?demand=unifiedPb&ts=1669941359356
IP 52.204.242.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /x/v/?demand=unifiedPb&ts=1669941359356 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:01 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 63f2dd16-7b54-4eba-8ef7-680e08021374
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 71cfb0d515178ddb8f4ff5a3c4d7f95a
35dff6eed87807a50f6f2cbdca6015d8419551be
c88dfa7b36b0b6eb14aab6d3d8c06020c7d281b3bffec17303946778e99b6e52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 822
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:36:01 GMT
Last-Modified: Fri, 02 Dec 2022 00:22:19 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 71cfb0d515178ddb8f4ff5a3c4d7f95a
35dff6eed87807a50f6f2cbdca6015d8419551be
c88dfa7b36b0b6eb14aab6d3d8c06020c7d281b3bffec17303946778e99b6e52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 811
Cache-Control: max-age=163249
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:36:01 GMT
Etag: "63891ff7-139"
Expires: Sat, 03 Dec 2022 21:56:50 GMT
Last-Modified: Thu, 01 Dec 2022 21:43:19 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 71cfb0d515178ddb8f4ff5a3c4d7f95a
35dff6eed87807a50f6f2cbdca6015d8419551be
c88dfa7b36b0b6eb14aab6d3d8c06020c7d281b3bffec17303946778e99b6e52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 817
Cache-Control: max-age=163255
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:36:01 GMT
Etag: "63891ff7-139"
Expires: Sat, 03 Dec 2022 21:56:56 GMT
Last-Modified: Thu, 01 Dec 2022 21:43:19 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 62312b68850d002d64ac008aecf73dec
ef9a55ada7d8934bdb2e146b0ca8b389eca373fb
6f5da1a3fa5cdab84ab6efc3b9dd0dcf7532851bc7648c8c9a8ebc73a5e6c8d1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 358
Cache-Control: max-age=110593
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:36:01 GMT
Etag: "6388540c-13a"
Expires: Sat, 03 Dec 2022 07:19:14 GMT
Last-Modified: Thu, 01 Dec 2022 07:13:16 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 314
api.purpleads.io/x/a/winner?ts=1669941358867
52.204.242.76200 OK 293 B URL HTTP/2 api.purpleads.io/x/a/winner?ts=1669941358867
IP 52.204.242.76:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash d9f776bdc698e1bc9c6a1977218019cd
5763cfb5ac79adf0fa7f03a82bad04eea2dca243
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
OPTIONS /x/a/winner?ts=1669941358867 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:00 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 77bf4305-4b83-4607-8426-7451a44c3cde
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/close_button.svg
178.250.0.130200 OK 308 B URL HTTP/2 static.criteo.net/flash/icon/close_button.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 1bfe2e290ec4440da74a2e2c249eae2b
0b888a3f9e27d1554f2e21d51e7a1c223d00dbd4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
GET /flash/icon/close_button.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:36:01 GMT
content-type: image/svg+xml
content-length: 308
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
etag: "5e46a5e4-134"
expires: Mon, 27 Nov 2023 00:36:01 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 600a0b46f63ff46b0ab01cefb789d46b
e3c4ea4a38efdfe8637bbbdf77a21ffb6508ec7f
7a5355d9c1a3d3abfa4231c164a55570c6723383203547627fa05b094f15384e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 681
Cache-Control: max-age=126744
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:36:01 GMT
Etag: "638891e0-13a"
Expires: Sat, 03 Dec 2022 11:48:25 GMT
Last-Modified: Thu, 01 Dec 2022 11:37:04 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 600a0b46f63ff46b0ab01cefb789d46b
e3c4ea4a38efdfe8637bbbdf77a21ffb6508ec7f
7a5355d9c1a3d3abfa4231c164a55570c6723383203547627fa05b094f15384e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 700
Cache-Control: max-age=126763
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:36:01 GMT
Etag: "638891e0-13a"
Expires: Sat, 03 Dec 2022 11:48:44 GMT
Last-Modified: Thu, 01 Dec 2022 11:37:04 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 600a0b46f63ff46b0ab01cefb789d46b
e3c4ea4a38efdfe8637bbbdf77a21ffb6508ec7f
7a5355d9c1a3d3abfa4231c164a55570c6723383203547627fa05b094f15384e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 725
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:36:01 GMT
Last-Modified: Fri, 02 Dec 2022 00:23:56 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 600a0b46f63ff46b0ab01cefb789d46b
e3c4ea4a38efdfe8637bbbdf77a21ffb6508ec7f
7a5355d9c1a3d3abfa4231c164a55570c6723383203547627fa05b094f15384e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 681
Cache-Control: max-age=126744
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:36:01 GMT
Etag: "638891e0-13a"
Expires: Sat, 03 Dec 2022 11:48:25 GMT
Last-Modified: Thu, 01 Dec 2022 11:37:04 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 600a0b46f63ff46b0ab01cefb789d46b
e3c4ea4a38efdfe8637bbbdf77a21ffb6508ec7f
7a5355d9c1a3d3abfa4231c164a55570c6723383203547627fa05b094f15384e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 700
Cache-Control: max-age=126763
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:36:01 GMT
Etag: "638891e0-13a"
Expires: Sat, 03 Dec 2022 11:48:44 GMT
Last-Modified: Thu, 01 Dec 2022 11:37:04 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 314
static.criteo.net/animejs/animejs.js
178.250.0.130200 OK 14 kB URL HTTP/2 static.criteo.net/animejs/animejs.js
IP 178.250.0.130:0
Hash 66d3e1060947eadf26e1960189934f80
95de19e9ff4b8126808fa965cc1c94975ece0924
61924bffad9ec31aef3dbbbf10d9cab19cdeb94c2a3c7102504816a3321c5d74
GET /animejs/animejs.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:36:01 GMT
content-type: text/javascript
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
etag: W/"5c9a64eb-3181"
expires: Mon, 27 Nov 2023 00:36:01 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsteve-madden%2F1300x1700%2Fsmnsm11001651_cblackleather.jpg&v=3&w=400&s=P8XjtzP-SZ44oig2MFKvqUsX&b=400
178.250.2.135200 OK 4.3 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsteve-madden%2F1300x1700%2Fsmnsm11001651_cblackleather.jpg&v=3&w=400&s=P8XjtzP-SZ44oig2MFKvqUsX&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 296x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 44907eccab558702404bbaa8ad52e823
9f650ccde5ce3e11dbf07ea43d5c03717f03ad42
475ab600905be5de5fb58dfa2a239dac0818888d0c8400ca882a4e5599fae68d
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsteve-madden%2F1300x1700%2Fsmnsm11001651_cblackleather.jpg&v=3&w=400&s=P8XjtzP-SZ44oig2MFKvqUsX&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29476525
expires: Wed, 08 Nov 2023 04:31:27 GMT
date: Fri, 02 Dec 2022 00:36:00 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4314
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgulliver%2F1300x1700%2Fgul4309331_cwhite.jpg&v=3&w=400&s=7X4R_qoJZuO96Pu1cFlpKwP_&b=400
178.250.2.135200 OK 15 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgulliver%2F1300x1700%2Fgul4309331_cwhite.jpg&v=3&w=400&s=7X4R_qoJZuO96Pu1cFlpKwP_&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 332x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b31042dab44c1d9824dbe74f1444309f
4cbd285bb5cb46b697cd96a930c5a648019137d4
62299530e7d72e98303173086d609cf31d8e7fb5147cbb11fe46279d1ce4ef01
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgulliver%2F1300x1700%2Fgul4309331_cwhite.jpg&v=3&w=400&s=7X4R_qoJZuO96Pu1cFlpKwP_&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29492321
expires: Wed, 08 Nov 2023 08:54:43 GMT
date: Fri, 02 Dec 2022 00:36:01 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 14664
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgabor%2F1300x1700%2Fgab8644931_cothercolours.jpg&v=3&w=400&s=2Y5brryHsJSG6q7Z7QWKIrnO&b=400
178.250.2.135200 OK 8.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgabor%2F1300x1700%2Fgab8644931_cothercolours.jpg&v=3&w=400&s=2Y5brryHsJSG6q7Z7QWKIrnO&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x281, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 905ed0fcb99e957af2607860f6b2a3fe
3b917d256ce0fc1cede92e26c1af837eb0182932
78f7fa513bf5b1e0c1538d4698ed597f966314e3bbc4172f9927873790cdd7a8
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgabor%2F1300x1700%2Fgab8644931_cothercolours.jpg&v=3&w=400&s=2Y5brryHsJSG6q7Z7QWKIrnO&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30527042
expires: Mon, 20 Nov 2023 08:20:03 GMT
date: Fri, 02 Dec 2022 00:36:01 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8460
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftretorn%2F1300x1700%2Ftre473379_c010black_v10.jpg&v=3&w=400&s=_BfZwnSTI9PkajymIaa7OX7c&b=400
178.250.2.135200 OK 9.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftretorn%2F1300x1700%2Ftre473379_c010black_v10.jpg&v=3&w=400&s=_BfZwnSTI9PkajymIaa7OX7c&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x392, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 376dc3e36b95cda1d1898bc8f1466bdb
37c4360a8fffb621d27806a12720867acb10cae6
0dc5bcc78f09ced238f7649fa55e78222f9f4ca9ac89cd79f61f4e35be6b0ee3
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftretorn%2F1300x1700%2Ftre473379_c010black_v10.jpg&v=3&w=400&s=_BfZwnSTI9PkajymIaa7OX7c&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29306301
expires: Mon, 06 Nov 2023 05:14:23 GMT
date: Fri, 02 Dec 2022 00:36:01 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8966
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
goomaphy.com/impression/halKDaLFlQ2-xF8sbS7eyeRWbH63E3GhC_3qWCcJgbDZuV_7_FdQkm-9aP-ROpPhscxz4BvICDucQ7K4fAF7BAh42QiuV_oJTzXsaUpAu6UQmMCzdpI4MCAcpLRQS2JvgZteUD-Lr_5OQ88yxyWwpK8HbsRYjuv77MWrnOWe3Aj6SuvZtsg1vNwJZFqeJPnYcuBm-TM-JVGE5Dq3VItZwzhliFumqcCatMjwjFYvFvsi6LeQI5Q2GHvvCzhSqOVq_DeGqjpdrj49Lasd4GtXIdoGoqVAtjLwqN33QMGRLHWqQM_UyuUkLT27fUz_4WhSATW2etAL8Z1b13pAw-ZoaR8MafrI8auQ0iSUk0nI9Zl5Nr-vvAkfcwCtHmkJw7AtvNpOua0yji1MlMUfsSz-yczFx9atfubGBNoU96kIiEEPyiZGliFrZt2pOPYDlou-WzYXFP9dCzNtR8WNjvB0D1YW_xlutT-n4cMxNdTZYI-68tInJKW6U-Lac4baZ1S5A5LOigIGDcKRUDGYOE_2Kehw9zul6acRHqwA_PMa8vfq-2AIu0Yphw6tLQfo2wvNRJ38SgxNb3LZJ273tQwCYp_6z51bddWDDQ_Yng==?_z=5287605&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&pl=https%3A%2F%2Fwww.dramacool9.co%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 43 B URL HTTP/2 goomaphy.com/impression/halKDaLFlQ2-xF8sbS7eyeRWbH63E3GhC_3qWCcJgbDZuV_7_FdQkm-9aP-ROpPhscxz4BvICDucQ7K4fAF7BAh42QiuV_oJTzXsaUpAu6UQmMCzdpI4MCAcpLRQS2JvgZteUD-Lr_5OQ88yxyWwpK8HbsRYjuv77MWrnOWe3Aj6SuvZtsg1vNwJZFqeJPnYcuBm-TM-JVGE5Dq3VItZwzhliFumqcCatMjwjFYvFvsi6LeQI5Q2GHvvCzhSqOVq_DeGqjpdrj49Lasd4GtXIdoGoqVAtjLwqN33QMGRLHWqQM_UyuUkLT27fUz_4WhSATW2etAL8Z1b13pAw-ZoaR8MafrI8auQ0iSUk0nI9Zl5Nr-vvAkfcwCtHmkJw7AtvNpOua0yji1MlMUfsSz-yczFx9atfubGBNoU96kIiEEPyiZGliFrZt2pOPYDlou-WzYXFP9dCzNtR8WNjvB0D1YW_xlutT-n4cMxNdTZYI-68tInJKW6U-Lac4baZ1S5A5LOigIGDcKRUDGYOE_2Kehw9zul6acRHqwA_PMa8vfq-2AIu0Yphw6tLQfo2wvNRJ38SgxNb3LZJ273tQwCYp_6z51bddWDDQ_Yng==?_z=5287605&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&pl=https%3A%2F%2Fwww.dramacool9.co%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/halKDaLFlQ2-xF8sbS7eyeRWbH63E3GhC_3qWCcJgbDZuV_7_FdQkm-9aP-ROpPhscxz4BvICDucQ7K4fAF7BAh42QiuV_oJTzXsaUpAu6UQmMCzdpI4MCAcpLRQS2JvgZteUD-Lr_5OQ88yxyWwpK8HbsRYjuv77MWrnOWe3Aj6SuvZtsg1vNwJZFqeJPnYcuBm-TM-JVGE5Dq3VItZwzhliFumqcCatMjwjFYvFvsi6LeQI5Q2GHvvCzhSqOVq_DeGqjpdrj49Lasd4GtXIdoGoqVAtjLwqN33QMGRLHWqQM_UyuUkLT27fUz_4WhSATW2etAL8Z1b13pAw-ZoaR8MafrI8auQ0iSUk0nI9Zl5Nr-vvAkfcwCtHmkJw7AtvNpOua0yji1MlMUfsSz-yczFx9atfubGBNoU96kIiEEPyiZGliFrZt2pOPYDlou-WzYXFP9dCzNtR8WNjvB0D1YW_xlutT-n4cMxNdTZYI-68tInJKW6U-Lac4baZ1S5A5LOigIGDcKRUDGYOE_2Kehw9zul6acRHqwA_PMa8vfq-2AIu0Yphw6tLQfo2wvNRJ38SgxNb3LZJ273tQwCYp_6z51bddWDDQ_Yng==?_z=5287605&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&pl=https%3A%2F%2Fwww.dramacool9.co%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Cookie: OAID=74727c1ee4f347b18d0f6fd1cd8bf93c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:36:01 GMT
content-type: image/gif
content-length: 43
x-trace-id: 66a0bda21f4ff160e2c2bc6edf83dcaa
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbilli-bi%2F1300x1700%2Fbbia4767_c373872641.jpg&v=3&w=400&s=yp_1Ma-QIlanHlswuyIWrSt9&b=400
178.250.2.135200 OK 14 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbilli-bi%2F1300x1700%2Fbbia4767_c373872641.jpg&v=3&w=400&s=yp_1Ma-QIlanHlswuyIWrSt9&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 348x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7e5fc66ea5843486cce7e3dadb0bfd66
bdf3be3b1072ed6f9fb3746be4ff15bcea6f7b97
24a615a0e17fb9d0123a48ef4a08a0877b0c4565ca547160e6a45ed0df882729
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbilli-bi%2F1300x1700%2Fbbia4767_c373872641.jpg&v=3&w=400&s=yp_1Ma-QIlanHlswuyIWrSt9&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29962207
expires: Mon, 13 Nov 2023 19:26:08 GMT
date: Fri, 02 Dec 2022 00:36:00 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 14228
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgabor%2F1300x1700%2Fgab9562027_cblack.jpg&v=3&w=400&s=drFwT1FHKjbm2uNWaFd6UuJi&b=400
178.250.2.135200 OK 4.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgabor%2F1300x1700%2Fgab9562027_cblack.jpg&v=3&w=400&s=drFwT1FHKjbm2uNWaFd6UuJi&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 314x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 50c6ca01a4b8766120acefef431057c8
bfb7d34dceedaab1efe78cee185b8800bf2caf6e
dfb3b89a9d8bf0c7c198e9bf2a6378e2a37a7aa5916c96a1e89b9dacb28e9aa1
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgabor%2F1300x1700%2Fgab9562027_cblack.jpg&v=3&w=400&s=drFwT1FHKjbm2uNWaFd6UuJi&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29397517
expires: Tue, 07 Nov 2023 06:34:39 GMT
date: Fri, 02 Dec 2022 00:36:00 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4472
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F6b2cbc591def47e4ac7422e5a028f464_800x1200_no.png&v=3&w=1200&s=N61iHYqAK5W6DTHZxRSAYnmO
178.250.2.135200 OK 84 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F6b2cbc591def47e4ac7422e5a028f464_800x1200_no.png&v=3&w=1200&s=N61iHYqAK5W6DTHZxRSAYnmO
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash babac81dc2e4da2b8343e7d76bbbb357
c89b8eaf661b9220a82f950997eaaa899dd69ea2
5ba6a375ea3c3582d4aa716da8602fb2551bc8b2dcbfc1b8f5913f49f9466e70
GET /img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F6b2cbc591def47e4ac7422e5a028f464_800x1200_no.png&v=3&w=1200&s=N61iHYqAK5W6DTHZxRSAYnmO HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31048123
expires: Sun, 26 Nov 2023 09:04:44 GMT
date: Fri, 02 Dec 2022 00:36:01 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 84090
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=76&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=596&s=DLwx-mknMWEboNKRNcTgceP-
178.250.2.135200 OK 2.1 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=76&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=596&s=DLwx-mknMWEboNKRNcTgceP-
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 202x76, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7f58fb2e416c7ff2cec3c25d249d424d
ab8b97c07381c9c0b71bb1f71b83c359df3eaee3
3ddf75832e537b8ad21b428faa9a979bc4675460ebe3b125e9057b15938a0183
GET /img/img?h=76&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=596&s=DLwx-mknMWEboNKRNcTgceP- HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31048123
expires: Sun, 26 Nov 2023 09:04:44 GMT
date: Fri, 02 Dec 2022 00:36:00 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 2088
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fjohaug%2F1300x1700%2Fjoh220435_cevebl_vevebl.jpg&v=3&w=400&s=iGOznZJBFpHjmGUrIhrXIO7K&b=400
178.250.2.135200 OK 3.8 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fjohaug%2F1300x1700%2Fjoh220435_cevebl_vevebl.jpg&v=3&w=400&s=iGOznZJBFpHjmGUrIhrXIO7K&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 243x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 310b0c238f7a09cf1fb7a2f71a81ea63
7767a0179d50fd29cf8508d118d97932e041921d
8d0e44e71ef7fcdd40b6382598490e9d6ee5aeb42dacd5e100f445ba5fc2cdc5
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fjohaug%2F1300x1700%2Fjoh220435_cevebl_vevebl.jpg&v=3&w=400&s=iGOznZJBFpHjmGUrIhrXIO7K&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31387742
expires: Thu, 30 Nov 2023 07:25:03 GMT
date: Fri, 02 Dec 2022 00:36:01 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 3820
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fecco%2F1300x1700%2Fec207083_cblack_v01001.jpg&v=3&w=400&s=245CQ9W0kIX6F-sXz9FpInoa&b=400
178.250.2.135200 OK 10 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fecco%2F1300x1700%2Fec207083_cblack_v01001.jpg&v=3&w=400&s=245CQ9W0kIX6F-sXz9FpInoa&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x336, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a038be7d3e6d4838b4a63bd8daa28a1e
81f01b450467dfc5a96a6077358e42787edcb977
d9e7a945587d1dc06c2ed3c5734385cc6bf6d8e8de37b21da2530a03c2a76128
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fecco%2F1300x1700%2Fec207083_cblack_v01001.jpg&v=3&w=400&s=245CQ9W0kIX6F-sXz9FpInoa&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29571202
expires: Thu, 09 Nov 2023 06:49:24 GMT
date: Fri, 02 Dec 2022 00:36:01 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10502
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fnicce%2F1300x1700%2Fcce1269w003_cblack_v0001.jpg&v=3&w=400&s=46BTaCmRZLvkfNutxQ2H548u&b=400
178.250.2.135200 OK 9.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fnicce%2F1300x1700%2Fcce1269w003_cblack_v0001.jpg&v=3&w=400&s=46BTaCmRZLvkfNutxQ2H548u&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 308x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0ab534c59e25276c9e2dc904bf18d283
2bc6bb80b165d9ea94552d4bae95d389cf5af5bf
98e99cc1e3d0ea4d9254db8b95e5a9369d65a3defa56f1166a2925c0849debda
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fnicce%2F1300x1700%2Fcce1269w003_cblack_v0001.jpg&v=3&w=400&s=46BTaCmRZLvkfNutxQ2H548u&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30263191
expires: Fri, 17 Nov 2023 07:02:33 GMT
date: Fri, 02 Dec 2022 00:36:01 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9852
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=108&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=316&s=TwSLFoHqVu_-AJaxU_Ozpn5I
178.250.2.135200 OK 2.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=108&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=316&s=TwSLFoHqVu_-AJaxU_Ozpn5I
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 287x108, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fa1111eafc5a519a57dab90bf652195c
b2b462a1efe5a836d1cefe472c3bc52089e81ba3
0030c72467d93e856298b7ae6e14826618bef94ab24aee1f7aa127b33164201c
GET /img/img?h=108&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=316&s=TwSLFoHqVu_-AJaxU_Ozpn5I HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31048122
expires: Sun, 26 Nov 2023 09:04:44 GMT
date: Fri, 02 Dec 2022 00:36:01 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 2948
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftimberland%2F1300x1700%2Ftimtb0a41rp0151_cjetblack.jpg&v=3&w=400&s=DQLwqDFnIJV31Wnm6bDHkj8A&b=400
178.250.2.135200 OK 13 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftimberland%2F1300x1700%2Ftimtb0a41rp0151_cjetblack.jpg&v=3&w=400&s=DQLwqDFnIJV31Wnm6bDHkj8A&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x239, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dc80d129932761e635379c19d356d291
812144f80091a47861bc03cdcef1fa9b7368c399
0fee86ff364c61e7d0e271c41bbc3b7e8af198886f7f6a13afa1e3737628a6eb
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftimberland%2F1300x1700%2Ftimtb0a41rp0151_cjetblack.jpg&v=3&w=400&s=DQLwqDFnIJV31Wnm6bDHkj8A&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30785343
expires: Thu, 23 Nov 2023 08:05:05 GMT
date: Fri, 02 Dec 2022 00:36:00 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 13088
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fhummel%2F1300x1700%2Fhu038369_cblackgold.jpg&v=3&w=400&s=y6_KQDJyqQJRUK-XhfT3neZb&b=400
178.250.2.135200 OK 6.2 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fhummel%2F1300x1700%2Fhu038369_cblackgold.jpg&v=3&w=400&s=y6_KQDJyqQJRUK-XhfT3neZb&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 285x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash da98ae274fb4f289dac45e0480dfe9ed
b7780df9bd32b08e30d2d350327054b90c109d34
b66acff03453de5c0571b6b2cfba460ee22405a8e9787109615d98409e23c555
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fhummel%2F1300x1700%2Fhu038369_cblackgold.jpg&v=3&w=400&s=y6_KQDJyqQJRUK-XhfT3neZb&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29243460
expires: Sun, 05 Nov 2023 11:47:01 GMT
date: Fri, 02 Dec 2022 00:36:00 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6192
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fcoster-copenhagen%2F1300x1700%2Fccnb3412_cdarkblue.jpg&v=3&w=400&s=ULxUlA_DipOglLv9apM3nYWe&b=400
178.250.2.135200 OK 2.4 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fcoster-copenhagen%2F1300x1700%2Fccnb3412_cdarkblue.jpg&v=3&w=400&s=ULxUlA_DipOglLv9apM3nYWe&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 157x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8db2c8463c8a81d29844501204bc3226
fef8e53c61cb5d375332ba1a7469e5db3f416dd5
007bd43c6b28e8b89a70ef807f397411f14d9764f7dfda58f65e50ba02bbfd86
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fcoster-copenhagen%2F1300x1700%2Fccnb3412_cdarkblue.jpg&v=3&w=400&s=ULxUlA_DipOglLv9apM3nYWe&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31301501
expires: Wed, 29 Nov 2023 07:27:43 GMT
date: Fri, 02 Dec 2022 00:36:01 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 2414
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmoshi-moshi-mind%2F1300x1700%2Fmmm10546_cdaisyflower_v0122.jpg&v=3&w=400&s=D4JKsG8aYN5mJqDTaoNKX2eg&b=400
178.250.2.135200 OK 26 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmoshi-moshi-mind%2F1300x1700%2Fmmm10546_cdaisyflower_v0122.jpg&v=3&w=400&s=D4JKsG8aYN5mJqDTaoNKX2eg&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 224x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a67435bdd444044294849e9a417e7f54
cc9799ebb7966d08acb7115178017ac176310bc9
31851f28ff99357bb3b4c060bbebe457986dafa944edf40abb88588e7e649310
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmoshi-moshi-mind%2F1300x1700%2Fmmm10546_cdaisyflower_v0122.jpg&v=3&w=400&s=D4JKsG8aYN5mJqDTaoNKX2eg&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30870787
expires: Fri, 24 Nov 2023 07:49:08 GMT
date: Fri, 02 Dec 2022 00:36:01 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 26412
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flevis-kids%2F1300x1700%2Flksnp10117_cdressblues.jpg&v=3&w=400&s=RydAjC643mSDP5yVFGSWXArq&b=400
178.250.2.135200 OK 5.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flevis-kids%2F1300x1700%2Flksnp10117_cdressblues.jpg&v=3&w=400&s=RydAjC643mSDP5yVFGSWXArq&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 307x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d5a63d299c24cfd5d6bb86a3b9265e95
e6c86980f17b730426eae5756fc5a083903b10be
4100f5845c495d4c12a96913c76cfa4cf731199e13ccdb86c91cc14c17fdfe86
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flevis-kids%2F1300x1700%2Flksnp10117_cdressblues.jpg&v=3&w=400&s=RydAjC643mSDP5yVFGSWXArq&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31124450
expires: Mon, 27 Nov 2023 06:16:52 GMT
date: Fri, 02 Dec 2022 00:36:01 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5906
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmango%2F1300x1700%2Fman87042509_cdarkred_v75.jpg&v=3&w=400&s=qCFnkmvAIzngX66IBmyoT7WC&b=400
178.250.2.135200 OK 6.4 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmango%2F1300x1700%2Fman87042509_cdarkred_v75.jpg&v=3&w=400&s=qCFnkmvAIzngX66IBmyoT7WC&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x373, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 34668e8a3d057824af264e7061225d1a
c931114e7c613fa95700a8160660913b4f4ed35a
9697cdd011fff0726ab21ebb5e64ff7672415e40df0cdaf3dae8b3a3dd29db9c
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmango%2F1300x1700%2Fman87042509_cdarkred_v75.jpg&v=3&w=400&s=qCFnkmvAIzngX66IBmyoT7WC&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=28896079
expires: Wed, 01 Nov 2023 11:17:21 GMT
date: Fri, 02 Dec 2022 00:36:01 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6394
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf1642149516_cdarkbrown.jpg&v=3&w=400&s=Y58HX3X143vIB1suRaIp7MCj&b=400
178.250.2.135200 OK 12 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf1642149516_cdarkbrown.jpg&v=3&w=400&s=Y58HX3X143vIB1suRaIp7MCj&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x352, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3d85df67b07161255f629c92335100da
3eac39bbb7542614f7a4bfeca70e010b1eb50055
144a524285cc6bd7f312d439d03dab78f44629054d313186ee9cb718a29b6132
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf1642149516_cdarkbrown.jpg&v=3&w=400&s=Y58HX3X143vIB1suRaIp7MCj&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31426885
expires: Thu, 30 Nov 2023 18:17:27 GMT
date: Fri, 02 Dec 2022 00:36:01 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 12092
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbruun-stengade%2F1300x1700%2Fbrs190213_carmy.jpg&v=3&w=400&s=4dRNmDboGGsXxOf5SP8kVmOr&b=400
178.250.2.135200 OK 2.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbruun-stengade%2F1300x1700%2Fbrs190213_carmy.jpg&v=3&w=400&s=4dRNmDboGGsXxOf5SP8kVmOr&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 171x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1ae0b981b2692c23846d456830a34031
8914ecdffc52ca370e89ee8a0e4ea1babff47cd7
008777cb1a9c41226517153d645afea52c42edb265d1a28be53dd48c9cb795d9
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbruun-stengade%2F1300x1700%2Fbrs190213_carmy.jpg&v=3&w=400&s=4dRNmDboGGsXxOf5SP8kVmOr&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29409095
expires: Tue, 07 Nov 2023 09:47:37 GMT
date: Fri, 02 Dec 2022 00:36:01 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 2898
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fwolford%2F1300x1700%2Fwol50778_cblackblack.jpg&v=3&w=400&s=g7le1ILabY-pApbAK1tgIBBX&b=400
178.250.2.135200 OK 4.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fwolford%2F1300x1700%2Fwol50778_cblackblack.jpg&v=3&w=400&s=g7le1ILabY-pApbAK1tgIBBX&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 311x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c9fe6bb73f65af3ae45243db9d1814a0
316f2168b6df29299e33b41e869d090f45e256e7
8ee8644d20322a7496cac9273a861b3312c16877a6800592dec3a0c2057f7eae
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fwolford%2F1300x1700%2Fwol50778_cblackblack.jpg&v=3&w=400&s=g7le1ILabY-pApbAK1tgIBBX&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31480653
expires: Fri, 01 Dec 2023 09:13:35 GMT
date: Fri, 02 Dec 2022 00:36:01 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 3968
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf1642296804_ctan.jpg&v=3&w=400&s=W4sQbZF72KCRRlawCVsMzGt3&b=400
178.250.2.135200 OK 9.8 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf1642296804_ctan.jpg&v=3&w=400&s=W4sQbZF72KCRRlawCVsMzGt3&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x363, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3124db44fa2a239959b0707d87bc34e9
f1879c4b2e063f9812a78e11023c5883fef2ef4f
9fb88e8b608c8f45da24af1cfac00f6ef7cead039f942537c833b6498bf9fd91
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf1642296804_ctan.jpg&v=3&w=400&s=W4sQbZF72KCRRlawCVsMzGt3&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31049208
expires: Sun, 26 Nov 2023 09:22:50 GMT
date: Fri, 02 Dec 2022 00:36:01 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9788
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl86221_ccharcoalmelange_v90.jpg&v=3&w=400&s=Ncmo3FXTKYtEaPrlmYnleZHQ&b=400
178.250.2.135200 OK 14 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl86221_ccharcoalmelange_v90.jpg&v=3&w=400&s=Ncmo3FXTKYtEaPrlmYnleZHQ&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 337x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 28327b8f11b743b49bb13d5dec540f49
958227e5a641ccc5370c3de8e7248ef3f0f1d491
ff38758e20236b356b1ab44ce3c3c4dda68a73371e6b3e11eab5504244a3698f
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl86221_ccharcoalmelange_v90.jpg&v=3&w=400&s=Ncmo3FXTKYtEaPrlmYnleZHQ&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30304134
expires: Fri, 17 Nov 2023 18:24:56 GMT
date: Fri, 02 Dec 2022 00:36:01 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 13666
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/criteo_logo_2021.svg
178.250.0.130200 OK 15 kB URL HTTP/2 static.criteo.net/flash/icon/criteo_logo_2021.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (53175), with no line terminators
Hash 415ad3d0d7e483fa59bc58c84853b712
3bb46291b07a855647b69d9c16245758ad38c337
25b2e4a40760682537927b91b000dbcbd0fb1449c63a6b5684e6716c0dbf4a18
GET /flash/icon/criteo_logo_2021.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:36:01 GMT
content-type: image/svg+xml
last-modified: Thu, 27 May 2021 13:21:59 GMT
etag: W/"60af9cf7-891"
expires: Mon, 27 Nov 2023 00:36:01 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fwhyred%2F1300x1700%2Fwrco2011_cnavy.jpg&v=3&w=400&s=ruxUDsJLSw3uJDvo60jBl8C7&b=400
178.250.2.135200 OK 2.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fwhyred%2F1300x1700%2Fwrco2011_cnavy.jpg&v=3&w=400&s=ruxUDsJLSw3uJDvo60jBl8C7&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 159x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 539f872c149018a39599441031543b50
33cdd6d641cc05050ce9e90d66517b3dd3ffbd16
15c34e6bfdca35429e534929f3cc0e2d77c9a4db7a31c23ec6dab6e6bec3c020
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fwhyred%2F1300x1700%2Fwrco2011_cnavy.jpg&v=3&w=400&s=ruxUDsJLSw3uJDvo60jBl8C7&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29754488
expires: Sat, 11 Nov 2023 09:44:10 GMT
date: Fri, 02 Dec 2022 00:36:01 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 2654
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fjockey%2F1300x1700%2Fjocj31560_cblue_v400.jpg&v=3&w=400&s=YyGzFALAHO3jeknjVYj2KaeQ&b=400
178.250.2.135200 OK 6.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fjockey%2F1300x1700%2Fjocj31560_cblue_v400.jpg&v=3&w=400&s=YyGzFALAHO3jeknjVYj2KaeQ&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bbc7de186f994016224d42f7b8343ae2
b9b0246167870ec44948e91c72da1387416e41f4
03e014c7e7f8f1ce32cd718eef67f745b912122ee74951f53f9bc3bf58c8f029
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fjockey%2F1300x1700%2Fjocj31560_cblue_v400.jpg&v=3&w=400&s=YyGzFALAHO3jeknjVYj2KaeQ&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31123377
expires: Mon, 27 Nov 2023 05:58:59 GMT
date: Fri, 02 Dec 2022 00:36:01 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6538
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=BGtaV1PwIPgxZ9g1CiVJ-eHJ0KUuMzU9WBIzY9YC67_Q9BO3_IB-zk5vaVOQQ88LVrIWtcHOT49Vxnw57b2Xp65cHc7yyuzpGzaORbpaXZYa1IpfTUHaRoHNywDuKr4eLctN00bNK-8bpXprjzcgfGnsze_DWDI_MEy8QuEVTukijn5V3TR2p2fqwwnC15-FjbKRUnVGQKAWEdqHTVSQFMw6-MW541kqW5_n7IeJCG5EDOHg6FMfk5-4oRYMRXegjUwEEJLIYGnew0Skzxm2tqi7h1vRU0nEa_RsfEF3vt4lEZnDRmdDFy3mAoal47cB-oZiC01kZSuMSrp3Towjqu3Pu1KLNUrK3vvnSDLJM_m1vG87fp_jKVYs864Yot6CC9sG8nJVFZixS1lpyQOJDM6pgirFTBGbiHpAW5s7xMLSVYEmIYS1mEOGSdfJ9UEtDH6iHQ
178.250.0.160200 OK 729 B URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=BGtaV1PwIPgxZ9g1CiVJ-eHJ0KUuMzU9WBIzY9YC67_Q9BO3_IB-zk5vaVOQQ88LVrIWtcHOT49Vxnw57b2Xp65cHc7yyuzpGzaORbpaXZYa1IpfTUHaRoHNywDuKr4eLctN00bNK-8bpXprjzcgfGnsze_DWDI_MEy8QuEVTukijn5V3TR2p2fqwwnC15-FjbKRUnVGQKAWEdqHTVSQFMw6-MW541kqW5_n7IeJCG5EDOHg6FMfk5-4oRYMRXegjUwEEJLIYGnew0Skzxm2tqi7h1vRU0nEa_RsfEF3vt4lEZnDRmdDFy3mAoal47cB-oZiC01kZSuMSrp3Towjqu3Pu1KLNUrK3vvnSDLJM_m1vG87fp_jKVYs864Yot6CC9sG8nJVFZixS1lpyQOJDM6pgirFTBGbiHpAW5s7xMLSVYEmIYS1mEOGSdfJ9UEtDH6iHQ
IP 178.250.0.160:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b625f2690f1bab7a1db1dabcd58576f2
beea39f53b18b60c9f9d80140630bc7be3ca233b
76683c50d41d53d4192aad23b258c70ec26d7266415e9e85c789b5404dc92bcf
GET /delivery/lg.php?cppv=3&cpp=BGtaV1PwIPgxZ9g1CiVJ-eHJ0KUuMzU9WBIzY9YC67_Q9BO3_IB-zk5vaVOQQ88LVrIWtcHOT49Vxnw57b2Xp65cHc7yyuzpGzaORbpaXZYa1IpfTUHaRoHNywDuKr4eLctN00bNK-8bpXprjzcgfGnsze_DWDI_MEy8QuEVTukijn5V3TR2p2fqwwnC15-FjbKRUnVGQKAWEdqHTVSQFMw6-MW541kqW5_n7IeJCG5EDOHg6FMfk5-4oRYMRXegjUwEEJLIYGnew0Skzxm2tqi7h1vRU0nEa_RsfEF3vt4lEZnDRmdDFy3mAoal47cB-oZiC01kZSuMSrp3Towjqu3Pu1KLNUrK3vvnSDLJM_m1vG87fp_jKVYs864Yot6CC9sG8nJVFZixS1lpyQOJDM6pgirFTBGbiHpAW5s7xMLSVYEmIYS1mEOGSdfJ9UEtDH6iHQ HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:00 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3159914
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
widgets.outbrain.com/nanoWidget/externals/cookie/put.html
2.18.173.74200 OK 416 B URL HTTP/2 widgets.outbrain.com/nanoWidget/externals/cookie/put.html
IP 2.18.173.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c0311cf15c21ddda054005e92fad3f9e
5276eceeb0576cbee82010f611dfd6fd305991f9
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
GET /nanoWidget/externals/cookie/put.html HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1669880583.647917"
last-modified: Thu, 01 Dec 2022 07:10:48 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=604800
expires: Fri, 09 Dec 2022 00:36:01 GMT
date: Fri, 02 Dec 2022 00:36:01 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/widgetOBUserSync/obUserSync.html
2.18.173.74200 OK 5.9 kB URL HTTP/2 widgets.outbrain.com/widgetOBUserSync/obUserSync.html
IP 2.18.173.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (18427)
Hash 645ce46ada71d82cb227c560c9b06c98
ca5bf01dd46ff5c6d8c01127ee5b11830ec77ac4
344317ee252cf1b5c987c02c9938b80ae6fb54807f27d4cc2685a06722c29fe8
GET /widgetOBUserSync/obUserSync.html HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "3d588be7f01fe5a6448a8ef1aeb70463:1669278724.034982"
last-modified: Thu, 24 Nov 2022 08:27:03 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800
expires: Fri, 09 Dec 2022 00:36:01 GMT
date: Fri, 02 Dec 2022 00:36:01 GMT
content-length: 5938
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/Close.svg
2.18.173.74200 OK 765 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/Close.svg
IP 2.18.173.74:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (635)
Hash f740f788e2e26736856f7a3a12457a63
d0ec57a47f6a40f23011dd93219873a5eaee96e2
c2c92cde33538b1187bedea3d0b6d5141e4222eba8092476339aa080cee759ac
GET /images/widgetIcons/Close.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "f740f788e2e26736856f7a3a12457a63:1662969029.343348"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 765
cache-control: max-age=2592000
expires: Sun, 01 Jan 2023 00:36:01 GMT
date: Fri, 02 Dec 2022 00:36:01 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/achoice.svg
2.18.173.74200 OK 2.7 kB URL HTTP/2 widgets.outbrain.com/images/widgetIcons/achoice.svg
IP 2.18.173.74:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2290)
Hash 9d26fa4e7238ed94f1d0d92afb453b3e
ae18efe7d09337bf2f580b3f5bc912284aad7821
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
GET /images/widgetIcons/achoice.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 2735
cache-control: max-age=2592000
expires: Sun, 01 Jan 2023 00:36:01 GMT
date: Fri, 02 Dec 2022 00:36:01 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/nanoWidget/2000968/module/userZapping.js?e=1
2.18.173.74200 OK 7.0 kB URL HTTP/2 widgets.outbrain.com/nanoWidget/2000968/module/userZapping.js?e=1
IP 2.18.173.74:0
File type ASCII text, with very long lines (13900)
Hash 904421fd694c8c7f654204a8e7b50ea7
608ced9190124989ac6070e1b2f9d677d17f07a2
77c5abd7beccc3234e92fb38fbefe5bad6898fbebcdea2806f1bd3b5ef2f6a5b
GET /nanoWidget/2000968/module/userZapping.js?e=1 HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "0bf0b3ddd298956eee05fdf6ae1b3f63:1669880493.19468"
last-modified: Thu, 01 Dec 2022 07:12:02 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800
expires: Fri, 09 Dec 2022 00:36:01 GMT
date: Fri, 02 Dec 2022 00:36:01 GMT
content-length: 6993
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
eb2.3lift.com/ev?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29696546391787901467520&rev=6be1393&pr=0.008&bc=AAABhNBC9goQMu_VW22qCQeuImNtmbl4jKXIxA%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669941360&bcud=10&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=40170
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/ev?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29696546391787901467520&rev=6be1393&pr=0.008&bc=AAABhNBC9goQMu_VW22qCQeuImNtmbl4jKXIxA%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669941360&bcud=10&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=40170
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /ev?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29696546391787901467520&rev=6be1393&pr=0.008&bc=AAABhNBC9goQMu_VW22qCQeuImNtmbl4jKXIxA%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669941360&bcud=10&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=40170 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:02 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
images.outbrainimg.com/transform/v3/eyJpdSI6ImM5ZjM3MzkxNTAzMmEyYzk5MDE5NGQ3NTBlZGJjZjY2ZGI2NDQwOTFmMTY1NzlkZTljYTdmZWVjMTQ1MmFmNGIiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg
2.18.173.172200 OK 9.3 kB URL HTTP/2 images.outbrainimg.com/transform/v3/eyJpdSI6ImM5ZjM3MzkxNTAzMmEyYzk5MDE5NGQ3NTBlZGJjZjY2ZGI2NDQwOTFmMTY1NzlkZTljYTdmZWVjMTQ1MmFmNGIiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg
IP 2.18.173.172:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x150, components 3\012- data
Hash 8803f9d879adf2c163600e3739f48601
704f9221af7e55340a5b482ef657e81ff1ccec8b
1948013b8ad0cfe7851e2820c36f0f50df053ad697ee1947158692d416245295
GET /transform/v3/eyJpdSI6ImM5ZjM3MzkxNTAzMmEyYzk5MDE5NGQ3NTBlZGJjZjY2ZGI2NDQwOTFmMTY1NzlkZTljYTdmZWVjMTQ1MmFmNGIiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg HTTP/1.1
Host: images.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 9334
last-modified: Wed, 28 Sep 2022 07:24:52 GMT
x-traceid: 5554cb5d0b0ea8e0e7cb228707d09b68
cache-control: max-age=1282345
date: Fri, 02 Dec 2022 00:36:02 GMT
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
timing-allow-origin: *, *
X-Firefox-Spdy: h2
images.outbrainimg.com/transform/v3/eyJpdSI6ImE5MWJjMTVkZmE0N2I3NDI4NmQ3YzA5MmVhNGNkZmZmZDY4MjdlZjc0NWViNzY3NzYzMjNiOGEyOTZmNjM4NzQiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg
2.18.173.172200 OK 12 kB URL HTTP/2 images.outbrainimg.com/transform/v3/eyJpdSI6ImE5MWJjMTVkZmE0N2I3NDI4NmQ3YzA5MmVhNGNkZmZmZDY4MjdlZjc0NWViNzY3NzYzMjNiOGEyOTZmNjM4NzQiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg
IP 2.18.173.172:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x150, components 3\012- data
Hash 3f24b7d260b197b4494142f58bc0f5fb
5d179eda2ee53333d67ee8105aac71253564c52e
9ec448011b2031be865cd4655a43d949071b21db8d0ea6e8951e4a3131062558
GET /transform/v3/eyJpdSI6ImE5MWJjMTVkZmE0N2I3NDI4NmQ3YzA5MmVhNGNkZmZmZDY4MjdlZjc0NWViNzY3NzYzMjNiOGEyOTZmNjM4NzQiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg HTTP/1.1
Host: images.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 11577
last-modified: Sat, 01 Oct 2022 13:34:09 GMT
x-traceid: 48eaccb78428aa04a32c9c292a8ef718
cache-control: max-age=831603
date: Fri, 02 Dec 2022 00:36:02 GMT
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
timing-allow-origin: *, *
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/icon-vi.svg
2.18.173.74200 OK 182 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/icon-vi.svg
IP 2.18.173.74:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash c065312fdb5e02c1399f2622776530df
785d98e9025f7b5cd7e2bd4f80098e44cda01ebf
b9e07d8e5143b4764aeebb012b1b020f60eb1cdca44ed1bc22ba9bc85f3af5eb
GET /images/widgetIcons/icon-vi.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "91990280dce13a095a0da3a6b2fc6816:1662969041.773759"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 182
cache-control: max-age=2592000
expires: Sun, 01 Jan 2023 00:36:02 GMT
date: Fri, 02 Dec 2022 00:36:02 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/BlockBlue.svg
2.18.173.74200 OK 566 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/BlockBlue.svg
IP 2.18.173.74:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (462)
Hash 67fffe0e5c5262bfb3fb57a8d8d69fbf
2731fbd0437ec9e215e9e3847908ce93f866ed6c
e72f0926b3418896301bda925b636ad884f5bf18f54308383ae77522ca5cd9a2
GET /images/widgetIcons/BlockBlue.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "67fffe0e5c5262bfb3fb57a8d8d69fbf:1662969027.986981"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 566
cache-control: max-age=2592000
expires: Sun, 01 Jan 2023 00:36:02 GMT
date: Fri, 02 Dec 2022 00:36:02 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/ChevronRight.svg
2.18.173.74200 OK 524 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/ChevronRight.svg
IP 2.18.173.74:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (422)
Hash c1dc41410784b37a37e29a21baf9aa1f
9b1a4b46b77322f217c3395e32bbb177199c327c
f8d6148b07b2251c53a2605a003b1d29babb8154c5abd0bde0f7e8a800f2dfd9
GET /images/widgetIcons/ChevronRight.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "c1dc41410784b37a37e29a21baf9aa1f:1662969028.698646"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 524
cache-control: max-age=2592000
expires: Sun, 01 Jan 2023 00:36:02 GMT
date: Fri, 02 Dec 2022 00:36:02 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/icon-x-white.svg
2.18.173.74200 OK 559 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/icon-x-white.svg
IP 2.18.173.74:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (363)
Hash 854eb39a3d94a8ec9977261db0c8acc8
ef852997961f946b34e996504912b0606e4c6593
06ffd9e17bd41822b9a7b982a8ff486fafa54f7781baacb6ef3507ae7f9b36b5
GET /images/widgetIcons/icon-x-white.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "854eb39a3d94a8ec9977261db0c8acc8:1662969042.351779"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 559
cache-control: max-age=2592000
expires: Sun, 01 Jan 2023 00:36:02 GMT
date: Fri, 02 Dec 2022 00:36:02 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
eb2.3lift.com/ev?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29486629499941717353780&rev=6be1393&pr=0.008&bc=AAABhNBC9cifmvXNg_urnrt4mAwsWhTZmTpE3w%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669941360&bcud=10&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=67583
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/ev?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29486629499941717353780&rev=6be1393&pr=0.008&bc=AAABhNBC9cifmvXNg_urnrt4mAwsWhTZmTpE3w%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669941360&bcud=10&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=67583
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /ev?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=29486629499941717353780&rev=6be1393&pr=0.008&bc=AAABhNBC9cifmvXNg_urnrt4mAwsWhTZmTpE3w%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669941360&bcud=10&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=67583 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:02 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=3ImH3Sn1gSvV3MgXTbFurXx-ylRZPxi52lZcu3yG916UWXZo3C1D8VQdM8Rle4lilKxDDp7NzAKOY8YvCpETYRKFK9aETPK5mYbH6w3cEVpg3qYyilZXhdQ9O3ra7KtwPnzd_bwVj7qbLdCb-j6CR-lTrcPw0u7dIHcfIUcIGyjTuEc-VKqs1TcrhRiNbiCUV8hSJbma24_3q_7t4EIzcnKDTd3nnlZoBKj8yKGYr98svNl2BklFilFMeT3azM3K20Zn2_WwVE8dLjSh&sds=2&rev=83599&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=3ImH3Sn1gSvV3MgXTbFurXx-ylRZPxi52lZcu3yG916UWXZo3C1D8VQdM8Rle4lilKxDDp7NzAKOY8YvCpETYRKFK9aETPK5mYbH6w3cEVpg3qYyilZXhdQ9O3ra7KtwPnzd_bwVj7qbLdCb-j6CR-lTrcPw0u7dIHcfIUcIGyjTuEc-VKqs1TcrhRiNbiCUV8hSJbma24_3q_7t4EIzcnKDTd3nnlZoBKj8yKGYr98svNl2BklFilFMeT3azM3K20Zn2_WwVE8dLjSh&sds=2&rev=83599&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=3ImH3Sn1gSvV3MgXTbFurXx-ylRZPxi52lZcu3yG916UWXZo3C1D8VQdM8Rle4lilKxDDp7NzAKOY8YvCpETYRKFK9aETPK5mYbH6w3cEVpg3qYyilZXhdQ9O3ra7KtwPnzd_bwVj7qbLdCb-j6CR-lTrcPw0u7dIHcfIUcIGyjTuEc-VKqs1TcrhRiNbiCUV8hSJbma24_3q_7t4EIzcnKDTd3nnlZoBKj8yKGYr98svNl2BklFilFMeT3azM3K20Zn2_WwVE8dLjSh&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:01 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
widgets.outbrain.com/nanoWidget/externals/cookie/test.html
2.18.173.74200 OK 610 B URL HTTP/2 widgets.outbrain.com/nanoWidget/externals/cookie/test.html
IP 2.18.173.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 48053d50141031b1511dbd30f9a31288
06966364d22a02a4ed89c18c38d6ddfc6de254c6
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
GET /nanoWidget/externals/cookie/test.html HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "48053d50141031b1511dbd30f9a31288:1669880584.437099"
last-modified: Thu, 01 Dec 2022 07:10:48 GMT
server: AkamaiNetStorage
content-length: 610
cache-control: max-age=604800
expires: Fri, 09 Dec 2022 00:36:02 GMT
date: Fri, 02 Dec 2022 00:36:02 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bb0b231d82f3e27bc7b72abd02ce18e9
6b16f172595bf6e7a182fe4748457af0dacb4714
5278ff012f97eaa35ad47c13c1356cc0d36cb8737eabe757894c5aa58f24aa30
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 889
Cache-Control: max-age=161516
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:36:02 GMT
Etag: "638918e5-1d7"
Expires: Sat, 03 Dec 2022 21:27:58 GMT
Last-Modified: Thu, 01 Dec 2022 21:13:09 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3182bd9d9e0282502a56198971ea7f66
0c50e7bde417f5f17f7a490de4c8b4399956e04f
4cc903c67acecbc4581fb7b33ae7cb4307311d241c4290c16d93f23d83e15683
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 463
Cache-Control: max-age=94815
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:36:02 GMT
Etag: "63881602-1d7"
Expires: Sat, 03 Dec 2022 02:56:17 GMT
Last-Modified: Thu, 01 Dec 2022 02:48:34 GMT
Server: ECS (amb/6BBD)
X-Cache: HIT
Content-Length: 471
mcdp-nydc1.outbrain.com/l?token=4b04235ff9911763c01f3a0c776fb06c_178258_1669941361759&tm=876&eT=0&widgetWidth=970&widgetHeight=90&widgetX=0&widgetY=0&wRV=2000968&pVis=1&lsd=fa0efe1e-b1e8-4726-9673-f33974ad88ab&eIdx=&cnsntV2=CPjXNRTPjXNRTBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cheq=0&rtt=406&oo=false&lo=1003&odbreq=1551&odbres=1956&to=1669941358361&ab=0&wl=0
70.42.32.159200 OK 4 B URL HTTP/1.1 mcdp-nydc1.outbrain.com/l?token=4b04235ff9911763c01f3a0c776fb06c_178258_1669941361759&tm=876&eT=0&widgetWidth=970&widgetHeight=90&widgetX=0&widgetY=0&wRV=2000968&pVis=1&lsd=fa0efe1e-b1e8-4726-9673-f33974ad88ab&eIdx=&cnsntV2=CPjXNRTPjXNRTBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cheq=0&rtt=406&oo=false&lo=1003&odbreq=1551&odbres=1956&to=1669941358361&ab=0&wl=0
IP 70.42.32.159:0
File type ASCII text, with no line terminators
Hash 72054d9a6fbdcc7df012e19f32345b65
52dd4c74c813db3790179c4f236ceadaca3467a8
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
GET /l?token=4b04235ff9911763c01f3a0c776fb06c_178258_1669941361759&tm=876&eT=0&widgetWidth=970&widgetHeight=90&widgetX=0&widgetY=0&wRV=2000968&pVis=1&lsd=fa0efe1e-b1e8-4726-9673-f33974ad88ab&eIdx=&cnsntV2=CPjXNRTPjXNRTBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cheq=0&rtt=406&oo=false&lo=1003&odbreq=1551&odbres=1956&to=1669941358361&ab=0&wl=0 HTTP/1.1
Host: mcdp-nydc1.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 00:36:02 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 4
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: c2e77b16667599d885e6e20c69367545
csm.eu.criteo.net/all?cppv=3&cpp=hhmGkyn1gSvV3MgXwNVmNf8EtkIVhAXh7FvaxHbnFaJTGC1m7Ekj4tQz8sKMcrlJgKaIFBZq_FdXcf5mOgBa6rWMpR45U2G-kpZVhAsln-YEf8qb6Zz9igzZ0qmbM8hHjKeVv0dITp5Y-JJ_2FU-Gctjn8KKTNKBcKWWmdUhxLLH9lN9UOwDn7Tl1kbTHENP_sfzRZGxps2nZeD9RJLOtJIiLEZeOyPeol1dwhtvolLAnchgYmorm9yV7G6m59LG_Oh5mA&sds=2&rev=83599&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=hhmGkyn1gSvV3MgXwNVmNf8EtkIVhAXh7FvaxHbnFaJTGC1m7Ekj4tQz8sKMcrlJgKaIFBZq_FdXcf5mOgBa6rWMpR45U2G-kpZVhAsln-YEf8qb6Zz9igzZ0qmbM8hHjKeVv0dITp5Y-JJ_2FU-Gctjn8KKTNKBcKWWmdUhxLLH9lN9UOwDn7Tl1kbTHENP_sfzRZGxps2nZeD9RJLOtJIiLEZeOyPeol1dwhtvolLAnchgYmorm9yV7G6m59LG_Oh5mA&sds=2&rev=83599&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=hhmGkyn1gSvV3MgXwNVmNf8EtkIVhAXh7FvaxHbnFaJTGC1m7Ekj4tQz8sKMcrlJgKaIFBZq_FdXcf5mOgBa6rWMpR45U2G-kpZVhAsln-YEf8qb6Zz9igzZ0qmbM8hHjKeVv0dITp5Y-JJ_2FU-Gctjn8KKTNKBcKWWmdUhxLLH9lN9UOwDn7Tl1kbTHENP_sfzRZGxps2nZeD9RJLOtJIiLEZeOyPeol1dwhtvolLAnchgYmorm9yV7G6m59LG_Oh5mA&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:01 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:36:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 104528
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:36:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 104507
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=4b04235ff9911763c01f3a0c776fb06c&pvId=4b04235ff9911763c01f3a0c776fb06c&sid=9270331&pid=178258&idx=0&wId=101&pad=2&org=0&tm=973&eT=3&cnsnt=CPjXNRTPjXNRTBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&wRV=2000968&pVis=1&lsd=fa0efe1e-b1e8-4726-9673-f33974ad88ab&eIdx=0&oo=false&ab=0&wl=0
70.42.32.159200 OK 4 B URL HTTP/1.1 log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=4b04235ff9911763c01f3a0c776fb06c&pvId=4b04235ff9911763c01f3a0c776fb06c&sid=9270331&pid=178258&idx=0&wId=101&pad=2&org=0&tm=973&eT=3&cnsnt=CPjXNRTPjXNRTBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&wRV=2000968&pVis=1&lsd=fa0efe1e-b1e8-4726-9673-f33974ad88ab&eIdx=0&oo=false&ab=0&wl=0
IP 70.42.32.159:0
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
GET /loggerServices/widgetGlobalEvent?rId=4b04235ff9911763c01f3a0c776fb06c&pvId=4b04235ff9911763c01f3a0c776fb06c&sid=9270331&pid=178258&idx=0&wId=101&pad=2&org=0&tm=973&eT=3&cnsnt=CPjXNRTPjXNRTBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&wRV=2000968&pVis=1&lsd=fa0efe1e-b1e8-4726-9673-f33974ad88ab&eIdx=0&oo=false&ab=0&wl=0 HTTP/1.1
Host: log.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 00:36:02 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 4
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
X-TraceId: d7bb4696a4089851fbf14691e31b787e
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:36:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
csm.eu.criteo.net/all?cppv=3&cpp=3ImH3Sn1gSvV3MgXTbFurXx-ylRZPxi52lZcu3yG916UWXZo3C1D8VQdM8Rle4lilKxDDp7NzAKOY8YvCpETYRKFK9aETPK5mYbH6w3cEVpg3qYyilZXhdQ9O3ra7KtwPnzd_bwVj7qbLdCb-j6CR-lTrcPw0u7dIHcfIUcIGyjTuEc-VKqs1TcrhRiNbiCUV8hSJbma24_3q_7t4EIzcnKDTd3nnlZoBKj8yKGYr98svNl2BklFilFMeT3azM3K20Zn2_WwVE8dLjSh&sds=2&rev=83599&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=3ImH3Sn1gSvV3MgXTbFurXx-ylRZPxi52lZcu3yG916UWXZo3C1D8VQdM8Rle4lilKxDDp7NzAKOY8YvCpETYRKFK9aETPK5mYbH6w3cEVpg3qYyilZXhdQ9O3ra7KtwPnzd_bwVj7qbLdCb-j6CR-lTrcPw0u7dIHcfIUcIGyjTuEc-VKqs1TcrhRiNbiCUV8hSJbma24_3q_7t4EIzcnKDTd3nnlZoBKj8yKGYr98svNl2BklFilFMeT3azM3K20Zn2_WwVE8dLjSh&sds=2&rev=83599&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=3ImH3Sn1gSvV3MgXTbFurXx-ylRZPxi52lZcu3yG916UWXZo3C1D8VQdM8Rle4lilKxDDp7NzAKOY8YvCpETYRKFK9aETPK5mYbH6w3cEVpg3qYyilZXhdQ9O3ra7KtwPnzd_bwVj7qbLdCb-j6CR-lTrcPw0u7dIHcfIUcIGyjTuEc-VKqs1TcrhRiNbiCUV8hSJbma24_3q_7t4EIzcnKDTd3nnlZoBKj8yKGYr98svNl2BklFilFMeT3azM3K20Zn2_WwVE8dLjSh&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:02 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=hhmGkyn1gSvV3MgXwNVmNf8EtkIVhAXh7FvaxHbnFaJTGC1m7Ekj4tQz8sKMcrlJgKaIFBZq_FdXcf5mOgBa6rWMpR45U2G-kpZVhAsln-YEf8qb6Zz9igzZ0qmbM8hHjKeVv0dITp5Y-JJ_2FU-Gctjn8KKTNKBcKWWmdUhxLLH9lN9UOwDn7Tl1kbTHENP_sfzRZGxps2nZeD9RJLOtJIiLEZeOyPeol1dwhtvolLAnchgYmorm9yV7G6m59LG_Oh5mA&sds=2&rev=83599&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=hhmGkyn1gSvV3MgXwNVmNf8EtkIVhAXh7FvaxHbnFaJTGC1m7Ekj4tQz8sKMcrlJgKaIFBZq_FdXcf5mOgBa6rWMpR45U2G-kpZVhAsln-YEf8qb6Zz9igzZ0qmbM8hHjKeVv0dITp5Y-JJ_2FU-Gctjn8KKTNKBcKWWmdUhxLLH9lN9UOwDn7Tl1kbTHENP_sfzRZGxps2nZeD9RJLOtJIiLEZeOyPeol1dwhtvolLAnchgYmorm9yV7G6m59LG_Oh5mA&sds=2&rev=83599&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=hhmGkyn1gSvV3MgXwNVmNf8EtkIVhAXh7FvaxHbnFaJTGC1m7Ekj4tQz8sKMcrlJgKaIFBZq_FdXcf5mOgBa6rWMpR45U2G-kpZVhAsln-YEf8qb6Zz9igzZ0qmbM8hHjKeVv0dITp5Y-JJ_2FU-Gctjn8KKTNKBcKWWmdUhxLLH9lN9UOwDn7Tl1kbTHENP_sfzRZGxps2nZeD9RJLOtJIiLEZeOyPeol1dwhtvolLAnchgYmorm9yV7G6m59LG_Oh5mA&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:03 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
eb2.3lift.com/sync?
76.223.111.18200 OK 37 B IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /sync? HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:03 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
2.18.172.187200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 2.18.172.187:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: "623de86a-cf34"
Unused62: 8096267
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sat, 03 Dec 2022 00:36:05 GMT
Date: Fri, 02 Dec 2022 00:36:03 GMT
Connection: keep-alive
Vary: Accept-Encoding
b1h-euc1.zemanta.com/usersync/prebid
213.227.153.220200 OK 26 B URL HTTP/1.1 b1h-euc1.zemanta.com/usersync/prebid
IP 213.227.153.220:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /usersync/prebid HTTP/1.1
Host: b1h-euc1.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 26
Connection: keep-alive
Date: Fri, 02 Dec 2022 00:36:03 GMT
acdn.adnxs.com/dmp/async_usersync.html
2.18.172.187200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 2.18.172.187:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: "623de86a-cf34"
Unused62: 8096267
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sat, 03 Dec 2022 00:36:05 GMT
Date: Fri, 02 Dec 2022 00:36:03 GMT
Connection: keep-alive
Vary: Accept-Encoding
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=WCxlWlPwIPgxZ9g1CiVJ-eHJ0KWtXZnRXvH58Fu09EfgFYuDuwFRLgb2WdXdQmPAQpOiBsa_OGAqi7bZqrVXzDe4HHZkfl_8tt-4xOArTME9u16XQZSzmlXtl2EYSD1RJf4PWwc_ytjcapu4g-m3lJJYPkzKuhusGhxWcNrI-A44FEHVD0xchhwDpGpKc-7Dy_7WlkjH0j97OEPeELb4Z4pgWTMq-6FYYGw20oMtzdArakIsQ661dt8fe2ZsfGb3g4cEBrVoLgyPWIz6QoO1L-WDFeH-53VjxpqwNFHnG20zsZmKbBQwGB5sqJwtcRrvNnkzOjXG-w-onyZEKRKRVsD1AmsiCbaNI3-iDYilt63p16cmeLvXquP27KlGeMfl6ezhlS0CnF-UvsAb1Qudj08Obbj5cAGoENcaLDtGZiqICHERlo92mAQHmQ9Bx1Ru3aWM5-A1vMFMfyUQhbAsg2VLep0
178.250.0.160200 OK 80 B URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=WCxlWlPwIPgxZ9g1CiVJ-eHJ0KWtXZnRXvH58Fu09EfgFYuDuwFRLgb2WdXdQmPAQpOiBsa_OGAqi7bZqrVXzDe4HHZkfl_8tt-4xOArTME9u16XQZSzmlXtl2EYSD1RJf4PWwc_ytjcapu4g-m3lJJYPkzKuhusGhxWcNrI-A44FEHVD0xchhwDpGpKc-7Dy_7WlkjH0j97OEPeELb4Z4pgWTMq-6FYYGw20oMtzdArakIsQ661dt8fe2ZsfGb3g4cEBrVoLgyPWIz6QoO1L-WDFeH-53VjxpqwNFHnG20zsZmKbBQwGB5sqJwtcRrvNnkzOjXG-w-onyZEKRKRVsD1AmsiCbaNI3-iDYilt63p16cmeLvXquP27KlGeMfl6ezhlS0CnF-UvsAb1Qudj08Obbj5cAGoENcaLDtGZiqICHERlo92mAQHmQ9Bx1Ru3aWM5-A1vMFMfyUQhbAsg2VLep0
IP 178.250.0.160:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3d0ba5a1f74eb97cef53ffd1d81ff8a6
eb7594b4b54370a2a5b1e57d8845af6ddac9230e
1e499d91377a6917a4bc1e64f5678d206e6f0cb290b7a05044bfaf0fdf2d4057
GET /delivery/lg.php?cppv=3&cpp=WCxlWlPwIPgxZ9g1CiVJ-eHJ0KWtXZnRXvH58Fu09EfgFYuDuwFRLgb2WdXdQmPAQpOiBsa_OGAqi7bZqrVXzDe4HHZkfl_8tt-4xOArTME9u16XQZSzmlXtl2EYSD1RJf4PWwc_ytjcapu4g-m3lJJYPkzKuhusGhxWcNrI-A44FEHVD0xchhwDpGpKc-7Dy_7WlkjH0j97OEPeELb4Z4pgWTMq-6FYYGw20oMtzdArakIsQ661dt8fe2ZsfGb3g4cEBrVoLgyPWIz6QoO1L-WDFeH-53VjxpqwNFHnG20zsZmKbBQwGB5sqJwtcRrvNnkzOjXG-w-onyZEKRKRVsD1AmsiCbaNI3-iDYilt63p16cmeLvXquP27KlGeMfl6ezhlS0CnF-UvsAb1Qudj08Obbj5cAGoENcaLDtGZiqICHERlo92mAQHmQ9Bx1Ru3aWM5-A1vMFMfyUQhbAsg2VLep0 HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:01 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3149446
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.90307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 00:36:03 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 0095f36a-a719-450c-a2f5-59415a822bd1
Set-Cookie: uuid2=3086661510743649165; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 00:36:03 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.90307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 00:36:03 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 9a812bd3-5064-4e85-b917-7b69f97ecbef
Set-Cookie: uuid2=8169717797446715833; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 00:36:03 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.90200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 00:36:03 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 9c720e8e-cd7d-4e58-8996-856c8705883a
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.90200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 00:36:03 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 67ff9b8a-99d9-474b-ac51-3e9eb6b761bd
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3c8d02a876d17fcaaddaa95ed1b43447
a96034f1032871167378edba4216467b58eda762
cc34f27d0c12c98790c6dd02c5d60b51b848e43d020b5a42fcc425e95ae98341
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CC34F27D0C12C98790C6DD02C5D60B51B848E43D020B5A42FCC425E95AE98341"
Last-Modified: Thu, 01 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2366
Expires: Fri, 02 Dec 2022 01:15:29 GMT
Date: Fri, 02 Dec 2022 00:36:03 GMT
Connection: keep-alive
954556f78c.fa4ecdb1a3.com/health/
159.69.163.6200 OK 0 B URL HTTP/2 954556f78c.fa4ecdb1a3.com/health/
IP 159.69.163.6:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /health/ HTTP/1.1
Host: 954556f78c.fa4ecdb1a3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 02 Dec 2022 00:36:03 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
954556f78c.fa4ecdb1a3.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImEiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkRyYW1hY29vbCUyQ0FzaWFuJTJDRHJhbWElMkNNb3ZpZXMlMkNhbmQlMkNLU2hvdyUyQ0VuZ2xpc2glMkNTdWIlMkNpbiUyQ0hEJTJDKDIwMjIpJTJDV2F0Y2glMkNhbmQlMkNkb3dubG9hZCUyQ0tvcmVhbiUyQ2RyYW1hJTJDbW92aWVzJTJDS3Nob3clMkNhbmQlMkNvdGhlciUyQ0FzaWFuJTJDZHJhbWFzJTJDd2l0aCUyQ2VuZ2xpc2glMkNzdWJ0aXRsZXMlMkNvbmxpbmUlMkNmcmVlJTJDRHJhbWFjb29sJTJDZm9yJTJDZXZlcnlvbmUhJTIwIiwibGFiZWxzIjoiNCw1LDYsNyw4LDksNDYsNDcsNTQsNTUsNjEsMTA5IiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTUyNDQ4NDQ5IiwicmVmcmVzaCI6MSwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MzMxOTIsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjAsInN0cmF0YWdlbSI6Im5sYWJlbC1iIiwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozOTcyLCJidHlwZSI6MH0sImJhbm5lciI6eyJ3IjoxLCJoIjoxfX1dLCJzaXRlIjp7ImlkIjoiMzMxOTIiLCJjYXQiOlsiSUFCMSJdLCJwYWdlIjoiaHR0cHM6Ly93d3cuZHJhbWFjb29sOS5jby8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgiLCJmcCI6bnVsbH0sImV4dCI6eyJkdCI6MTY2OTk0MTM2MjIxOH19
159.69.163.6302 Found 0 B URL HTTP/2 954556f78c.fa4ecdb1a3.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImEiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkRyYW1hY29vbCUyQ0FzaWFuJTJDRHJhbWElMkNNb3ZpZXMlMkNhbmQlMkNLU2hvdyUyQ0VuZ2xpc2glMkNTdWIlMkNpbiUyQ0hEJTJDKDIwMjIpJTJDV2F0Y2glMkNhbmQlMkNkb3dubG9hZCUyQ0tvcmVhbiUyQ2RyYW1hJTJDbW92aWVzJTJDS3Nob3clMkNhbmQlMkNvdGhlciUyQ0FzaWFuJTJDZHJhbWFzJTJDd2l0aCUyQ2VuZ2xpc2glMkNzdWJ0aXRsZXMlMkNvbmxpbmUlMkNmcmVlJTJDRHJhbWFjb29sJTJDZm9yJTJDZXZlcnlvbmUhJTIwIiwibGFiZWxzIjoiNCw1LDYsNyw4LDksNDYsNDcsNTQsNTUsNjEsMTA5IiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTUyNDQ4NDQ5IiwicmVmcmVzaCI6MSwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MzMxOTIsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjAsInN0cmF0YWdlbSI6Im5sYWJlbC1iIiwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozOTcyLCJidHlwZSI6MH0sImJhbm5lciI6eyJ3IjoxLCJoIjoxfX1dLCJzaXRlIjp7ImlkIjoiMzMxOTIiLCJjYXQiOlsiSUFCMSJdLCJwYWdlIjoiaHR0cHM6Ly93d3cuZHJhbWFjb29sOS5jby8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgiLCJmcCI6bnVsbH0sImV4dCI6eyJkdCI6MTY2OTk0MTM2MjIxOH19
IP 159.69.163.6:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImEiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkRyYW1hY29vbCUyQ0FzaWFuJTJDRHJhbWElMkNNb3ZpZXMlMkNhbmQlMkNLU2hvdyUyQ0VuZ2xpc2glMkNTdWIlMkNpbiUyQ0hEJTJDKDIwMjIpJTJDV2F0Y2glMkNhbmQlMkNkb3dubG9hZCUyQ0tvcmVhbiUyQ2RyYW1hJTJDbW92aWVzJTJDS3Nob3clMkNhbmQlMkNvdGhlciUyQ0FzaWFuJTJDZHJhbWFzJTJDd2l0aCUyQ2VuZ2xpc2glMkNzdWJ0aXRsZXMlMkNvbmxpbmUlMkNmcmVlJTJDRHJhbWFjb29sJTJDZm9yJTJDZXZlcnlvbmUhJTIwIiwibGFiZWxzIjoiNCw1LDYsNyw4LDksNDYsNDcsNTQsNTUsNjEsMTA5IiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTUyNDQ4NDQ5IiwicmVmcmVzaCI6MSwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MzMxOTIsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjAsInN0cmF0YWdlbSI6Im5sYWJlbC1iIiwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozOTcyLCJidHlwZSI6MH0sImJhbm5lciI6eyJ3IjoxLCJoIjoxfX1dLCJzaXRlIjp7ImlkIjoiMzMxOTIiLCJjYXQiOlsiSUFCMSJdLCJwYWdlIjoiaHR0cHM6Ly93d3cuZHJhbWFjb29sOS5jby8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgiLCJmcCI6bnVsbH0sImV4dCI6eyJkdCI6MTY2OTk0MTM2MjIxOH19 HTTP/1.1
Host: 954556f78c.fa4ecdb1a3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.18.0
date: Fri, 02 Dec 2022 00:36:03 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://rtbrennab.com/banner/in/show/?mid=2872068675269924637&pid=0&site=33192&sc=NO&usage_type=DCH&subid=152448449&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=www.dramacool9.co&hostname=auc-banner-hz-5&site_id=0&spot_id=33192&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=95&ml=&tag_ab=a&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D33192%26source%3D152448449%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D33192%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DDramacool%252CAsian%252CDrama%252CMovies%252Cand%252CKShow%252CEnglish%252CSub%252Cin%252CHD%252C%282022%29%252CWatch%252Cand%252Cdownload%252CKorean%252Cdrama%252Cmovies%252CKshow%252Cand%252Cother%252CAsian%252Cdramas%252Cwith%252Cenglish%252Csubtitles%252Conline%252Cfree%252CDramacool%252Cfor%252Ceveryone%21%2520%26spot_id%3D33192%26p%3Dhttps%253A%252F%252Fwww.dramacool9.co%252F%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26btype%3D0%26score%3D95%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Dramacool%2CAsian%2CDrama%2CMovies%2Cand%2CKShow%2CEnglish%2CSub%2Cin%2CHD%2C(2022)%2CWatch%2Cand%2Cdownload%2CKorean%2Cdrama%2Cmovies%2CKshow%2Cand%2Cother%2CAsian%2Cdramas%2Cwith%2Cenglish%2Csubtitles%2Conline%2Cfree%2CDramacool%2Cfor%2Ceveryone!%20&stratagem=nlabel-b&ssp=3972
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.90307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 00:36:04 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 60e4c73e-b4ba-4ef9-b899-3b3028303114
Set-Cookie: uuid2=4695718854389294126; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 00:36:04 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.90200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 00:36:04 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: f474ed18-359e-4a12-8dce-3492364822f1
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4c5df59ffccb79abf75caff17951dbaa
5aaa137946557b51e9069330a216f5b83319dfe0
b805f480a6c1d3c916349cda312971db2ea60f43b238551df91e6bf8ab9cae65
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B805F480A6C1D3C916349CDA312971DB2EA60F43B238551DF91E6BF8AB9CAE65"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14341
Expires: Fri, 02 Dec 2022 04:35:05 GMT
Date: Fri, 02 Dec 2022 00:36:04 GMT
Connection: keep-alive
rtbrennab.com/banner/in/show/?mid=2872068675269924637&pid=0&site=33192&sc=NO&usage_type=DCH&subid=152448449&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=www.dramacool9.co&hostname=auc-banner-hz-5&site_id=0&spot_id=33192&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=95&ml=&tag_ab=a&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D33192%26source%3D152448449%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D33192%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DDramacool%252CAsian%252CDrama%252CMovies%252Cand%252CKShow%252CEnglish%252CSub%252Cin%252CHD%252C%282022%29%252CWatch%252Cand%252Cdownload%252CKorean%252Cdrama%252Cmovies%252CKshow%252Cand%252Cother%252CAsian%252Cdramas%252Cwith%252Cenglish%252Csubtitles%252Conline%252Cfree%252CDramacool%252Cfor%252Ceveryone%21%2520%26spot_id%3D33192%26p%3Dhttps%253A%252F%252Fwww.dramacool9.co%252F%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26btype%3D0%26score%3D95%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Dramacool%2CAsian%2CDrama%2CMovies%2Cand%2CKShow%2CEnglish%2CSub%2Cin%2CHD%2C(2022)%2CWatch%2Cand%2Cdownload%2CKorean%2Cdrama%2Cmovies%2CKshow%2Cand%2Cother%2CAsian%2Cdramas%2Cwith%2Cenglish%2Csubtitles%2Conline%2Cfree%2CDramacool%2Cfor%2Ceveryone!%20&stratagem=nlabel-b&ssp=3972
159.69.163.6302 Found 0 B URL HTTP/2 rtbrennab.com/banner/in/show/?mid=2872068675269924637&pid=0&site=33192&sc=NO&usage_type=DCH&subid=152448449&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=www.dramacool9.co&hostname=auc-banner-hz-5&site_id=0&spot_id=33192&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=95&ml=&tag_ab=a&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D33192%26source%3D152448449%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D33192%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DDramacool%252CAsian%252CDrama%252CMovies%252Cand%252CKShow%252CEnglish%252CSub%252Cin%252CHD%252C%282022%29%252CWatch%252Cand%252Cdownload%252CKorean%252Cdrama%252Cmovies%252CKshow%252Cand%252Cother%252CAsian%252Cdramas%252Cwith%252Cenglish%252Csubtitles%252Conline%252Cfree%252CDramacool%252Cfor%252Ceveryone%21%2520%26spot_id%3D33192%26p%3Dhttps%253A%252F%252Fwww.dramacool9.co%252F%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26btype%3D0%26score%3D95%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Dramacool%2CAsian%2CDrama%2CMovies%2Cand%2CKShow%2CEnglish%2CSub%2Cin%2CHD%2C(2022)%2CWatch%2Cand%2Cdownload%2CKorean%2Cdrama%2Cmovies%2CKshow%2Cand%2Cother%2CAsian%2Cdramas%2Cwith%2Cenglish%2Csubtitles%2Conline%2Cfree%2CDramacool%2Cfor%2Ceveryone!%20&stratagem=nlabel-b&ssp=3972
IP 159.69.163.6:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner/in/show/?mid=2872068675269924637&pid=0&site=33192&sc=NO&usage_type=DCH&subid=152448449&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=www.dramacool9.co&hostname=auc-banner-hz-5&site_id=0&spot_id=33192&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=95&ml=&tag_ab=a&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D33192%26source%3D152448449%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D33192%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DDramacool%252CAsian%252CDrama%252CMovies%252Cand%252CKShow%252CEnglish%252CSub%252Cin%252CHD%252C%282022%29%252CWatch%252Cand%252Cdownload%252CKorean%252Cdrama%252Cmovies%252CKshow%252Cand%252Cother%252CAsian%252Cdramas%252Cwith%252Cenglish%252Csubtitles%252Conline%252Cfree%252CDramacool%252Cfor%252Ceveryone%21%2520%26spot_id%3D33192%26p%3Dhttps%253A%252F%252Fwww.dramacool9.co%252F%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26btype%3D0%26score%3D95%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Dramacool%2CAsian%2CDrama%2CMovies%2Cand%2CKShow%2CEnglish%2CSub%2Cin%2CHD%2C(2022)%2CWatch%2Cand%2Cdownload%2CKorean%2Cdrama%2Cmovies%2CKshow%2Cand%2Cother%2CAsian%2Cdramas%2Cwith%2Cenglish%2Csubtitles%2Conline%2Cfree%2CDramacool%2Cfor%2Ceveryone!%20&stratagem=nlabel-b&ssp=3972 HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.18.0
date: Fri, 02 Dec 2022 00:36:04 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://btds.zog.link/in/912/?sid=33192&source=152448449&idzone=0&w=1&h=1&mo=&ve=&site_id=33192&utm1=&utm2=&utm3=&utm4=&ad_tags=Dramacool%2CAsian%2CDrama%2CMovies%2Cand%2CKShow%2CEnglish%2CSub%2Cin%2CHD%2C(2022)%2CWatch%2Cand%2Cdownload%2CKorean%2Cdrama%2Cmovies%2CKshow%2Cand%2Cother%2CAsian%2Cdramas%2Cwith%2Cenglish%2Csubtitles%2Conline%2Cfree%2CDramacool%2Cfor%2Ceveryone!%20&spot_id=33192&p=https%3A%2F%2Fwww.dramacool9.co%2F&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&btype=0&score=95&bf=0.0001
X-Firefox-Spdy: h2
api.purpleads.io/x/init?ts=1669941357232
52.204.242.76200 OK 503 B URL HTTP/2 api.purpleads.io/x/init?ts=1669941357232
IP 52.204.242.76:0
Hash 8ec406cc54e8dc98c624554b51f2ce0c
1dc6395cfffc4fd15e4dd58e5217f9e9a0a0e9a4
f0d7fe685b6e320f00ef6b10fa4f20517c76db9f05ed097ad4e620f047685ccf
OPTIONS /x/init?ts=1669941357232 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:35:59 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 189eafb2-64f1-4de3-ac8c-16d62ac1ee77
X-Firefox-Spdy: h2
btds.zog.link/in/912/?sid=33192&source=152448449&idzone=0&w=1&h=1&mo=&ve=&site_id=33192&utm1=&utm2=&utm3=&utm4=&ad_tags=Dramacool%2CAsian%2CDrama%2CMovies%2Cand%2CKShow%2CEnglish%2CSub%2Cin%2CHD%2C(2022)%2CWatch%2Cand%2Cdownload%2CKorean%2Cdrama%2Cmovies%2CKshow%2Cand%2Cother%2CAsian%2Cdramas%2Cwith%2Cenglish%2Csubtitles%2Conline%2Cfree%2CDramacool%2Cfor%2Ceveryone!%20&spot_id=33192&p=https%3A%2F%2Fwww.dramacool9.co%2F&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&btype=0&score=95&bf=0.0001
109.206.191.198302 Found 0 B URL HTTP/2 btds.zog.link/in/912/?sid=33192&source=152448449&idzone=0&w=1&h=1&mo=&ve=&site_id=33192&utm1=&utm2=&utm3=&utm4=&ad_tags=Dramacool%2CAsian%2CDrama%2CMovies%2Cand%2CKShow%2CEnglish%2CSub%2Cin%2CHD%2C(2022)%2CWatch%2Cand%2Cdownload%2CKorean%2Cdrama%2Cmovies%2CKshow%2Cand%2Cother%2CAsian%2Cdramas%2Cwith%2Cenglish%2Csubtitles%2Conline%2Cfree%2CDramacool%2Cfor%2Ceveryone!%20&spot_id=33192&p=https%3A%2F%2Fwww.dramacool9.co%2F&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&btype=0&score=95&bf=0.0001
IP 109.206.191.198:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/912/?sid=33192&source=152448449&idzone=0&w=1&h=1&mo=&ve=&site_id=33192&utm1=&utm2=&utm3=&utm4=&ad_tags=Dramacool%2CAsian%2CDrama%2CMovies%2Cand%2CKShow%2CEnglish%2CSub%2Cin%2CHD%2C(2022)%2CWatch%2Cand%2Cdownload%2CKorean%2Cdrama%2Cmovies%2CKshow%2Cand%2Cother%2CAsian%2Cdramas%2Cwith%2Cenglish%2Csubtitles%2Conline%2Cfree%2CDramacool%2Cfor%2Ceveryone!%20&spot_id=33192&p=https%3A%2F%2Fwww.dramacool9.co%2F&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&btype=0&score=95&bf=0.0001 HTTP/1.1
Host: btds.zog.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.20.1
date: Fri, 02 Dec 2022 00:36:04 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://cdn.1vag.com/1x1.png
pragma: no-cache
vary: *
cache-control: no-cache, no-store, must-revalidate
set-cookie: 912.0=1; expires=Sat, 03 Dec 2022 00:36:04 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash de47d8b5ea0571eabd14ccff7b0b1bba
899a392d7c35d2a3b583500e203d5fd5af9e9958
6fd168498f9bcbccc0c9bb2c506e02a219da1a516370042942b8e876590be518
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6FD168498F9BCBCCC0C9BB2C506E02A219DA1A516370042942B8E876590BE518"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19664
Expires: Fri, 02 Dec 2022 06:03:48 GMT
Date: Fri, 02 Dec 2022 00:36:04 GMT
Connection: keep-alive
cdn.1vag.com/1x1.png
45.133.44.25200 OK 68 B IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /1x1.png HTTP/1.1
Host: cdn.1vag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:04 GMT
content-type: image/png
content-length: 68
server: nginx/1.20.1
last-modified: Wed, 15 Apr 2020 13:30:15 GMT
etag: "5e970c67-44"
cache-control: max-age=3600
x-request-id: 28eea0836f6cd5562d41ccabe8fa4a5b
expires: Fri, 02 Dec 2022 01:36:04 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.90307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 00:36:04 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: dc25cc6a-befc-4f5a-ab22-3d6d44d4702b
Set-Cookie: uuid2=1795984629217596431; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 00:36:04 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.90307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 00:36:04 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 3f3df7b5-d9a4-4aab-bdf5-63a55870f58c
Set-Cookie: uuid2=3482241908529409930; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 00:36:04 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.90200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 00:36:04 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 8b8f1cd9-401e-45ba-b79c-f59672c87deb
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.90200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 00:36:04 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: c3254959-dd69-4a57-9b3d-b4e6a635463e
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
log.outbrainimg.com/api/loggerBatch/log-viewability
70.42.32.159200 OK 4 B URL HTTP/1.1 log.outbrainimg.com/api/loggerBatch/log-viewability
IP 70.42.32.159:0
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
POST /api/loggerBatch/log-viewability HTTP/1.1
Host: log.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 351
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 00:36:04 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 4
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
X-TraceId: 71505ad35a039f865dda0b3cd5aeb54b
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.90307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 00:36:05 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 6055c69f-70f6-4694-9490-be67be7003fc
Set-Cookie: uuid2=3616019816339808510; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 00:36:05 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.90200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 00:36:05 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 22539f37-dc7f-42b5-bfab-9e1a2073b9dc
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a8d5a894b22f249da71344c3d3914abd
55d38e8654073cb1808fcce3eeb4a657ee5fdd4c
e630915ee1d6d1c4e2ac821cc375f4cde73141d551b883d49884c30fda8fce2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E630915EE1D6D1C4E2AC821CC375F4CDE73141D551B883D49884C30FDA8FCE2D"
Last-Modified: Tue, 29 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=158
Expires: Fri, 02 Dec 2022 00:38:43 GMT
Date: Fri, 02 Dec 2022 00:36:05 GMT
Connection: keep-alive
a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
51.83.220.94302 Found 166 B URL HTTP/2 a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
IP 51.83.220.94:0
Hash d797f0d0ca0436c5ee3c836d585f73c6
9c3a7e86eb56045b140768b83a3ff82290e9e2d7
af87742a6077a801b1d1613dbe32158af6a76b348fe9e326f0951d5f8af79c67
GET /ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP/1.1
Host: a4p.adpartner.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 02 Dec 2022 00:36:06 GMT
content-type: text/html; charset=utf-8
content-length: 166
location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=e0c9768e-fe03-45c5-bab4-026de3c68ef0
set-cookie: apuid=e0c9768e-fe03-45c5-bab4-026de3c68ef0; Path=/; Expires=Tue, 31 Jan 2023 00:36:06 GMT; Secure; SameSite=None
cache-control: no-store no-transform
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 96a324f9bbaffcb08eb052a90c10fd44
4140b22e29900bed26433a2ed42321614a01f057
6a175fa4123b17dc17a41f94d69e2c19803eecb88045cae84279691f1df46086
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 795
Cache-Control: max-age=148833
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 00:36:06 GMT
Etag: "6388e7bc-13a"
Expires: Sat, 03 Dec 2022 17:56:39 GMT
Last-Modified: Thu, 01 Dec 2022 17:43:24 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 314
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.dramacool9.co%2F&domain=www.dramacool9.co&gdprString=CPjXNRTPjXNRTBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cw=1&lsw=1
178.250.0.157200 OK 401 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.dramacool9.co%2F&domain=www.dramacool9.co&gdprString=CPjXNRTPjXNRTBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cw=1&lsw=1
IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with very long lines (481), with no line terminators
Hash 0f47d01a1741b7822397eec80dd8815f
cbe722621d3343dd3a0adda70158291e6cdac3e7
d4847640fecfefd5d4a66505648cdd04a34484a8084d74b43bc6add6c5792289
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.dramacool9.co%2F&domain=www.dramacool9.co&gdprString=CPjXNRTPjXNRTBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:05 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://www.dramacool9.co
server-processing-duration-in-ticks: 1348773
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cs.media.net/cksync.php?cs=8
2.18.172.23200 OK 44 B URL HTTP/1.1 cs.media.net/cksync.php?cs=8
IP 2.18.172.23:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 08c834b1c9b58215af6a17fe8a8c0e12
450fa14b65cd921889bb82ab08c42e07ed98f5f4
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
GET /cksync.php?cs=8 HTTP/1.1
Host: cs.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache
Content-Length: 44
Content-Type: image/gif
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Timing-Allow-Origin: *
X-MNET-HL2: E
Expires: Fri, 02 Dec 2022 00:36:06 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 02 Dec 2022 00:36:06 GMT
Connection: keep-alive
ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
185.89.210.90307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 00:36:06 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
AN-X-Request-Uuid: 601b1b80-a813-415d-a6f3-f0157090488e
Set-Cookie: uuid2=1689606875244318705; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 00:36:06 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
185.89.210.90307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 00:36:06 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
AN-X-Request-Uuid: 943d4856-c137-424d-8ca1-a2e9ad92a9fe
Set-Cookie: uuid2=7188641320566176174; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 00:36:06 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
185.89.210.90302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 00:36:06 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
AN-X-Request-Uuid: 1f31dd1f-4b3d-4443-be4f-2f7c9198d19b
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
185.89.210.90302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 00:36:06 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
AN-X-Request-Uuid: 6b9c34fd-bff9-44cc-acd7-4938742b0c0c
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 000a2e15a014c8dd047e06b859a809d7
051a46ab17cd724545ce464d63c505ab899f86cb
be07ca1f5b301c76513a2a210dbff809ca7d498dc330e47e328c1e9d2b4d7c42
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 02 Dec 2022 00:36:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 01 Dec 2022 20:57:48 GMT
Expires: Fri, 02 Dec 2022 20:57:48 GMT
ETag: "051a46ab17cd724545ce464d63c505ab899f86cb"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 315 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 63e24dcce1bf08db7a37a5e8f376d935
a6845326101ab436cfadf9f4e18dd629d864d60e
3a5450c264fa36350287f2803c29a94b9e5aec94cd4f206baeb67d7e208cda91
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 00:36:06 GMT
Content-Type: application/ocsp-response
Content-Length: 315
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 18:01:35 GMT
Expires: Wed, 07 Dec 2022 18:01:34 GMT
Etag: "a6845326101ab436cfadf9f4e18dd629d864d60e"
Cache-Control: max-age=494127,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772ffc845fd51bfe-OSL
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 315 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 63e24dcce1bf08db7a37a5e8f376d935
a6845326101ab436cfadf9f4e18dd629d864d60e
3a5450c264fa36350287f2803c29a94b9e5aec94cd4f206baeb67d7e208cda91
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 00:36:06 GMT
Content-Type: application/ocsp-response
Content-Length: 315
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 18:01:35 GMT
Expires: Wed, 07 Dec 2022 18:01:34 GMT
Etag: "a6845326101ab436cfadf9f4e18dd629d864d60e"
Cache-Control: max-age=494127,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772ffc838ef9b4f3-OSL
ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
216.52.2.19204 No Content 0 B URL HTTP/1.1 ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
IP 216.52.2.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Fri, 02 Dec 2022 00:36:06 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
X-Sovrn-Pod: ad_ap4ams1
sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
62.149.1.122200 OK 43 B URL HTTP/1.1 sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
IP 62.149.1.122:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /csync?t=a&ep=297253&extuid=0 HTTP/1.1
Host: sync.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Fri, 02 Dec 2022 00:36:06 GMT
Content-Type: image/gif
Content-Length: 43
Etag: fcdbd0410e39c37e
Set-Cookie: vmuid=fcdbd0410e39c37e; expires=Thu, 02 Feb 2023 00:36:06 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 315 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 63e24dcce1bf08db7a37a5e8f376d935
a6845326101ab436cfadf9f4e18dd629d864d60e
3a5450c264fa36350287f2803c29a94b9e5aec94cd4f206baeb67d7e208cda91
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 00:36:06 GMT
Content-Type: application/ocsp-response
Content-Length: 315
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 18:01:35 GMT
Expires: Wed, 07 Dec 2022 18:01:34 GMT
Etag: "a6845326101ab436cfadf9f4e18dd629d864d60e"
Cache-Control: max-age=494127,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772ffc845b57b4fd-OSL
sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
62.149.1.122200 OK 43 B URL HTTP/1.1 sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
IP 62.149.1.122:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /csync?t=a&ep=584890&extuid=0 HTTP/1.1
Host: sync.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Fri, 02 Dec 2022 00:36:06 GMT
Content-Type: image/gif
Content-Length: 43
Etag: fcdbd0410e39c37e
Set-Cookie: vmuid=fcdbd0410e39c37e; expires=Thu, 02 Feb 2023 00:36:06 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
tzegilo.com/stattag.js
104.21.84.149200 OK 0 B IP 104.21.84.149:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:35:59 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1101
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCsxufXqvpU9NKJCf6tcb9TQCE0EC9ikSeXTp76khTFD9X%2BmO7C%2BLy08pnStllrKFgTZ8a2jDUs9PAEx1Twek3TtHAAVfkZHLB2QVxeDZ0Ss340xhaT0SF5QhPOFAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ffc58c8ceb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vid.vidoomy.com/sync?gdpr=1&gdpr_consent=CPjXNRTPjXNRTBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
185.76.9.24200 OK 0 B URL HTTP/2 vid.vidoomy.com/sync?gdpr=1&gdpr_consent=CPjXNRTPjXNRTBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /sync?gdpr=1&gdpr_consent=CPjXNRTPjXNRTBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D HTTP/1.1
Host: vid.vidoomy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:06 GMT
content-type: text/html
last-modified: Mon, 27 Dec 2021 10:13:47 GMT
etag: W/"61c991db-c5bc"
access-control-allow-origin: *
x-accel-expires: @1670978166
server: CDN77-Turbo
x-77-nzt: AblMCRS5bESh
x-77-nzt-ray: af585630fd9a5dea764889632798c603
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy.svg
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy.svg
IP 178.250.0.130:0
GET /flash/icon/privacy.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:36:01 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
etag: W/"5e4d1491-646"
expires: Mon, 27 Nov 2023 00:36:01 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
prebid.media.net/rtb/prebid?cid=8CUT3342T
34.107.148.139200 OK 0 B URL HTTP/2 prebid.media.net/rtb/prebid?cid=8CUT3342T
IP 34.107.148.139:0
POST /rtb/prebid?cid=8CUT3342T HTTP/1.1
Host: prebid.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 4591
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:36:00 GMT
content-type: application/json;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
expires: Fri, 02 Dec 2022 00:36:00 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdn.uponelectabuzzor.club/1?z=5305455
139.45.197.239200 OK 0 B URL HTTP/2 cdn.uponelectabuzzor.club/1?z=5305455
IP 139.45.197.239:0
GET /1?z=5305455 HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:35:59 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: ce50971430133c5ad30dffe5e77889c6
access-control-expose-headers: X-Sc
x-sc: YKoTTxCojsko3sn0pvaxTq-ZmLAdTiER_GTxEwwGiBdqIk3m2tCfS_r3SctY5JjKz9C8WPuH9ZNLp_srTAFazuRvvlk=
set-cookie: scm=1; expires=Sat, 02 Dec 2023 00:35:59 GMT; secure; SameSite=None
OAID=3d660cb92c5b4f8488681c0ce3fa831a; expires=Sat, 02 Dec 2023 00:35:59 GMT; secure; SameSite=None
oaidts=1669941359; expires=Sat, 02 Dec 2023 00:35:59 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=0&pid=eaa2a942d81344e6b14436884d7be463&sizes=[[300,250],[200,200],[250,250],[300,100]]&slotid=7aee423e-bceb-4c0e-9b66-94d009570cac&ts=1669941357483
52.204.242.76200 OK 0 B URL HTTP/2 api.purpleads.io/x/b/?idx=0&pid=eaa2a942d81344e6b14436884d7be463&sizes=[[300,250],[200,200],[250,250],[300,100]]&slotid=7aee423e-bceb-4c0e-9b66-94d009570cac&ts=1669941357483
IP 52.204.242.76:0
GET /x/b/?idx=0&pid=eaa2a942d81344e6b14436884d7be463&sizes=[[300,250],[200,200],[250,250],[300,100]]&slotid=7aee423e-bceb-4c0e-9b66-94d009570cac&ts=1669941357483 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Content-Type: application/json
x-purpleads-version: 2.2.13
x-request-url: aHR0cHM6Ly93d3cuZHJhbWFjb29sOS5jby8=
Authorization: Bearer b2ceb012c83b9a7144bd1478208f267a:9ab0b065d3810b2fd9aeb6065b8ee85871db6fe4c4ad32f49fd0fc672f69e09f3081599e2f6e24b5210a9db2e188856bcf18a03638f2ecaa4014d5b7915c430d
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:35:59 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id: a9ee833d-0fef-43c9-a680-07233d0cdc7a
etag: W/"d36-Vbd3cPK7yBIQgOV7d4+AQWc2jvc"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/adchoices_en.svg
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/adchoices_en.svg
IP 178.250.0.130:0
GET /flash/icon/adchoices_en.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:36:01 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
etag: W/"5e42b9ee-759"
expires: Mon, 27 Nov 2023 00:36:01 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
widget.fr.eu.criteo.com/dis/dis.aspx?pu=184677&cb=638948706838e2ea064fc3bf61b2bb30
178.250.0.163200 OK 0 B URL HTTP/2 widget.fr.eu.criteo.com/dis/dis.aspx?pu=184677&cb=638948706838e2ea064fc3bf61b2bb30
IP 178.250.0.163:0
GET /dis/dis.aspx?pu=184677&cb=638948706838e2ea064fc3bf61b2bb30 HTTP/1.1
Host: widget.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:01 GMT
content-type: text/html
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
timing-allow-origin: *
server-processing-duration-in-ticks: 463379
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
mp.4dex.io/prebid
104.18.3.114200 OK 0 B IP 104.18.3.114:0
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1962
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:00 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 772ffc611b051c16-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.dramacool9.co/
172.67.190.162200 OK 0 B IP 172.67.190.162:0
GET / HTTP/1.1
Host: www.dramacool9.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:35:58 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-pingback: https://www.dramacool9.co/xmlrpc.php
link: <https://www.dramacool9.co/wp-json/>; rel="https://api.w.org/", <https://www.dramacool9.co/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://www.dramacool9.co/>; rel=shortlink
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l6LIShKllZ5NwsZ8Lrc%2BfNHTOvFHv3HVvrz4CewVqP0EJfYtAEsEp8RjJC4ZRbfe8wi3u16QP0WMcAE%2FchyGVQu1l1nfyK%2BmNJboAC0WdliwzcxePhRCr2LEkUSiGs2Q5mGD9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ffc4fa858b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mp.4dex.io/prebid
104.18.3.114200 OK 0 B IP 104.18.3.114:0
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1762
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:35:59 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
x-warn: Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: gpt-passback
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 772ffc5af87f1c16-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.itskiddien.club/?rb=M_-WJL8eQrI7R4QIE1o4VjBypH7VuCCOnWb5wGulc8qmUaYPL8r-zKab9gdy80E-pPhWLwLx_q8nWKDDnsbFQZ7crWGiR-K3EbNX85vW4VUh0TjwutdQDCn9VIaVUs7z2CS8avHsdwrgMI0Eqb0s48PlHnpUZAo_NUuVLovD-q92ZxxFHYCGmP-PaD1kfbEHs1urlx_hyQHPiMApFG1vDOK-lz52Md66FCUAsh10DgKtyuSielcvQA%3D%3D&request_ab2=96003&zoneid=5290228&js_build=iclick-v1.457.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=2&pl=https%3A%2F%2Fwww.dramacool9.co%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.457.0&bs=040ec744-1d2f-4fbe-9606-bc1fb53650c7&userId=74727c1ee4f347b18d0f6fd1cd8bf93c&m=link
139.45.197.236200 OK 0 B URL HTTP/2 cdn.itskiddien.club/?rb=M_-WJL8eQrI7R4QIE1o4VjBypH7VuCCOnWb5wGulc8qmUaYPL8r-zKab9gdy80E-pPhWLwLx_q8nWKDDnsbFQZ7crWGiR-K3EbNX85vW4VUh0TjwutdQDCn9VIaVUs7z2CS8avHsdwrgMI0Eqb0s48PlHnpUZAo_NUuVLovD-q92ZxxFHYCGmP-PaD1kfbEHs1urlx_hyQHPiMApFG1vDOK-lz52Md66FCUAsh10DgKtyuSielcvQA%3D%3D&request_ab2=96003&zoneid=5290228&js_build=iclick-v1.457.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=2&pl=https%3A%2F%2Fwww.dramacool9.co%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.457.0&bs=040ec744-1d2f-4fbe-9606-bc1fb53650c7&userId=74727c1ee4f347b18d0f6fd1cd8bf93c&m=link
IP 139.45.197.236:0
GET /?rb=M_-WJL8eQrI7R4QIE1o4VjBypH7VuCCOnWb5wGulc8qmUaYPL8r-zKab9gdy80E-pPhWLwLx_q8nWKDDnsbFQZ7crWGiR-K3EbNX85vW4VUh0TjwutdQDCn9VIaVUs7z2CS8avHsdwrgMI0Eqb0s48PlHnpUZAo_NUuVLovD-q92ZxxFHYCGmP-PaD1kfbEHs1urlx_hyQHPiMApFG1vDOK-lz52Md66FCUAsh10DgKtyuSielcvQA%3D%3D&request_ab2=96003&zoneid=5290228&js_build=iclick-v1.457.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=2&pl=https%3A%2F%2Fwww.dramacool9.co%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.457.0&bs=040ec744-1d2f-4fbe-9606-bc1fb53650c7&userId=74727c1ee4f347b18d0f6fd1cd8bf93c&m=link HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Cookie: OAID=5dcdc0ef204f46bea9cbf9600ca7fa46; oaidts=1669941359
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 00:36:00 GMT
content-type: application/json
x-trace-id: f8589329008fa70dfaa43b8292e6d9e1
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=74727c1ee4f347b18d0f6fd1cd8bf93c; expires=Sat, 02 Dec 2023 00:36:00 GMT; path=/; secure; SameSite=None
oaidts=1669941360; expires=Sat, 02 Dec 2023 00:36:00 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 09 Dec 2022 00:36:00 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
api.purpleads.io/x/v/?ts=1669941358879
52.204.242.76200 OK 0 B URL HTTP/2 api.purpleads.io/x/v/?ts=1669941358879
IP 52.204.242.76:0
GET /x/v/?ts=1669941358879 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Content-Type: application/json
x-purpleads-version: 2.0.21
x-request-url: aHR0cHM6Ly93d3cuZHJhbWFjb29sOS5jby8=
Authorization: Bearer e870d9c685526361f0dfe0dbe722da83:78486cdd6d81b9a12ffc06178d32ba7ebbe9fa8e26f91bcddf2adadd02adf65ae34cdfe77754097fa2c7d26474961f11c0299b6f98c1e66eacc3320c8202d711
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:00 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id: 05d34431-9ab3-470d-b2cb-dca987d0ad86
etag: W/"52c-wL+9/u2QRhFoBSfgRHa6C+Gt8nI"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
IP 142.250.74.106:0
GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 00:36:02 GMT
date: Fri, 02 Dec 2022 00:36:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget.fr.eu.criteo.com/dis/dis.aspx?pu=184677&cb=63894870994f3dfefc0fc05814d0e682
178.250.0.163200 OK 0 B URL HTTP/2 widget.fr.eu.criteo.com/dis/dis.aspx?pu=184677&cb=63894870994f3dfefc0fc05814d0e682
IP 178.250.0.163:0
GET /dis/dis.aspx?pu=184677&cb=63894870994f3dfefc0fc05814d0e682 HTTP/1.1
Host: widget.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:01 GMT
content-type: text/html
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
timing-allow-origin: *
server-processing-duration-in-ticks: 490028
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.dramacool9.co%2F&domain=www.dramacool9.co&gdprString=CPjXNRTPjXNRTBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.dramacool9.co%2F&domain=www.dramacool9.co&gdprString=CPjXNRTPjXNRTBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cw=1&lsw=1
IP 178.250.0.157:0
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.dramacool9.co%2F&domain=www.dramacool9.co&gdprString=CPjXNRTPjXNRTBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 00:36:05 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.dramacool9.co
server-processing-duration-in-ticks: 629470
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2