www.dramacool9.co/200-pounds-beauty-episode-1/
104.21.51.232301 Moved Permanently 0 B URL HTTP/1.1 www.dramacool9.co/200-pounds-beauty-episode-1/
IP 104.21.51.232:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /200-pounds-beauty-episode-1/ HTTP/1.1
Host: www.dramacool9.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Dec 2022 11:13:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 04 Dec 2022 12:13:52 GMT
Location: https://www.dramacool9.co/200-pounds-beauty-episode-1/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRsN4M2UVc2cGpkcQ2EIsJNuZNjMe2pmN79m%2F8Z3pFRWGo1yiFBgpi7C9LUO72eGL5eWyV%2F9Y5aKma7XggsiBHzwuTJy19F7a4Iv3J33%2FfgCnMhs2heZ4JbBVDVysxjj4bxS2g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77441d815b4cb524-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10737
Expires: Sun, 04 Dec 2022 14:12:50 GMT
Date: Sun, 04 Dec 2022 11:13:53 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 735
Cache-Control: max-age=170979
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:13:53 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 10:43:32 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5679
Expires: Sun, 04 Dec 2022 12:48:32 GMT
Date: Sun, 04 Dec 2022 11:13:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 10:20:05 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3228
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 3I4801bxtqHaDTmrwiPomRY7Jv/GElD5NiUdmmyh/H11YiMFoo8Au5Hq55fRg3q1pHYny7+AwG0=
x-amz-request-id: ZHXKBC41ZSG8E836
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 10:46:57 GMT
age: 1616
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b0e66bc913adc0d7e5c2cdc557ae03d0
3d98588f1d9dd70061e64fb4c3458007e4c481f4
a9f56375b2b2d4d78bbf77605b696e365f436bde7a6ba9e5b11dcd46f7749766
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 565
Cache-Control: max-age=99155
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:13:53 GMT
Etag: "638b5f0f-117"
Expires: Mon, 05 Dec 2022 14:46:28 GMT
Last-Modified: Sat, 03 Dec 2022 14:37:03 GMT
Server: ECS (amb/6B8A)
X-Cache: HIT
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:13:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b0e66bc913adc0d7e5c2cdc557ae03d0
3d98588f1d9dd70061e64fb4c3458007e4c481f4
a9f56375b2b2d4d78bbf77605b696e365f436bde7a6ba9e5b11dcd46f7749766
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 565
Cache-Control: max-age=99155
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:13:53 GMT
Etag: "638b5f0f-117"
Expires: Mon, 05 Dec 2022 14:46:28 GMT
Last-Modified: Sat, 03 Dec 2022 14:37:03 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
cdnjs.cloudflare.com/ajax/libs/jquery_lazyload/1.9.7/jquery.lazyload.min.js?ver=1
104.17.24.14200 OK 1.1 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery_lazyload/1.9.7/jquery.lazyload.min.js?ver=1
IP 104.17.24.14:0
File type ASCII text, with very long lines (3309)
Hash edf1dd25b1ab3d24fbf2444b4061838c
e59cb30ed49d56313ee1f770f6784f5faaa1199f
c31915d8a610a15ca29180348abb37bdaff9d8bde76f13c0e78bc841e633c06e
GET /ajax/libs/jquery_lazyload/1.9.7/jquery.lazyload.min.js?ver=1 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 1120
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-d35"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2740508
expires: Fri, 24 Nov 2023 11:13:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUNkwCLXtsNhxpTUEFbiXd0Hiicl4%2BPeHthNNkE1qYJPxT515SuJXz1kuTaw8B%2FjLE9uoN9o5FMaiZiKyHii7ZCblRdNTKzu5BvrPIA5vfrnry6wXnHdEPtCkCk3ra23Sxdc%2FQV0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77441d8548e5b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 3.6 kB IP 142.250.74.131:0
Hash 6a29d783a890a72a54a54d79a51596cc
de68d084cb9efa14898becb925ef1b3635d4ed71
f149409b962dcb251183439bde51c7756c438dd5b1f1a855053a5d78984f6e6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:13:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ce6fdd689fc6f44d85974e3f743331c1
8d41c076d277bc267ed4b1cab0389949cc72590e
26c86c66e3854454b5e0a34a0fa0b7d4605d0b7ca459053c2b0a5879dd8cf550
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26C86C66E3854454B5E0A34A0FA0B7D4605D0B7CA459053C2B0A5879DD8CF550"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4156
Expires: Sun, 04 Dec 2022 12:23:09 GMT
Date: Sun, 04 Dec 2022 11:13:53 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=UA-131447009-1
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-131447009-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash 293970ebf83b59cd594b286418eebdb4
35da184a093a3f47698351de458a9c83f6ddd031
3a84e0a38ba0172d119666beb1b65a4b1532f4380368bb96ec2b10f0b3707b78
GET /gtag/js?id=UA-131447009-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 11:13:53 GMT
expires: Sun, 04 Dec 2022 11:13:53 GMT
cache-control: private, max-age=900
last-modified: Sun, 04 Dec 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43633
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:13:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.purpleads.io/agent.js?publisherId=b2ceb012c83b9a7144bd1478208f267a:9ab0b065d3810b2fd9aeb6065b8ee85871db6fe4c4ad32f49fd0fc672f69e09f3081599e2f6e24b5210a9db2e188856bcf18a03638f2ecaa4014d5b7915c430d
143.204.55.90200 OK 14 kB URL HTTP/2 cdn.purpleads.io/agent.js?publisherId=b2ceb012c83b9a7144bd1478208f267a:9ab0b065d3810b2fd9aeb6065b8ee85871db6fe4c4ad32f49fd0fc672f69e09f3081599e2f6e24b5210a9db2e188856bcf18a03638f2ecaa4014d5b7915c430d
IP 143.204.55.90:0
File type Unicode text, UTF-8 text, with very long lines (55480), with no line terminators
Hash a3bfc94d9e4a8dd2d5b78ad5fa404ae5
e217a54a2287525807532aef1ad9aaff2bba5be1
a2abcf9d6141c7aa9c628e99def49a14b3532ec215015822cdb348cb82da186c
GET /agent.js?publisherId=b2ceb012c83b9a7144bd1478208f267a:9ab0b065d3810b2fd9aeb6065b8ee85871db6fe4c4ad32f49fd0fc672f69e09f3081599e2f6e24b5210a9db2e188856bcf18a03638f2ecaa4014d5b7915c430d HTTP/1.1
Host: cdn.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 13848
last-modified: Thu, 24 Nov 2022 08:42:09 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Sun, 04 Dec 2022 01:22:54 GMT
etag: "a3bfc94d9e4a8dd2d5b78ad5fa404ae5"
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pfKBrkwX0b-WQcXIUrt6yJtasvbbytDQe8-hPoBLm92sWMbotJP87A==
age: 35460
X-Firefox-Spdy: h2
imp9.bidgear.com/rec?t=1&z=3133&uuid=e2b5b89f69c8462fae8811f58dbc5996&p=61&g=NO&token=4a44335432&tbg=1670152433
172.67.74.36200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=3133&uuid=e2b5b89f69c8462fae8811f58dbc5996&p=61&g=NO&token=4a44335432&tbg=1670152433
IP 172.67.74.36:0
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=3133&uuid=e2b5b89f69c8462fae8811f58dbc5996&p=61&g=NO&token=4a44335432&tbg=1670152433 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:53 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HyAqGrlR1IwdQxhajsuh30AOE285tTTAX1z%2Bx1GQ9e61V%2F61YtChZ9%2FPYZ6cuyem%2FQSNbLO0XW%2FmHUhS4zlvDMoSBtTkDnYKxwN5L58I%2BXUdHwGbiCt5xb%2BiNVW391Smbak%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d865958b521-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cf3f9cc3fe76c56952b1fda81a9b713c
fe58be1351042c3494ba80703e46e1cd2aed218a
d5b3bff1f35639096fa01c5d941adc3e79ca6a54fe433070c9e6cfce3a0d0a27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D5B3BFF1F35639096FA01C5D941ADC3E79CA6A54FE433070C9E6CFCE3A0D0A27"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2255
Expires: Sun, 04 Dec 2022 11:51:28 GMT
Date: Sun, 04 Dec 2022 11:13:53 GMT
Connection: keep-alive
imp9.bidgear.com/rec?t=1&z=6833&uuid=417fd40c34dc4d389e5eb2684c72a0f4&p=47&g=NO&token=4a44335432&tbg=1670152433
172.67.74.36200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=6833&uuid=417fd40c34dc4d389e5eb2684c72a0f4&p=47&g=NO&token=4a44335432&tbg=1670152433
IP 172.67.74.36:0
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=6833&uuid=417fd40c34dc4d389e5eb2684c72a0f4&p=47&g=NO&token=4a44335432&tbg=1670152433 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:53 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZAox%2FB4rdF6VMyiiWqPRAvGDTGG2CjxxsyLm9f6nW5wmf3tDB%2F7z2BIIrUYpDRsy1Eggi57LYDRN1sexUtLOMtJN7N9824Ism77mgzXWWTOEbR77d8nX0Hw5fSr4DQlaLNQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d865957b521-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cf26b38d90886fa48e5996ba1d21f66a
7dac6797732d0578e105613617efc4a97b554626
e362cdb0dbe793286986518e22028b25a934b27c5527b1cfb702535574a1e349
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E362CDB0DBE793286986518E22028B25A934B27C5527B1CFB702535574A1E349"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10957
Expires: Sun, 04 Dec 2022 14:16:30 GMT
Date: Sun, 04 Dec 2022 11:13:53 GMT
Connection: keep-alive
cenaclesuccoth.com/1clkn/16782
172.255.6.58200 OK 26 B URL HTTP/1.1 cenaclesuccoth.com/1clkn/16782
IP 172.255.6.58:0
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
GET /1clkn/16782 HTTP/1.1
Host: cenaclesuccoth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 11:13:53 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Mon, 05-Dec-2022 11:13:53 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Mon, 05-Dec-2022 11:13:53 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 11:08:58 GMT
cache-control: public,max-age=3600
age: 295
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
vd.scapemambu.com/tYPk4HtKSy6E/16260
172.255.6.222200 OK 25 B URL HTTP/1.1 vd.scapemambu.com/tYPk4HtKSy6E/16260
IP 172.255.6.222:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tYPk4HtKSy6E/16260 HTTP/1.1
Host: vd.scapemambu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 11:13:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.dramacool9.co
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Mon, 05-Dec-2022 11:13:53 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Mon, 05-Dec-2022 11:13:53 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
js.wpadmngr.com/npc/sdk/wp-banners.js
45.133.44.24200 OK 12 kB URL HTTP/2 js.wpadmngr.com/npc/sdk/wp-banners.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash 4734a68a92a11b66c3b927f084fef697
3dc6166d336167fa296c029699c5db1f1ae85a23
d8bcb739f0124c52cf26dccc319b3aa5a7a51aa8ca1ce5a7363b55adff29a6fe
GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Sun, 04 Dec 2022 11:18:53 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
imp-dsp.bidgear.com/rec?viewId=ZxTIcYxOODqH0BFgwo9e9nN09H0Lj8Hf73Unqc09ATWu7hVIFr4EK8nzIkaloJ9edYIQWazhKdw1QCwITWFQKpCtCxlreZphAGxn82pN4fB000GrA5QKxibdegn5nPDmF7kLaClHmgJqSVNs0UB001Gx3Zj7bwB001G5MAhw2oHu1O6ZPa4bRL4SNHgI3ZQzjrMGScGJZKrvkHbv9CNwrBDj0FfiTaVIp4SYpYqB000G5CWt0y3x2TH0RFmyVNHuqHApfUy9B000GGHtEKrtrnfXTgB002GB002G&token=40b99868e3&time=1670152433
172.67.74.36200 OK 1 B URL HTTP/2 imp-dsp.bidgear.com/rec?viewId=ZxTIcYxOODqH0BFgwo9e9nN09H0Lj8Hf73Unqc09ATWu7hVIFr4EK8nzIkaloJ9edYIQWazhKdw1QCwITWFQKpCtCxlreZphAGxn82pN4fB000GrA5QKxibdegn5nPDmF7kLaClHmgJqSVNs0UB001Gx3Zj7bwB001G5MAhw2oHu1O6ZPa4bRL4SNHgI3ZQzjrMGScGJZKrvkHbv9CNwrBDj0FfiTaVIp4SYpYqB000G5CWt0y3x2TH0RFmyVNHuqHApfUy9B000GGHtEKrtrnfXTgB002GB002G&token=40b99868e3&time=1670152433
IP 172.67.74.36:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
GET /rec?viewId=ZxTIcYxOODqH0BFgwo9e9nN09H0Lj8Hf73Unqc09ATWu7hVIFr4EK8nzIkaloJ9edYIQWazhKdw1QCwITWFQKpCtCxlreZphAGxn82pN4fB000GrA5QKxibdegn5nPDmF7kLaClHmgJqSVNs0UB001Gx3Zj7bwB001G5MAhw2oHu1O6ZPa4bRL4SNHgI3ZQzjrMGScGJZKrvkHbv9CNwrBDj0FfiTaVIp4SYpYqB000G5CWt0y3x2TH0RFmyVNHuqHApfUy9B000GGHtEKrtrnfXTgB002GB002G&token=40b99868e3&time=1670152433 HTTP/1.1
Host: imp-dsp.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:53 GMT
content-type: text/plain; charset=utf-8
content-length: 1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHHBXByjVRGJ7iRyiDHKk3YzP9p0mBO5SwFtwJ3k89Odgtl4weofZgKe0rilSTKYvufBgjqdT%2FiflN7rvfU6cR0wwAcbU27acgRFxxvQOHRhld8AR%2Fyv5EIDW6v0lPWXXJFc7ws%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d877ac5b521-OSL
X-Firefox-Spdy: h2
platform.bidgear.com/ads.php?domainid=2175&sizeid=2&zoneid=3133
172.67.74.36200 OK 727 B URL HTTP/2 platform.bidgear.com/ads.php?domainid=2175&sizeid=2&zoneid=3133
IP 172.67.74.36:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1449), with no line terminators
Hash 3e642c1b6356d220050f9284bf5c4f95
982b5eec8f21e66dcb153451be5edfc89d8e8b32
64d2727d007410bdccf891430b6d8a4d61fdd103e9e7799c4a74d79454d40011
GET /ads.php?domainid=2175&sizeid=2&zoneid=3133 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:53 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BYxWorbKcGh9lnTnmNnRrvID80rs6iuutlbNshNl6KGqR5P2G5kBsIWoJSywjomcmstZ2pv%2ByuRDf8VdLskhsVX0SFK2kL7tA8EC32%2BHWvprR2gVG8W6a%2Bd6BHlUvwQJDgu4mlAo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d85888bb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 722
Cache-Control: max-age=165900
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:13:53 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:18:53 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6a7a5b800a5dfec2f1cb8eeabb9a02fb
630674ccb16ab18772e31872073146eb78931a84
73f0be9aa796632bdba18671eaeef889703e9c603903ecb137a593cbbd4a02e3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73F0BE9AA796632BDBA18671EAEEF889703E9C603903ECB137A593CBBD4A02E3"
Last-Modified: Sun, 04 Dec 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11746
Expires: Sun, 04 Dec 2022 14:29:40 GMT
Date: Sun, 04 Dec 2022 11:13:54 GMT
Connection: keep-alive
cdn.purpleads.io/video-agent.js?publisherId=e870d9c685526361f0dfe0dbe722da83:78486cdd6d81b9a12ffc06178d32ba7ebbe9fa8e26f91bcddf2adadd02adf65ae34cdfe77754097fa2c7d26474961f11c0299b6f98c1e66eacc3320c8202d711
143.204.55.90200 OK 15 kB URL HTTP/2 cdn.purpleads.io/video-agent.js?publisherId=e870d9c685526361f0dfe0dbe722da83:78486cdd6d81b9a12ffc06178d32ba7ebbe9fa8e26f91bcddf2adadd02adf65ae34cdfe77754097fa2c7d26474961f11c0299b6f98c1e66eacc3320c8202d711
IP 143.204.55.90:0
File type Unicode text, UTF-8 text, with very long lines (43290), with no line terminators
Hash 7fc0d255881423d2a1fac4caa027bd71
ef65f30cc165b3359e9abae7dcabe14e624a4efc
053acf5077e8aeab1e2277c5f00d9d7936064ca2b1b77e35e25148ea32f07502
GET /video-agent.js?publisherId=e870d9c685526361f0dfe0dbe722da83:78486cdd6d81b9a12ffc06178d32ba7ebbe9fa8e26f91bcddf2adadd02adf65ae34cdfe77754097fa2c7d26474961f11c0299b6f98c1e66eacc3320c8202d711 HTTP/1.1
Host: cdn.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 14935
last-modified: Wed, 23 Nov 2022 14:06:42 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Sun, 04 Dec 2022 02:54:29 GMT
etag: "7fc0d255881423d2a1fac4caa027bd71"
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 38Pd6EXVssSkKossRMaJbuEL8qNgLkTj-OYx6gZGHXpnCOc_uBsa4A==
age: 29966
X-Firefox-Spdy: h2
imp9.bidgear.com/rec?t=1&z=5787&uuid=b1fa6c0cc24143c98e2adaf0ca14b85a&p=61&g=NO&token=4a44335432&tbg=1670152433
172.67.74.36200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=5787&uuid=b1fa6c0cc24143c98e2adaf0ca14b85a&p=61&g=NO&token=4a44335432&tbg=1670152433
IP 172.67.74.36:0
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=5787&uuid=b1fa6c0cc24143c98e2adaf0ca14b85a&p=61&g=NO&token=4a44335432&tbg=1670152433 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:54 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ab9VQGqwcbmzenjmfRRkbSg8Tufadg8nNb9PvE4tQFqUwWGQIQVpRow1pt%2B%2BMJJEU7%2FPJ6sd05GuEXPukvS4t9PZT8ZETjXsNgighGvDIweiiSX1aOkQcl3zK72XoR6B%2FYY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d88fc89b521-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1e0ea85f891db21439219b3bbe0da502
94ce994e92083118f2d755d1b38b5ba0c738893e
6b1d13666a6953e0523c6d7687b335b8b94b110b3733935b14dde4080ac80575
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B1D13666A6953E0523C6D7687B335B8B94B110B3733935B14DDE4080AC80575"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18246
Expires: Sun, 04 Dec 2022 16:18:00 GMT
Date: Sun, 04 Dec 2022 11:13:54 GMT
Connection: keep-alive
imp9.bidgear.com/rec?t=1&z=7307&uuid=1baaa8a43a9f4e3d88e01cea4ad66f1f&p=17&g=NO&token=4a44335432&tbg=1670152433
172.67.74.36200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=7307&uuid=1baaa8a43a9f4e3d88e01cea4ad66f1f&p=17&g=NO&token=4a44335432&tbg=1670152433
IP 172.67.74.36:0
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=7307&uuid=1baaa8a43a9f4e3d88e01cea4ad66f1f&p=17&g=NO&token=4a44335432&tbg=1670152433 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:54 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCOqHFBwUVw4PNcNjLLPWYbnmIJPBhESlfMuIiRfBOcCZgVuLVuYgszeqFyenS0lykpm7k1gYJpU9PEXyTVtGmgOkNVqFlpH4oqgvvhvyl1W0wLuukvthi1xWtEi2wQgMpU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d891cb9b521-OSL
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.86.38.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.86.38.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2bxoSIWtokuZo3tsB8DG7w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cJU6szd1IudN3OkaOxjscYO4+XI=
cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
205.185.216.42200 OK 86 kB URL HTTP/2 cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
IP 205.185.216.42:0
File type ASCII text, with very long lines (65020)
Hash 700d1de734b4979c4c3059b613e9d7b1
0a7d2ad10cba258cfc2e0376240852a4ae5f4012
2031fbefbf1b070dcf0ebb746438e628fdd59c7daac6952000ef9056b7294eb6
GET /prebid-video-7.22.0-2022-10-26.gz.js HTTP/1.1
Host: cdn.psdn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:54 GMT
content-encoding: gzip
content-length: 86507
content-type: application/javascript
last-modified: Wed, 26 Oct 2022 13:24:00 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "700d1de734b4979c4c3059b613e9d7b1"
cache-control: max-age=31536000
x-amz-request-id: tx0000000000001178867eb-00635934f6-34c6886a-nyc3b
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1670152434.dop002.sk1.t,1670152434.cds250.sk1.hn,1670152434.cds218.sk1.c
X-Firefox-Spdy: h2
tags.h12-media.com/load2.js
154.51.131.141200 OK 98 kB URL HTTP/2 tags.h12-media.com/load2.js
IP 154.51.131.141:0
File type HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 23a5f46fa4ce325c30a3be4a2aef0c01
ca5893e62be0bce6884ec6ba96ea657b3724dff4
3ca6aee82460751181b5037387ed29a0316eaa3cefb66262be18497fbb64fb31
GET /load2.js HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 20:29:09 GMT
accept-ranges: bytes
etag: "86b5363fc3fad81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
date: Sun, 04 Dec 2022 11:13:54 GMT
content-length: 98011
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/-vxfTfXSd1s
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/-vxfTfXSd1s
IP 142.250.74.131:0
Hash c0b16aeb8ef51d50c529c93692a8f34e
c372db50d7eb733afb39dccb1d70a657b7c9f60d
3a5de8bd0942af79fdae6bdf68aa4b11d2f6c61379e9d62bb26aac634c9db252
POST /s/gts1p5/-vxfTfXSd1s HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:13:54 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.purpleads.io/x/init?ts=1670152431459
18.205.250.251200 OK 89 B URL HTTP/2 api.purpleads.io/x/init?ts=1670152431459
IP 18.205.250.251:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0d87ef7e4d600d371efb20b85aad5249
c1ffdba7ff82c34dde36160a00417c2669dd8d3c
0922db680b6951385301ea921f64357700c286ed20d1a16beaf95ee8486d1b43
OPTIONS /x/init?ts=1670152431459 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:54 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: bec16da3-5289-4bd1-b0c2-71b08e12a19f
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b1137562d40ae0c8a5436302f51e5691
af774c2ea04a734daa7ca373caf8303d272116f4
0ef9c269d2cd40f3d1a599ed4e95efdaaa9521e8e4e821a34656e17d663b216d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0EF9C269D2CD40F3D1A599ED4E95EFDAAA9521E8E4E821A34656E17D663B216D"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16109
Expires: Sun, 04 Dec 2022 15:42:23 GMT
Date: Sun, 04 Dec 2022 11:13:54 GMT
Connection: keep-alive
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 316 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 6712326b0b01c7cf34ccd88c0667eeb6
57efcfc85e04d7b1e5ab71079da8cd55399a6700
fc7b36d22638e277002eeb00d2abe9a234ef2f2fbb64e0236ed06b98d138a4a7
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 11:13:54 GMT
Content-Type: application/ocsp-response
Content-Length: 316
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 23:02:11 GMT
Expires: Sat, 10 Dec 2022 23:02:10 GMT
Etag: "57efcfc85e04d7b1e5ab71079da8cd55399a6700"
Cache-Control: max-age=560295,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77441d89ea1d0b4d-OSL
na.nawpush.com/tags/20140?version_name=c
45.133.44.25200 OK 7.1 kB URL HTTP/2 na.nawpush.com/tags/20140?version_name=c
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash b015b2ff60acc564e0327df8889bc095
56e1518c276d7f5cccb9daa0078629c50794549b
29f8743acb2bc5e832fb69cd1bc036f8256dcb6157dea644913b872bc54fafdf
GET /tags/20140?version_name=c HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:54 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300, public
x-proxy-cache: EXPIRED
access-control-allow-origin: *
X-Firefox-Spdy: h2
ghb.adtelligent.com/geo
185.239.173.210200 OK 154 B IP 185.239.173.210:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ec65f841b5dcd74e7fbf6d72c39f8be4
a870e91242dd88bff2656674e85a819bab155c86
b5766bf1a0d74789f005f8935e4a0c88abe930f2f6df469ffe397038d955df54
GET /geo HTTP/1.1
Host: ghb.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Sun, 04 Dec 2022 11:13:53 GMT
Content-Type: application/json
Content-Length: 154
Access-Control-Allow-Origin: https://www.dramacool9.co
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
api.purpleads.io/x/b/?idx=1&pid=509a83c9da704191ac516dc694c0a62d&sizes=[[160,600],[120,600]]&slotid=e01834ec-1707-4ce6-9397-5c6d79aa5cc2&ts=1670152431838
18.205.250.251200 OK 2.0 kB URL HTTP/2 api.purpleads.io/x/b/?idx=1&pid=509a83c9da704191ac516dc694c0a62d&sizes=[[160,600],[120,600]]&slotid=e01834ec-1707-4ce6-9397-5c6d79aa5cc2&ts=1670152431838
IP 18.205.250.251:0
Hash 50c2875d837b70890ee3cd79df521110
8c82e7899ca27d52188f28960004bfa788267b2c
b6ddd43fa8f47a82d1bc2549f26692bb0abebe7c5b2a61a6c8acbbaca7b643df
GET /x/b/?idx=1&pid=509a83c9da704191ac516dc694c0a62d&sizes=[[160,600],[120,600]]&slotid=e01834ec-1707-4ce6-9397-5c6d79aa5cc2&ts=1670152431838 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Content-Type: application/json
x-purpleads-version: 2.2.13
x-request-url: aHR0cHM6Ly93d3cuZHJhbWFjb29sOS5jby8yMDAtcG91bmRzLWJlYXV0eS1lcGlzb2RlLTEv
Authorization: Bearer b2ceb012c83b9a7144bd1478208f267a:9ab0b065d3810b2fd9aeb6065b8ee85871db6fe4c4ad32f49fd0fc672f69e09f3081599e2f6e24b5210a9db2e188856bcf18a03638f2ecaa4014d5b7915c430d
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:54 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id: e78de79f-e761-4045-b0d4-07b0cbaf2c69
etag: W/"d4b-23TEN+YaDImc8ERpDj3bnHwBYrs"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
notification.tubecup.net/tags?tag_id=20140&timezone_olson=UTC&version_name=c
88.198.136.234200 OK 6.9 kB URL HTTP/2 notification.tubecup.net/tags?tag_id=20140&timezone_olson=UTC&version_name=c
IP 88.198.136.234:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with very long lines (6852), with no line terminators
Hash ca6cfb253bfb5c17f2bf1b0c8f807e06
cc7cc3086029273c7c1906cff83214e57e2ca79b
1f034ecbf88b785feddcbc592787572e7ea1b383c8ca3b26b338acdde544aa6b
GET /tags?tag_id=20140&timezone_olson=UTC&version_name=c HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 04 Dec 2022 11:13:54 GMT
content-type: application/json
content-length: 6852
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2f9e10a886a2cd0a67947425a87c9df0
d0fab34cf4609257b5fb7d35c0e8e933946ec1c6
867640c2bef650e0efd8fca1fc8796caca5509354f5d673c264b3d67bd5b5a1e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "867640C2BEF650E0EFD8FCA1FC8796CACA5509354F5D673C264B3D67BD5B5A1E"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6486
Expires: Sun, 04 Dec 2022 13:02:00 GMT
Date: Sun, 04 Dec 2022 11:13:54 GMT
Connection: keep-alive
tzegilo.com/stattag.js
104.21.84.149200 OK 5.5 kB IP 104.21.84.149:0
File type ASCII text, with very long lines (12966), with no line terminators
Hash 8d6e656b026d530a2d2a1186b46e6a01
bf1a704d693461a1f614a80597e9faba58237a44
bf46a78655c1b59d8a9026fd0f35ba4e491639dbae2026e65598a1524f477f49
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:54 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3341
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zC0M7r4kUeSJgd2pEtulnjbx375YXGGoC0DHmtxjqmbCmPS7U%2B8C93eUlzvKvv%2BcAK1Qlm4K%2FHa9nLuwsCwaf7hkwhLgHNeE7rzH0S%2B12k3A8wWNgEdbZVRDvB%2FOWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77441d8b6a2db4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8edd968aa2e15cf911ada63376af7729
c621050fc0869965f1a17a5bed6e7da1fb28f736
bfa24b0fc003dc65c8f297281c4588f28156592605b04b363465befb6df45d79
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BFA24B0FC003DC65C8F297281C4588F28156592605B04B363465BEFB6DF45D79"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14527
Expires: Sun, 04 Dec 2022 15:16:01 GMT
Date: Sun, 04 Dec 2022 11:13:54 GMT
Connection: keep-alive
fp.metricswpsh.com/fp?tag_id=20140
157.90.84.242204 No Content 0 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=20140
IP 157.90.84.242:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=20140 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Sun, 04 Dec 2022 11:13:54 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.dramacool9.co
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
cdn.psdn.xyz/prebid-7.22.0-2022-10-26.js
205.185.216.42200 OK 110 kB URL HTTP/2 cdn.psdn.xyz/prebid-7.22.0-2022-10-26.js
IP 205.185.216.42:0
File type ASCII text, with very long lines (64899)
Size 110 kB (110489 bytes)
Hash 57c01fea38b0b55be8f8695b6c4988ff
4032cfd77db4cefcc38aedac4b9bbf9f4c51639e
b9f42206a1196365d65749aa3bececd05e35895c8608e7553d358132987191f9
GET /prebid-7.22.0-2022-10-26.js HTTP/1.1
Host: cdn.psdn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:54 GMT
content-encoding: gzip
content-length: 110489
content-type: application/javascript
last-modified: Wed, 26 Oct 2022 13:07:08 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "57c01fea38b0b55be8f8695b6c4988ff"
cache-control: max-age=31536000
x-amz-request-id: tx00000000000010ab6e820-006359394f-34c5ae65-nyc3b
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1670152434.dop002.sk1.t,1670152434.cds250.sk1.hn,1670152434.cds204.sk1.c
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash e7f182bc423c8e0b694072f316dfbf3c
cea3572598e1b5c8c5249cabf5ea99e56dc7e02d
02b4ac24bfa51f27fc2e507fb5d923751a9f6566eb98f3b8255a7d05f42d85c5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 11:13:54 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 12:52:22 GMT
Expires: Thu, 08 Dec 2022 12:52:21 GMT
Etag: "cea3572598e1b5c8c5249cabf5ea99e56dc7e02d"
Cache-Control: max-age=350906,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77441d8c5b53fac4-OSL
fp.metricswpsh.com/fp?tag_id=20140
157.90.84.242200 OK 28 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=20140
IP 157.90.84.242:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text
Hash e3af49472d683a217237a6ebaf79bcb7
378db4d7e6171a2676ee15c80b4475d7f5ec9742
7714898d715fb8b1ce7a1de73e0e7c9f6394acc8a08cf1a3b342a7829d4de84a
POST /fp?tag_id=20140 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22286
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 04 Dec 2022 11:13:54 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.dramacool9.co
Set-Cookie: id=3701470397256611626; Expires=Mon, 04 Dec 2023 11:13:54 GMT; Secure; SameSite=None
Vary: Origin
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 924
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 04 Dec 2022 11:13:59 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://www.dramacool9.co
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7a1a6d0d6f9fb6292123c2bc440e9359
394cecbaa4000b8b9873604c1f15834da8e9aaec
367ad33bb7199915eefc628c1d11521206f8b0aa403b3b3caf91e126834d80d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3012
Cache-Control: max-age=101961
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:13:54 GMT
Etag: "638b6077-117"
Expires: Mon, 05 Dec 2022 15:33:15 GMT
Last-Modified: Sat, 03 Dec 2022 14:43:03 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
asianplay.pro/js/common.min.js?v=10.1.19
172.67.74.229200 OK 2.8 kB URL HTTP/2 asianplay.pro/js/common.min.js?v=10.1.19
IP 172.67.74.229:0
File type ASCII text, with very long lines (5707), with no line terminators
Hash 3c95dbde90f21ccd6670c805b055cdf4
19a1129556b69641bc4a06a42f62fbaf4862646c
8c52f18716787b5265d41bf44103c7ee3fa8e79297ae8f5ec043bbfe0d40cfe9
GET /js/common.min.js?v=10.1.19 HTTP/1.1
Host: asianplay.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://asianplay.pro/streaming.php?id=MjQxMzg=&title=200+Pounds+Beauty++episode+1&typesub=SUB
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:54 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Fri, 31 Dec 2021 07:33:23 GMT
etag: W/"61ceb243-164b"
expires: Tue, 13 Dec 2022 03:55:59 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 1840675
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFaM1L3s1grr6B8TByLNd04lRz%2FdPO9%2FR2imwkY0%2BpGKlnGKUu1rqTmDL3eQOOr16shvp6gzNkkJABeAQuw%2Fyw52J1vhgT9oZQOUOeXcX0386IG2RTzxBxBWngeiQrs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d8d3ca90b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e665c7e4e1613bb475db67c4109c1081
54b57551c13f5be31aceae725428307339dd87ae
ebc8dfacfc5652d56b52a23cc0af3d2bf9bb9d0daa25b6dc7a78d336ab202001
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBC8DFACFC5652D56B52A23CC0AF3D2BF9BB9D0DAA25B6DC7A78D336AB202001"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4913
Expires: Sun, 04 Dec 2022 12:35:47 GMT
Date: Sun, 04 Dec 2022 11:13:54 GMT
Connection: keep-alive
cdn.purpleads.io/agent.js?publisherId=428815d88ce4b7fa1620e69d589f6922:4c98cc2dc8da815382040bcb67017baa85fa0463c4f808fe01684405d98f84e8088a4b3bc684bc279c4f2f3ea91e724755a1f199a041b51fec4b55ceb6807923
143.204.55.90200 OK 14 kB URL HTTP/2 cdn.purpleads.io/agent.js?publisherId=428815d88ce4b7fa1620e69d589f6922:4c98cc2dc8da815382040bcb67017baa85fa0463c4f808fe01684405d98f84e8088a4b3bc684bc279c4f2f3ea91e724755a1f199a041b51fec4b55ceb6807923
IP 143.204.55.90:0
File type Unicode text, UTF-8 text, with very long lines (55480), with no line terminators
Hash a3bfc94d9e4a8dd2d5b78ad5fa404ae5
e217a54a2287525807532aef1ad9aaff2bba5be1
a2abcf9d6141c7aa9c628e99def49a14b3532ec215015822cdb348cb82da186c
GET /agent.js?publisherId=428815d88ce4b7fa1620e69d589f6922:4c98cc2dc8da815382040bcb67017baa85fa0463c4f808fe01684405d98f84e8088a4b3bc684bc279c4f2f3ea91e724755a1f199a041b51fec4b55ceb6807923 HTTP/1.1
Host: cdn.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 13848
last-modified: Thu, 24 Nov 2022 08:42:09 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Sun, 04 Dec 2022 01:22:54 GMT
etag: "a3bfc94d9e4a8dd2d5b78ad5fa404ae5"
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mI7F9AH-TXIQUSHgXrFqxoAdExnYfsk9BX7Poxcao15eOFxFM7gWoQ==
age: 35461
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 5eb00dc18f3495844182a1c491133420
b3c812709baca164e10c1c02faa296078df033b8
ad31cab0bffc1f3113d749bc5b525d5a478649958c47a22a4aef7dc6abd873af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5665
Cache-Control: max-age=156100
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:13:54 GMT
Etag: "638c2995-116"
Expires: Tue, 06 Dec 2022 06:35:34 GMT
Last-Modified: Sun, 04 Dec 2022 05:01:09 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 278
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 882
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
cache-control: max-age=0, private, must-revalidate
date: Sun, 04 Dec 2022 11:13:54 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2
asianplay.pro/player/css/main.css?v=10.1.19
172.67.74.229200 OK 920 B URL HTTP/2 asianplay.pro/player/css/main.css?v=10.1.19
IP 172.67.74.229:0
Hash a209d31c3de15ed53cb583c0d2e445fe
d03cdc601037fac1725035cb428fa7adbff39b34
061d11f43063f869a6b377c51539aa33a3520236b2791b3cabd61bb58806e910
GET /player/css/main.css?v=10.1.19 HTTP/1.1
Host: asianplay.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://asianplay.pro/streaming.php?id=MjQxMzg=&title=200+Pounds+Beauty++episode+1&typesub=SUB
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:54 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding
last-modified: Tue, 26 Mar 2019 10:08:11 GMT
etag: W/"5c99fa0b-797"
expires: Tue, 13 Dec 2022 03:55:59 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 1840675
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTsggm%2BF9XMEryW5%2FFuXZaFg69Uup0wWbxDTCdw%2BF146ThcSWHYfu8Cdx4xw20%2FcuJgG6MTttemEWKuvVNB7nVXEEJ89p7jNWFAHBbpJOfY2rx0oNk21EuEv7g8GNbA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d8d3ca20b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c81450d0f73df1d3d1765f90dbbe1c13
4ace2d5cdeb4fafca9c61d6149196b163e2aeb77
c9cb590684a092812dedc6ce211c83ae4de298cb78758da3c798c3cd9de68b33
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6486
Cache-Control: max-age=146835
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:13:54 GMT
Etag: "638c022f-1d7"
Expires: Tue, 06 Dec 2022 04:01:09 GMT
Last-Modified: Sun, 04 Dec 2022 02:13:03 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
my.rtmark.net/gid.js?userId=f725b9bd438a4b5b8c3927222252beef
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=f725b9bd438a4b5b8c3927222252beef
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash ee7d6932aa7a9f4ed19c6cafeb6dffb5
f4a3b18f9634408af6dacae22d5e47de673dbaa4
e8752efc73a35ce8da5445a20345729de3de6eefbcbcba6db95ff13a16920da0
GET /gid.js?userId=f725b9bd438a4b5b8c3927222252beef HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:13:54 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f725b9bd438a4b5b8c3927222252beef; expires=Mon, 04 Dec 2023 11:13:54 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a76195c327e24a6bbde147e87dd13e87
1bf2c34ddbb4ae77191c4042e508e1e20f4aabfb
710f409e159083f2c2df90b250fd12a36875c3fbbd9b53a93bdbe1a7c115293c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "710F409E159083F2C2DF90B250FD12A36875C3FBBD9B53A93BDBE1A7C115293C"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9984
Expires: Sun, 04 Dec 2022 14:00:18 GMT
Date: Sun, 04 Dec 2022 11:13:54 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4b07d4c930a55d754f759556d0515d2c
4f970ae6a343ab9d6d4cf22855b0006855770e6b
7f2d2e48a1b7998278194147366b1b5f94625903a1e3e3f1a7db9133eb76d8e6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7F2D2E48A1B7998278194147366B1B5F94625903A1E3E3F1A7DB9133EB76D8E6"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16105
Expires: Sun, 04 Dec 2022 15:42:19 GMT
Date: Sun, 04 Dec 2022 11:13:54 GMT
Connection: keep-alive
ib.adnxs.com/ut/v3/prebid
37.252.171.84200 OK 146 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.84:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b0bc1c44428af495ef881cdc963c7fbc
68725bc19183238ecd5dfcc08ed9fac588773c9b
15d5cc8f102cc9409b49c2b4536b6c0e3f5922b31ad78cc8f470782a23ef36bb
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 682
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 04 Dec 2022 11:13:54 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 146
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.dramacool9.co
AN-X-Request-Uuid: 09267e71-064a-431a-9f51-876622ff61a1
Set-Cookie: icu=ChkI8aWIARAKGAEgASgBMPKBspwGOAFAAUgBEPKBspwGGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 04-Mar-2023 11:13:54 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=4802686292990118451; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 04-Mar-2023 11:13:54 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 405
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 04 Dec 2022 11:13:54 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 04 Dec 2022 10:41:08 GMT
expires: Sun, 04 Dec 2022 12:41:08 GMT
cache-control: public, max-age=7200
age: 1966
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
script.4dex.io/adagio.js
188.114.99.234200 OK 24 kB IP 188.114.99.234:0
File type ASCII text, with very long lines (65354)
Hash ce326a4f9367ce37f30e61e7d51012b4
015c6978f4ef794249297493515202fc6259294e
a9816732e5b5541cbfe5f9d07bedd06b07a2354e597cbc34ab6bb4cd11617a8a
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:54 GMT
content-type: application/javascript
x-amz-id-2: 6PeMiMauwVpaIa7ZXWsIZE4fYPuBp4wCgfDclWCkL8EsnXeWlayXOVWt7Enwf8ldl7u/ig+6zXQ=
x-amz-request-id: JCYNYTZYG1ZDMXWB
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 22 Nov 2022 09:44:15 GMT
etag: W/"c56b6332dacf72f135afcd153ae22448"
cache-control: public, max-age=1800
cf-cache-status: HIT
age: 1041890
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qrBFNZheZO5yOvDbwvXuDcECZsrMmpHz5oLnHo69QPMiFpHJNKYpWT9IqnmbhnyPhyVKvzQ4iz%2F3dFTSnh9Tmo3nfVS5snLIbd8LK6jMI5%2BT%2BIoQ2D2cg1Zo2runOZdp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d8dca8db518-OSL
content-encoding: br
X-Firefox-Spdy: h2
api.movcloud.net/v1/count/drama/en/episode/24138
172.67.210.209200 OK 0 B URL HTTP/2 api.movcloud.net/v1/count/drama/en/episode/24138
IP 172.67.210.209:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/count/drama/en/episode/24138 HTTP/1.1
Host: api.movcloud.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://asianplay.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:54 GMT
content-type: text/javascript; charset=utf-8
content-length: 0
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGpBIbJmUhBmflD55mkBeAOjLh68ZoG3FaWWZOOnBXS%2FlGASiGHC4u1Chiq8%2B3xPWgeGqK%2BUaw%2FOe30iETDZBN5JnCRUcH5ZJEh4QW0soaJe6kcSBCRMNbAtvffgsVV1jjcJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d8dd91e1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e7c72fc6bb40fc14822eb31bec896046
a6a003ecf9e61d85c70ad49a86a561c018dee69e
b4018e88d58a8c3e831ecf88810decc51dab5c0917f3dd0fcf69190a4c02c5b5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B4018E88D58A8C3E831ECF88810DECC51DAB5C0917F3DD0FCF69190A4C02C5B5"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4266
Expires: Sun, 04 Dec 2022 12:25:00 GMT
Date: Sun, 04 Dec 2022 11:13:54 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4b07d4c930a55d754f759556d0515d2c
4f970ae6a343ab9d6d4cf22855b0006855770e6b
7f2d2e48a1b7998278194147366b1b5f94625903a1e3e3f1a7db9133eb76d8e6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7F2D2E48A1B7998278194147366B1B5F94625903A1E3E3F1A7DB9133EB76D8E6"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16105
Expires: Sun, 04 Dec 2022 15:42:19 GMT
Date: Sun, 04 Dec 2022 11:13:54 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fe86c95c6bba827b34425eecc4aa8979
2cad20def9beb272912964572bea97ec58df868e
b1163bc7a712f0a44559b6cbcb03fa4d81df094b90ca773fb80262aa7e33318a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 177
Cache-Control: max-age=140902
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:13:54 GMT
Etag: "638c03a7-1d7"
Expires: Tue, 06 Dec 2022 02:22:16 GMT
Last-Modified: Sun, 04 Dec 2022 02:19:19 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 25b6359c83340f619ebf9a7bf75be58e
1afc9e9ed1c1c57c8fd6b934489244a25612778a
3e95976d851c18179fa4bff928c3809735d71c27d131359ff839013421aa266c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=93558
Date: Sun, 04 Dec 2022 11:13:54 GMT
Etag: "638b488c-1d7"
Expires: Mon, 05 Dec 2022 13:13:12 GMT
Last-Modified: Sat, 03 Dec 2022 13:01:00 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rgD0sFAIe9XiG0buWygiD2qjQqYJKqdKfn0J75PxzFGes8nbgaq8og==
Age: 732
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash cfdb31abf3a4a7a85d5d871fdf3623bb
a6105ee3908a43ac1c84979f4379574c9a96f447
bd30f0e133f1b7c58b692c9aad70688212ecca718cf2328d9d3fc474344af560
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4967
Cache-Control: max-age=153208
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:13:54 GMT
Etag: "638c2103-116"
Expires: Tue, 06 Dec 2022 05:47:22 GMT
Last-Modified: Sun, 04 Dec 2022 04:24:35 GMT
Server: ECS (amb/6BA6)
X-Cache: HIT
Content-Length: 278
imasdk.googleapis.com/js/sdkloader/ima3.js
216.58.211.10200 OK 127 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP 216.58.211.10:0
File type ASCII text, with very long lines (2791)
Size 127 kB (126620 bytes)
Hash f641dae66d812e803cbfc91d689e2ea8
96372a7ba661528d13bc774536d04ab3e03b82d6
e78b718ac77697fbb92e88ac394141adc4e016830eb04d53279238cbcd65435b
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 126620
date: Sun, 04 Dec 2022 11:13:54 GMT
expires: Sun, 04 Dec 2022 11:13:54 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
b1h-euc1.zemanta.com/api/bidder/prebid/bid/
213.227.153.221204 No Content 0 B URL HTTP/1.1 b1h-euc1.zemanta.com/api/bidder/prebid/bid/
IP 213.227.153.221:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/bidder/prebid/bid/ HTTP/1.1
Host: b1h-euc1.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 475
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.dramacool9.co
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:13:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 4189c580836a796b5399df0a0e61bb4f
3c11d27a75945c71dd8ae2599ba77074730875b2
58be7a8e3c0f2a41104797acf5b334d144d7567f32fe4e2e871740237bdb84fd
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=98024
Date: Sun, 04 Dec 2022 11:13:55 GMT
Etag: "638b5c21-1d7"
Expires: Mon, 05 Dec 2022 14:27:39 GMT
Last-Modified: Sat, 03 Dec 2022 14:24:33 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: K3dEeiPVUs498_st91PJ229uhHe2L1kul6uRhB1_63lcG1A6I7RH0g==
Age: 186
tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&tmax=3000
3.121.20.22200 OK 19 B URL HTTP/2 tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&tmax=3000
IP 3.121.20.22:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a548f7b55db665b1df71a33a2bee47a7
4f88e5b6a18226d7207f1458b0b83e428dbf9898
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
POST /header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&tmax=3000 HTTP/1.1
Host: tlx.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 374
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:55 GMT
content-type: application/json; charset=utf-8
content-length: 19
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
pragma: no-cache
x-xss-protection: 0
accept-ch: sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash f1dacaaa678dfa6d22420a8b46047d44
8b80f47f01cc0714a47ff3d734b6bce89756ec26
6533e522fdc5ac5af0079b6c4599cee64810a54671c9e4c49f8a79597b57926e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 11:13:55 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 18:34:07 GMT
Expires: Fri, 09 Dec 2022 18:34:06 GMT
Etag: "8b80f47f01cc0714a47ff3d734b6bce89756ec26"
Cache-Control: max-age=457810,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77441d8e1c89fac4-OSL
asianplay.pro/streaming.php?id=MjQxMzg=&title=200+Pounds+Beauty++episode+1&typesub=SUB
172.67.74.229200 OK 24 kB URL HTTP/2 asianplay.pro/streaming.php?id=MjQxMzg=&title=200+Pounds+Beauty++episode+1&typesub=SUB
IP 172.67.74.229:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (55012)
Hash 6fa272c3697ace349e26d092d636c4a4
77d61b7ae05d4e9f7fde1c76e36495ffaee31453
6fdea8b4639ab2eb7dd44866fa3cf8285cb5b0d114c6b86a60c0b3de2a46991c
GET /streaming.php?id=MjQxMzg=&title=200+Pounds+Beauty++episode+1&typesub=SUB HTTP/1.1
Host: asianplay.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
x-powered-by: PHP/5.6.13
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NFoFT8oU%2Fs6DXaxnNBYWrFIivQboe63kfq6H20VXNkXcCsGrsz4QaLEULbvSp3hlhUDHaKBhzFcGeylsSzs3rnbrsxJGoUl8%2BU4w4qTQHboiHY7T7jhpHiyNo8mT9Ko%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d8a9a8a0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11299
Expires: Sun, 04 Dec 2022 14:22:14 GMT
Date: Sun, 04 Dec 2022 11:13:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11299
Expires: Sun, 04 Dec 2022 14:22:14 GMT
Date: Sun, 04 Dec 2022 11:13:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11299
Expires: Sun, 04 Dec 2022 14:22:14 GMT
Date: Sun, 04 Dec 2022 11:13:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11299
Expires: Sun, 04 Dec 2022 14:22:14 GMT
Date: Sun, 04 Dec 2022 11:13:55 GMT
Connection: keep-alive
www.statcounter.com/counter/counter.js
104.20.218.77200 OK 23 kB URL HTTP/2 www.statcounter.com/counter/counter.js
IP 104.20.218.77:0
File type ASCII text, with very long lines (43632), with no line terminators
Hash 3591bb65950a84f1e51d43647e6ecb8e
6cae8ace226a3e4960bfee60f3883b785dffdee8
e6754cfbd33d8891e7137c2db6c9cd4f434366ef4c590421e8dc6029015e5755
GET /counter/counter.js HTTP/1.1
Host: www.statcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 01 Dec 2022 18:49:39 GMT
etag: W/"6388f743-aa70"
expires: Sun, 04 Dec 2022 22:49:11 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 1484
server: cloudflare
cf-ray: 77441d8f7db20b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6e7b32ac999cf3c899a234c621fa91a
fc5d4f3163ebb9faf85968cbb1d194e8e68418be
f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 48234
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vNP2rQwmWTntetjJyjonO8N_YOBqvQuZUm42BWX7c1GoX7jASOIpCg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:49:42 GMT
age: 48253
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KHd4ajJWl-8TDH5HGbkuJXI4NL6I83IwSUBKzfq85cxpyRH_LGl6OA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 05:55:20 GMT
age: 19115
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ledrapti.net/5/5256424
139.45.197.238200 OK 34 kB IP 139.45.197.238:0
Hash be136768e41ca5bbf302a54911b4bb63
a34847d5b5a8a2335c507f534ec7b7ebca05fe69
6b95b98b05216e080547048f944bd9d6d6a290826789c50d911ba5a7903bc231
Analyzer Verdict Alert quad9 Sinkholed
GET /5/5256424 HTTP/1.1
Host: ledrapti.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://asianplay.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:13:54 GMT
content-type: application/javascript
x-trace-id: 71d17fb5ca7cc9d41cbd7f34d0c67417
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=115501b526384011a4a79932491ce319; expires=Mon, 04 Dec 2023 11:13:54 GMT; path=/; secure; SameSite=None
oaidts=1670152434; expires=Mon, 04 Dec 2023 11:13:54 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 48594
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=d2ri297262ct707738943l4u4egvi980
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=d2ri297262ct707738943l4u4egvi980
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash ee7d6932aa7a9f4ed19c6cafeb6dffb5
f4a3b18f9634408af6dacae22d5e47de673dbaa4
e8752efc73a35ce8da5445a20345729de3de6eefbcbcba6db95ff13a16920da0
GET /gid.js?userId=d2ri297262ct707738943l4u4egvi980 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Cookie: ID=f725b9bd438a4b5b8c3927222252beef
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:13:55 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f725b9bd438a4b5b8c3927222252beef; expires=Mon, 04 Dec 2023 11:13:55 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
cdn.uponelectabuzzor.club/9?z=5305455&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=d2ri297262ct707738943l4u4egvi980
139.45.197.239204 No Content 0 B URL HTTP/2 cdn.uponelectabuzzor.club/9?z=5305455&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=d2ri297262ct707738943l4u4egvi980
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /9?z=5305455&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=d2ri297262ct707738943l4u4egvi980 HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 04 Dec 2022 11:13:55 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
asianplay.pro/video/img/bg/icon.png
172.67.74.229200 OK 20 kB URL HTTP/2 asianplay.pro/video/img/bg/icon.png
IP 172.67.74.229:0
File type PNG image data, 29 x 21, 8-bit/color RGBA, non-interlaced\012- data
Hash f7073693ae0abee71dcbe6b4683d15a0
1f6ee14fc2bfe7184568aac31ef9d247b6ffbdde
43e1a200a6912f591d8e5a05adbe01193487924bda0efaa94d8cf29ecb302609
GET /video/img/bg/icon.png HTTP/1.1
Host: asianplay.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://asianplay.pro/streaming.php?id=MjQxMzg=&title=200+Pounds+Beauty++episode+1&typesub=SUB
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:56 GMT
content-type: image/png
content-length: 19864
last-modified: Wed, 27 Mar 2019 09:55:49 GMT
etag: "5c9b48a5-4d98"
expires: Tue, 13 Dec 2022 03:56:01 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 1840675
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDznah4zTZu4zvPCZgSlt4HHMuG1Dmu0V1JzlvKnBmaUlqhijIIznmUOJX18%2F0MI%2FIUMubo7CoGOMhZajgJqGaKqHgjkcN91LJymwdCdBHzrtu1OOrc3zV2vZMy%2F1UQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77441d950b4b0b4d-OSL
X-Firefox-Spdy: h2
asianplay.pro/ajax/user/panel
172.67.74.229404 Not Found 15 B URL HTTP/2 asianplay.pro/ajax/user/panel
IP 172.67.74.229:0
Hash 6fd1454930a4d15ece9ad1aa0c150cd4
fc6cb6915bdb63620dd8761122a0a40a6e4a2e83
1341a495d025c647ea3886eaab451e2ecae925beb78a2b471fda795128ba44ee
GET /ajax/user/panel HTTP/1.1
Host: asianplay.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://asianplay.pro/streaming.php?id=MjQxMzg=&title=200+Pounds+Beauty++episode+1&typesub=SUB
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sun, 04 Dec 2022 11:13:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
x-powered-by: PHP/5.6.13
set-cookie: tvshow=gjilup0pkc5p1rgu1vvnahbub2; path=/
token=638c80f3dabcb; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UxBqVD6UrQB0P0dEoqM5hAfL73ngZsMR7%2BwAsQfw0iUcC%2FwdA7cPfRNR%2BxcA%2FFeDMGgngjh4r6KuGVXnEZLZWWCpRmSsoxvFnxNpvGIxzSEbLdaLhcBhGeC64O4UUhk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d93b9d60b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=115501b526384011a4a79932491ce319
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=115501b526384011a4a79932491ce319
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash ee7d6932aa7a9f4ed19c6cafeb6dffb5
f4a3b18f9634408af6dacae22d5e47de673dbaa4
e8752efc73a35ce8da5445a20345729de3de6eefbcbcba6db95ff13a16920da0
GET /gid.js?userId=115501b526384011a4a79932491ce319 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://asianplay.pro
Connection: keep-alive
Referer: https://asianplay.pro/
Cookie: ID=f725b9bd438a4b5b8c3927222252beef
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:13:56 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://asianplay.pro
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f725b9bd438a4b5b8c3927222252beef; expires=Mon, 04 Dec 2023 11:13:56 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
pbjs.e-planning.net/hb/1/2e112/1/www.dramacool9.co/ROS?ct=1&r=pbjs&rnd=0.5303941768591557&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F
185.172.90.251200 OK 63 B URL HTTP/2 pbjs.e-planning.net/hb/1/2e112/1/www.dramacool9.co/ROS?ct=1&r=pbjs&rnd=0.5303941768591557&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F
IP 185.172.90.251:0
ASN #49981 WorldStream B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 1402193b58742b17381267a551bcca6c
c981ca11292bb8cff8c38638345d6cd41897a6bf
2b9e601bcafa74f7d1ce6290f0cec9b116a805c7751fea529b96dd4259daf227
GET /hb/1/2e112/1/www.dramacool9.co/ROS?ct=1&r=pbjs&rnd=0.5303941768591557&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F HTTP/1.1
Host: pbjs.e-planning.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Content-Type: text/plain
Referer: https://www.dramacool9.co/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sun, 04 Dec 2022 11:13:56 GMT
content-type: application/json
expires: Sun, 04 Dec 2022 11:13:56 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
cache-control: max-age=0, no-cache
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-length: 63
x-sid: AMS-928
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3dbef80fd126501d1ef1f55293374279
f0609885c248d1b0f57556f768d6e32c67513428
0b294e0e34dfc616c2138c2d3c590b1552a1aedc894047748cfba9d1810ca14d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0B294E0E34DFC616C2138C2D3C590B1552A1AEDC894047748CFBA9D1810CA14D"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14633
Expires: Sun, 04 Dec 2022 15:17:49 GMT
Date: Sun, 04 Dec 2022 11:13:56 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e9c4b5007443fb37b8756927ad097cf6
85304630b4f6944798d019d1cf05eed5806bdc49
d7fddec211abb47b16f42648e3bd1afa74089c425352edfb7e5dfae8788202da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4511
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:13:56 GMT
Last-Modified: Sun, 04 Dec 2022 09:58:45 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e9c4b5007443fb37b8756927ad097cf6
85304630b4f6944798d019d1cf05eed5806bdc49
d7fddec211abb47b16f42648e3bd1afa74089c425352edfb7e5dfae8788202da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4055
Cache-Control: max-age=118499
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:13:56 GMT
Etag: "638b9d00-118"
Expires: Mon, 05 Dec 2022 20:08:55 GMT
Last-Modified: Sat, 03 Dec 2022 19:01:20 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280
goomaphy.com/500/5287605?excludes=&oaid=d2ri297262ct707738943l4u4egvi980&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 goomaphy.com/500/5287605?excludes=&oaid=d2ri297262ct707738943l4u4egvi980&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5287605?excludes=&oaid=d2ri297262ct707738943l4u4egvi980&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:13:56 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
asianplay.pro/streaming.php?id=MjQxMzg=&title=200+Pounds+Beauty++episode+1&typesub=SUB
172.67.74.229200 OK 0 B URL HTTP/2 asianplay.pro/streaming.php?id=MjQxMzg=&title=200+Pounds+Beauty++episode+1&typesub=SUB
IP 172.67.74.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /streaming.php?id=MjQxMzg=&title=200+Pounds+Beauty++episode+1&typesub=SUB HTTP/1.1
Host: asianplay.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://asianplay.pro/streaming.php?id=MjQxMzg=&title=200+Pounds+Beauty++episode+1&typesub=SUB
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:56 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
x-powered-by: PHP/5.6.13
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAd2HRMaI%2BT6PbNUkkYeQ%2BlQxmiwUx2QqsUqnM9qMMjixb1Ijv6vUfY%2FlTUImki%2BCj9rdQ4JTNyiavg%2FGoRrQamPVzIwIJlzNk%2BaCYvsJtzXd9Uo4ihHPY%2FcX9TrKF8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d946a9f0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e9c4b5007443fb37b8756927ad097cf6
85304630b4f6944798d019d1cf05eed5806bdc49
d7fddec211abb47b16f42648e3bd1afa74089c425352edfb7e5dfae8788202da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4511
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:13:56 GMT
Last-Modified: Sun, 04 Dec 2022 09:58:45 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280
goomaphy.com/500/5287605?excludes=&oaid=d2ri297262ct707738943l4u4egvi980&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 1.6 kB URL HTTP/2 goomaphy.com/500/5287605?excludes=&oaid=d2ri297262ct707738943l4u4egvi980&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash 5af458599f3f0cfe79eb410e098927f0
7ff5f5b601ee9700b2cfcbed16355382f8181dff
2c033503d0c5006f79a49e4bb0cecffb23a503c7dc9bc67001d19a06640d8d63
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5287605?excludes=&oaid=d2ri297262ct707738943l4u4egvi980&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Cookie: OAID=5d52d3133d0b41c9b63885e282154e6a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:13:56 GMT
content-type: application/javascript
x-trace-id: b534353bf425daeb76a7c92eaa56dbf7
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://www.dramacool9.co
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=d2ri297262ct707738943l4u4egvi980; expires=Mon, 04 Dec 2023 11:13:56 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.itskiddien.club/?rb=blR8pSbYRwFEPDCIZ4cKMPFJpgE5_xmwZPWl0vteULLpME1XxhnP77Pbha7hR_XF9sw8ku9tHesTlHbPjp6O4RLiyHjdI3kX151XBTXromcGQehloWVdQrCQklMJpYopH7pThD3OZHDmunLzRxzvA_3aNwMEy-DH9lQFiZJXXyJgPQBJbIiXYva9JuItBlGKxp3TiEI7r5Fa7UcU-kj8OcG46OtYM8gTgRLR6dUGiEtSaBT_1v7Taw%3D%3D&request_ab2=96003&zoneid=5290228&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=3&pl=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=fc654ed3-e0aa-4688-9062-42a310eddb8d&userId=d2ri297262ct707738943l4u4egvi980&m=link
139.45.197.236200 OK 1.8 kB URL HTTP/2 cdn.itskiddien.club/?rb=blR8pSbYRwFEPDCIZ4cKMPFJpgE5_xmwZPWl0vteULLpME1XxhnP77Pbha7hR_XF9sw8ku9tHesTlHbPjp6O4RLiyHjdI3kX151XBTXromcGQehloWVdQrCQklMJpYopH7pThD3OZHDmunLzRxzvA_3aNwMEy-DH9lQFiZJXXyJgPQBJbIiXYva9JuItBlGKxp3TiEI7r5Fa7UcU-kj8OcG46OtYM8gTgRLR6dUGiEtSaBT_1v7Taw%3D%3D&request_ab2=96003&zoneid=5290228&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=3&pl=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=fc654ed3-e0aa-4688-9062-42a310eddb8d&userId=d2ri297262ct707738943l4u4egvi980&m=link
IP 139.45.197.236:0
File type JSON data\012- , ASCII text, with very long lines (2273), with no line terminators
Hash 58bcefd1125f05cdb1f48521a9a2c697
c98533cbf925f326439fb350fb73361a8b1a72e4
4de075564e7083f730ce5cf3f5367dfa9fd4096ccdbef4ab2c3d1c1746b72001
GET /?rb=blR8pSbYRwFEPDCIZ4cKMPFJpgE5_xmwZPWl0vteULLpME1XxhnP77Pbha7hR_XF9sw8ku9tHesTlHbPjp6O4RLiyHjdI3kX151XBTXromcGQehloWVdQrCQklMJpYopH7pThD3OZHDmunLzRxzvA_3aNwMEy-DH9lQFiZJXXyJgPQBJbIiXYva9JuItBlGKxp3TiEI7r5Fa7UcU-kj8OcG46OtYM8gTgRLR6dUGiEtSaBT_1v7Taw%3D%3D&request_ab2=96003&zoneid=5290228&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=3&pl=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=fc654ed3-e0aa-4688-9062-42a310eddb8d&userId=d2ri297262ct707738943l4u4egvi980&m=link HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Cookie: OAID=f725b9bd438a4b5b8c3927222252beef; oaidts=1670152434
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:13:55 GMT
content-type: application/json
x-trace-id: ca93446990fcea693438068dc902b78a
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=d2ri297262ct707738943l4u4egvi980; expires=Mon, 04 Dec 2023 11:13:55 GMT; path=/; secure; SameSite=None
oaidts=1670152435; expires=Mon, 04 Dec 2023 11:13:55 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 11 Dec 2022 11:13:55 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.itskiddien.club/apu.php?zoneid=4717013
139.45.197.236200 OK 968 B URL HTTP/2 cdn.itskiddien.club/apu.php?zoneid=4717013
IP 139.45.197.236:0
File type ASCII text, with very long lines (801)
Hash edeeba569495e64dea894464e90ec6c3
b569cf1f18915ad09d41ad68b612640cf612b949
6086ab9b2ab0d1ea6c5f72709a02493c747c31455582abba65c14dedee72723b
GET /apu.php?zoneid=4717013 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://asianplay.pro/
Cookie: OAID=d2ri297262ct707738943l4u4egvi980; oaidts=1670152435; syncedCookie=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:13:56 GMT
content-type: application/javascript
content-length: 968
x-trace-id: f45715506c5469a7bf0a1a59034b3742
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=d2ri297262ct707738943l4u4egvi980; expires=Mon, 04 Dec 2023 11:13:56 GMT; path=/; secure; SameSite=None
oaidts=1670152435; expires=Mon, 04 Dec 2023 11:13:56 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
pbjs.e-planning.net/pbjs/1/2e112/1/www.dramacool9.co/ROS?rnd=0.5303941768591557&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F
185.172.90.251302 Found 989 B URL HTTP/2 pbjs.e-planning.net/pbjs/1/2e112/1/www.dramacool9.co/ROS?rnd=0.5303941768591557&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F
IP 185.172.90.251:0
ASN #49981 WorldStream B.V.
Hash 50bd35282f11531fd5fbd3118aef3b29
d5f7da3351466784252047dc45d5bf52201900f2
4400af602373239e92992d8a652074ee1c88219e60961ff4c784eee6236c460a
GET /pbjs/1/2e112/1/www.dramacool9.co/ROS?rnd=0.5303941768591557&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F HTTP/1.1
Host: pbjs.e-planning.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Sun, 04 Dec 2022 11:13:54 GMT
content-type: text/html; charset=iso-8859-1
location: /hb/1/2e112/1/www.dramacool9.co/ROS?ct=1&r=pbjs&rnd=0.5303941768591557&e=160x600_0%3A160x600%2C120x600&ur=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F
set-cookie: CT=1; path=/; SameSite=None; Secure
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-sid: AMS-928
X-Firefox-Spdy: h2
rndskittytor.com/400/4231561
139.45.197.238200 OK 32 kB URL HTTP/2 rndskittytor.com/400/4231561
IP 139.45.197.238:0
Hash fb502a9efee18e0130e791f3de055109
e6b691181318b9e9dba7955b062df6ff0c9c47c9
bde0fd141fda66a34750c88c71d8da4ccd4b51871e6387b85eb926eace78f83e
Analyzer Verdict Alert quad9 Sinkholed
GET /400/4231561 HTTP/1.1
Host: rndskittytor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://asianplay.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:13:56 GMT
content-type: application/javascript
x-trace-id: 3a78c32af67f5726c9ff595cf876e2fb
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=76fa58edb0fb427c9f625ea591371649; expires=Mon, 04 Dec 2023 11:13:56 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
188.114.99.234304 Not Modified 0 B URL HTTP/2 script.4dex.io/localstore.js
IP 188.114.99.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 23 Nov 2022 15:43:18 GMT
If-None-Match: W/"922cffdd75f7192f75231d92684885aa"
TE: trailers
HTTP/2 304 Not Modified
date: Sun, 04 Dec 2022 11:13:56 GMT
cache-control: public, max-age=1800
etag: W/"922cffdd75f7192f75231d92684885aa"
last-modified: Wed, 23 Nov 2022 15:43:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 931365
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IX5%2BYWyHw7JpG97KJno9PNLCOxn01WSJjVf7SmchS%2BJYse8dzFZaItR8oZed6DgDajvfUjBnIOT2bI6TzNAtT2QbWAnpXcVzV%2Fa6t%2FzMlB1K2%2FoMIoeAOxT8%2FCZ05qA0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d974828b524-OSL
X-Firefox-Spdy: h2
b1h-euc1.zemanta.com/api/bidder/prebid/bid/
213.227.153.221204 No Content 0 B URL HTTP/1.1 b1h-euc1.zemanta.com/api/bidder/prebid/bid/
IP 213.227.153.221:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/bidder/prebid/bid/ HTTP/1.1
Host: b1h-euc1.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 511
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.dramacool9.co
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 922
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
cache-control: max-age=0, private, must-revalidate
date: Sun, 04 Dec 2022 11:13:56 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
pbjs.e-planning.net/pbjs/1/2e112/1/www.dramacool9.co/ROS?rnd=0.3262721431646809&e=300x250_0%3A300x250%2C200x200%2C250x250%2C300x100&ur=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F
185.172.90.251200 OK 63 B URL HTTP/2 pbjs.e-planning.net/pbjs/1/2e112/1/www.dramacool9.co/ROS?rnd=0.3262721431646809&e=300x250_0%3A300x250%2C200x200%2C250x250%2C300x100&ur=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F
IP 185.172.90.251:0
ASN #49981 WorldStream B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 5fba75fda6e891c000a3a93c1b5d43b8
a9c8857d6538a3b2119d39c202599c92b74f8102
db46f4acfbadb984528656b1eeafc627bfb86123ab0c95413c79fd1372f8632a
GET /pbjs/1/2e112/1/www.dramacool9.co/ROS?rnd=0.3262721431646809&e=300x250_0%3A300x250%2C200x200%2C250x250%2C300x100&ur=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F HTTP/1.1
Host: pbjs.e-planning.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sun, 04 Dec 2022 11:13:56 GMT
content-type: application/json
expires: Sun, 04 Dec 2022 11:13:56 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
cache-control: max-age=0, no-cache
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-length: 63
x-sid: AMS-928
X-Firefox-Spdy: h2
script.4dex.io/adagio.js
188.114.99.234304 Not Modified 0 B IP 188.114.99.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 22 Nov 2022 09:44:15 GMT
If-None-Match: W/"c56b6332dacf72f135afcd153ae22448"
TE: trailers
HTTP/2 304 Not Modified
date: Sun, 04 Dec 2022 11:13:56 GMT
x-amz-id-2: 6PeMiMauwVpaIa7ZXWsIZE4fYPuBp4wCgfDclWCkL8EsnXeWlayXOVWt7Enwf8ldl7u/ig+6zXQ=
x-amz-request-id: JCYNYTZYG1ZDMXWB
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 22 Nov 2022 09:44:15 GMT
etag: "c56b6332dacf72f135afcd153ae22448"
cache-control: public, max-age=1800
cf-cache-status: HIT
age: 1041892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pVvdWR0NIsbJK23IQ4QRGWZONRWNiCFg0GFk8WZEHYuMubhGYZ0B8m9h0dzcrwj5uMXSZkFy5yZTWL42CPqlBLtSZWZFX4Xj4fRggknkBrHarZeJmXYzIo23O644EUc9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d977e10b518-OSL
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.171.84200 OK 146 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.84:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4fc22ca47bc047881d6fc58356e9cc92
465850a8a819b3982662d5b24abfb803efce813f
e29f69c3da2bf6c1c8ede696cb6e8ce422f67ff839241981e8016f10cebb3dbf
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 736
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 04 Dec 2022 11:13:56 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 146
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.dramacool9.co
AN-X-Request-Uuid: 32cc88de-a55c-470a-a4ae-066524db024f
Set-Cookie: icu=ChkI8aWIARAKGAEgASgBMPSBspwGOAFAAUgBEPSBspwGGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 04-Mar-2023 11:13:56 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=5674370104002695905; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 04-Mar-2023 11:13:56 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
platform.pubfuture.com/v1/unit/61b31c050eed05002711813a.js?v=2
54.161.122.246200 OK 8.0 kB URL HTTP/2 platform.pubfuture.com/v1/unit/61b31c050eed05002711813a.js?v=2
IP 54.161.122.246:0
File type ASCII text, with very long lines (16471)
Hash 90bb0e75c2a9914b0fca47ae740ddf2f
6b8c3a49c6e6d1e35526b33c08778216c6f2fab8
e77920be9f8e6b52f97d1d02733f44511d160d64ffd456e0e3951f84795de04d
GET /v1/unit/61b31c050eed05002711813a.js?v=2 HTTP/1.1
Host: platform.pubfuture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:13:53 GMT
content-type: application/javascript; charset=utf-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
access-control-allow-origin: *
cache-control: public, max-age=172800
etag: W/"a3f-askd6Yi4nG7ZKRkknAR0dIc8ND8"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN, SAMEORIGIN
X-Firefox-Spdy: h2
hb.minutemedia-prebid.com/hb-mm-multi
52.45.30.42200 OK 105 B URL HTTP/2 hb.minutemedia-prebid.com/hb-mm-multi
IP 52.45.30.42:0
File type JSON data\012- , ASCII text
Hash 8e066b7f684ee99b6f7ed8d191b0bf3c
47932dfecdc21939adf49718b66c9ae2630c866f
ce8920dc5f56dacd7450e1f52f7ddc5ac93b60d6244c660a4f1dad781900874a
POST /hb-mm-multi HTTP/1.1
Host: hb.minutemedia-prebid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 940
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:56 GMT
content-type: application/json
content-length: 105
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.dramacool9.co
x-reason: gdpr is not applied
X-Firefox-Spdy: h2
tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&tmax=3000
3.121.20.22200 OK 19 B URL HTTP/2 tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&tmax=3000
IP 3.121.20.22:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a548f7b55db665b1df71a33a2bee47a7
4f88e5b6a18226d7207f1458b0b83e428dbf9898
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
POST /header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&tmax=3000 HTTP/1.1
Host: tlx.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 410
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:56 GMT
content-type: application/json; charset=utf-8
content-length: 19
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
pragma: no-cache
x-xss-protection: 0
accept-ch: sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 2a3e9c9270d5d1402700343b567d8e21
4348655937347ff19881acafd04b1277e017f19c
905ee9517e8597ac86e76b99b970f77a4fbb2500de30ef6efea97a4bbcea51d4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 11:13:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 13:33:18 GMT
Expires: Fri, 09 Dec 2022 13:33:17 GMT
Etag: "4348655937347ff19881acafd04b1277e017f19c"
Cache-Control: max-age=439760,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77441d96f9a9b52d-OSL
nanouwho.com/1?z=4408721
139.45.197.242200 OK 155 kB IP 139.45.197.242:0
File type ASCII text, with very long lines (48237)
Size 155 kB (155359 bytes)
Hash bfa1dd640c9c0bb5c5a766fda4124116
240478d2d1de990485ddaf34fe9278bd2f28c2d5
4411e9e47b11a91d9d2aa61479f740e8ccc23e6b15afc179f88e522e2b83b969
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=4408721 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://asianplay.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:13:56 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: f3e29a56fbef1a36fc14677894cb4e91
access-control-expose-headers: X-Sc
x-sc: xfkHqBk5oaOyddfGGrdSSHPC9GY2I7_jWUsmnue-d37cX3xac8ygiwotC8FvjCb8UQDXhW6QWELvv6-EdyPJnUMgKe4=
set-cookie: scm=1; expires=Mon, 04 Dec 2023 11:13:56 GMT; secure; SameSite=None
OAID=9a18d2209d634442b3b8aee42d3ee0cc; expires=Mon, 04 Dec 2023 11:13:56 GMT; secure; SameSite=None
oaidts=1670152436; expires=Mon, 04 Dec 2023 11:13:56 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
whos.amung.us/pingjs/?k=undefined
188.114.99.234200 OK 53 B URL HTTP/2 whos.amung.us/pingjs/?k=undefined
IP 188.114.99.234:0
Hash 64965d1f087494357d0d0bdd4d061ea9
a22d9a511ad84e3071f66f820d7dcb7fa7a560e9
fcd1d4e0a4f69e7594c92879bd9b86ae102d932aa878631cb8a8da21103e7fc5
GET /pingjs/?k=undefined HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://asianplay.pro
Connection: keep-alive
Referer: https://asianplay.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:56 GMT
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77441d975f4b0af6-OSL
X-Firefox-Spdy: h2
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
37.48.68.71200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 37.48.68.71:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 982
Origin: https://asianplay.pro
Connection: keep-alive
Referer: https://asianplay.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 04 Dec 2022 11:13:56 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://asianplay.pro
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
mp.4dex.io/prebid
104.18.2.114200 OK 632 B IP 104.18.2.114:0
Hash 34e8702d2e6bd8f9fdc64ce8811e430f
19a7dfbb5a21af368033f1ce43aae644d113073c
25a8067344b4232c0ff18cb30e6bbf2151c9035316bec6123b7b2767e5052685
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1818
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:56 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
x-warn: Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: gpt-passback
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77441d975fcab4fa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
35521d3f25.98a54df250.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNDg0MDA4NjQwMTQ5OTI1MDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE3LjMiLCJ0YWdfaWQiOjIwMTQwLCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjIuMzYsImlzX3YyIjoxLCJpc192Ml9lbXB0eSI6bnVsbCwidXNlcl9rZXl3b3JkcyI6IjIwMCUyQ1BvdW5kcyUyQ0JlYXV0eSUyQ0VwJTJDMSUyQyhlbmclMkNzdWIpJTJDSEQlMkNEcmFtYWNvb2wlMkNXYXRjaCUyQ2FuZCUyQ2Rvd25sb2FkJTJDMjAwJTJDUG91bmRzJTJDQmVhdXR5JTJDRXBpc29kZSUyQzElMkNmcmVlJTJDZW5nbGlzaCUyQ3N1YiUyQ2luJTJDMzYwcCUyQzcyMHAlMkMxMDgwcCUyQ0hEJTJDYXQlMkNEcmFtYWNvb2wlMkNIVE1MNSUyQ2F2YWlsYWJsZSUyQ2ZvciUyQ21vYmlsZS4lMjAifQ==
45.133.44.24200 OK 0 B URL HTTP/2 35521d3f25.98a54df250.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNDg0MDA4NjQwMTQ5OTI1MDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE3LjMiLCJ0YWdfaWQiOjIwMTQwLCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjIuMzYsImlzX3YyIjoxLCJpc192Ml9lbXB0eSI6bnVsbCwidXNlcl9rZXl3b3JkcyI6IjIwMCUyQ1BvdW5kcyUyQ0JlYXV0eSUyQ0VwJTJDMSUyQyhlbmclMkNzdWIpJTJDSEQlMkNEcmFtYWNvb2wlMkNXYXRjaCUyQ2FuZCUyQ2Rvd25sb2FkJTJDMjAwJTJDUG91bmRzJTJDQmVhdXR5JTJDRXBpc29kZSUyQzElMkNmcmVlJTJDZW5nbGlzaCUyQ3N1YiUyQ2luJTJDMzYwcCUyQzcyMHAlMkMxMDgwcCUyQ0hEJTJDYXQlMkNEcmFtYWNvb2wlMkNIVE1MNSUyQ2F2YWlsYWJsZSUyQ2ZvciUyQ21vYmlsZS4lMjAifQ==
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNDg0MDA4NjQwMTQ5OTI1MDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE3LjMiLCJ0YWdfaWQiOjIwMTQwLCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjIuMzYsImlzX3YyIjoxLCJpc192Ml9lbXB0eSI6bnVsbCwidXNlcl9rZXl3b3JkcyI6IjIwMCUyQ1BvdW5kcyUyQ0JlYXV0eSUyQ0VwJTJDMSUyQyhlbmclMkNzdWIpJTJDSEQlMkNEcmFtYWNvb2wlMkNXYXRjaCUyQ2FuZCUyQ2Rvd25sb2FkJTJDMjAwJTJDUG91bmRzJTJDQmVhdXR5JTJDRXBpc29kZSUyQzElMkNmcmVlJTJDZW5nbGlzaCUyQ3N1YiUyQ2luJTJDMzYwcCUyQzcyMHAlMkMxMDgwcCUyQ0hEJTJDYXQlMkNEcmFtYWNvb2wlMkNIVE1MNSUyQ2F2YWlsYWJsZSUyQ2ZvciUyQ21vYmlsZS4lMjAifQ== HTTP/1.1
Host: 35521d3f25.98a54df250.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:56 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=d2ri297262ct707738943l4u4egvi980
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=d2ri297262ct707738943l4u4egvi980
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash ee7d6932aa7a9f4ed19c6cafeb6dffb5
f4a3b18f9634408af6dacae22d5e47de673dbaa4
e8752efc73a35ce8da5445a20345729de3de6eefbcbcba6db95ff13a16920da0
GET /gid.js?userId=d2ri297262ct707738943l4u4egvi980 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Cookie: ID=f725b9bd438a4b5b8c3927222252beef
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:13:56 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f725b9bd438a4b5b8c3927222252beef; expires=Mon, 04 Dec 2023 11:13:56 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1531
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
cache-control: max-age=0, private, must-revalidate
date: Sun, 04 Dec 2022 11:13:56 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2
nanouwho.com/9?z=4408721&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fasianplay.pro%2Fstreaming.php%3Fid%3DMjQxMzg%3D%26title%3D200%2BPounds%2BBeauty%2B%2Bepisode%2B1%26typesub%3DSUB&wy=0&wx=0&ww=1280&wh=1024&cw=729&wiw=729&wih=410&wfc=2&sah=1002&drf=https%3A%2F%2Fwww.dramacool9.co%2F&hil=1&ist=0&oaid=f725b9bd438a4b5b8c3927222252beef
139.45.197.242204 No Content 0 B URL HTTP/2 nanouwho.com/9?z=4408721&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fasianplay.pro%2Fstreaming.php%3Fid%3DMjQxMzg%3D%26title%3D200%2BPounds%2BBeauty%2B%2Bepisode%2B1%26typesub%3DSUB&wy=0&wx=0&ww=1280&wh=1024&cw=729&wiw=729&wih=410&wfc=2&sah=1002&drf=https%3A%2F%2Fwww.dramacool9.co%2F&hil=1&ist=0&oaid=f725b9bd438a4b5b8c3927222252beef
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=4408721&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fasianplay.pro%2Fstreaming.php%3Fid%3DMjQxMzg%3D%26title%3D200%2BPounds%2BBeauty%2B%2Bepisode%2B1%26typesub%3DSUB&wy=0&wx=0&ww=1280&wh=1024&cw=729&wiw=729&wih=410&wfc=2&sah=1002&drf=https%3A%2F%2Fwww.dramacool9.co%2F&hil=1&ist=0&oaid=f725b9bd438a4b5b8c3927222252beef HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://asianplay.pro/
Origin: https://asianplay.pro
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 04 Dec 2022 11:13:56 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://asianplay.pro
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
js.cabnnr.com/banner-admanager/build.m.js
45.133.44.25200 OK 21 kB URL HTTP/2 js.cabnnr.com/banner-admanager/build.m.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash 38fc506f01f9c55860dd4519b3b95705
5ae727f754e03c62bbfd2630cd5a799bc545ed70
fc28043c5d4fb6e8b63202d72d9bf6097b9f82be7750d0f5c8aa6676a4484645
GET /banner-admanager/build.m.js HTTP/1.1
Host: js.cabnnr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:56 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 30 Nov 2022 14:18:35 GMT
etag: W/"6387663b-d063"
content-encoding: gzip
expires: Sun, 04 Dec 2022 11:18:56 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 8b129125171aa50e40f0d0e26d1a6c4e
d1376718e6dd2b03aab6f632af2438b8ae3e49b2
96b4c4d6e7843adcee8a1cda47dc0d485752afc26d633c0e97892c6040e460fd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 668
Cache-Control: max-age=86652
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:13:57 GMT
Etag: "638b2dd5-138"
Expires: Mon, 05 Dec 2022 11:18:09 GMT
Last-Modified: Sat, 03 Dec 2022 11:07:01 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 312
nanouwho.com/9?z=4408721&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fasianplay.pro%2Fstreaming.php%3Fid%3DMjQxMzg%3D%26title%3D200%2BPounds%2BBeauty%2B%2Bepisode%2B1%26typesub%3DSUB&wy=0&wx=0&ww=1280&wh=1024&cw=729&wiw=729&wih=410&wfc=2&sah=1002&drf=https%3A%2F%2Fwww.dramacool9.co%2F&hil=1&ist=0&oaid=f725b9bd438a4b5b8c3927222252beef
139.45.197.242200 OK 7 B URL HTTP/2 nanouwho.com/9?z=4408721&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fasianplay.pro%2Fstreaming.php%3Fid%3DMjQxMzg%3D%26title%3D200%2BPounds%2BBeauty%2B%2Bepisode%2B1%26typesub%3DSUB&wy=0&wx=0&ww=1280&wh=1024&cw=729&wiw=729&wih=410&wfc=2&sah=1002&drf=https%3A%2F%2Fwww.dramacool9.co%2F&hil=1&ist=0&oaid=f725b9bd438a4b5b8c3927222252beef
IP 139.45.197.242:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=4408721&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fasianplay.pro%2Fstreaming.php%3Fid%3DMjQxMzg%3D%26title%3D200%2BPounds%2BBeauty%2B%2Bepisode%2B1%26typesub%3DSUB&wy=0&wx=0&ww=1280&wh=1024&cw=729&wiw=729&wih=410&wfc=2&sah=1002&drf=https%3A%2F%2Fwww.dramacool9.co%2F&hil=1&ist=0&oaid=f725b9bd438a4b5b8c3927222252beef HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 171
Origin: https://asianplay.pro
Connection: keep-alive
Referer: https://asianplay.pro/
Cookie: scm=1; OAID=9a18d2209d634442b3b8aee42d3ee0cc; oaidts=1670152436
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:13:57 GMT
content-type: application/javascript
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: https://asianplay.pro
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: db261255096cb8a094467ac66d8c82c3
access-control-expose-headers: X-Sc
set-cookie: OAID=f725b9bd438a4b5b8c3927222252beef; expires=Mon, 04 Dec 2023 11:13:57 GMT; secure; SameSite=None
oaidts=1670152436; expires=Mon, 04 Dec 2023 11:13:57 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ledrapti.net/?rb=y6LH-wNcg4G_14-5HSVX4srPdyQNafF3-n_MSFSRalnmD9tIdyoY-z1TqgyVxKHN1hpEZn-bysmOVjusaN_Zby6vbGvRFxEeDoQzvwHoB2w0ij1Q5OIsEMV-GRvRrKbBeWRq1P4LDg11Fyk2oHrMYAEFfWIdSeXMnKSgOpVjGr82GjD1SJ5zEw-g3DTvquGkGXIEKpvmMBlaDidrb7rk5Gs8W2k4K_omJmkMJN48ZnByC1zR&request_ab2=96003&zoneid=5256424&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=729&wih=410&wiw=729&wfc=3&pl=https%3A%2F%2Fasianplay.pro%2Fstreaming.php%3Fid%3DMjQxMzg%3D%26title%3D200%2BPounds%2BBeauty%2B%2Bepisode%2B1%26typesub%3DSUB&drf=https%3A%2F%2Fwww.dramacool9.co%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.458.0&bs=5845e243-a752-4fbf-863b-e5b456c3acab&userId=f725b9bd438a4b5b8c3927222252beef&m=link
139.45.197.238200 OK 2.1 kB URL HTTP/2 ledrapti.net/?rb=y6LH-wNcg4G_14-5HSVX4srPdyQNafF3-n_MSFSRalnmD9tIdyoY-z1TqgyVxKHN1hpEZn-bysmOVjusaN_Zby6vbGvRFxEeDoQzvwHoB2w0ij1Q5OIsEMV-GRvRrKbBeWRq1P4LDg11Fyk2oHrMYAEFfWIdSeXMnKSgOpVjGr82GjD1SJ5zEw-g3DTvquGkGXIEKpvmMBlaDidrb7rk5Gs8W2k4K_omJmkMJN48ZnByC1zR&request_ab2=96003&zoneid=5256424&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=729&wih=410&wiw=729&wfc=3&pl=https%3A%2F%2Fasianplay.pro%2Fstreaming.php%3Fid%3DMjQxMzg%3D%26title%3D200%2BPounds%2BBeauty%2B%2Bepisode%2B1%26typesub%3DSUB&drf=https%3A%2F%2Fwww.dramacool9.co%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.458.0&bs=5845e243-a752-4fbf-863b-e5b456c3acab&userId=f725b9bd438a4b5b8c3927222252beef&m=link
IP 139.45.197.238:0
Hash 66ec505c033e0dfbbecff6a11357ab3f
83398afb470f9b918b1214f57502bb0a5e1bc838
65c8fd9a6546c6007432378c1d448688038fd4fb97fa5e0ab1255e1dd6b91495
Analyzer Verdict Alert quad9 Sinkholed
GET /?rb=y6LH-wNcg4G_14-5HSVX4srPdyQNafF3-n_MSFSRalnmD9tIdyoY-z1TqgyVxKHN1hpEZn-bysmOVjusaN_Zby6vbGvRFxEeDoQzvwHoB2w0ij1Q5OIsEMV-GRvRrKbBeWRq1P4LDg11Fyk2oHrMYAEFfWIdSeXMnKSgOpVjGr82GjD1SJ5zEw-g3DTvquGkGXIEKpvmMBlaDidrb7rk5Gs8W2k4K_omJmkMJN48ZnByC1zR&request_ab2=96003&zoneid=5256424&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=729&wih=410&wiw=729&wfc=3&pl=https%3A%2F%2Fasianplay.pro%2Fstreaming.php%3Fid%3DMjQxMzg%3D%26title%3D200%2BPounds%2BBeauty%2B%2Bepisode%2B1%26typesub%3DSUB&drf=https%3A%2F%2Fwww.dramacool9.co%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.458.0&bs=5845e243-a752-4fbf-863b-e5b456c3acab&userId=f725b9bd438a4b5b8c3927222252beef&m=link HTTP/1.1
Host: ledrapti.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://asianplay.pro
Connection: keep-alive
Referer: https://asianplay.pro/
Cookie: OAID=115501b526384011a4a79932491ce319; oaidts=1670152434
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:13:56 GMT
content-type: application/json
x-trace-id: a10dab2beed80b34ed4003a34153c1a1
access-control-allow-origin: https://asianplay.pro
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=f725b9bd438a4b5b8c3927222252beef; expires=Mon, 04 Dec 2023 11:13:56 GMT; path=/; secure; SameSite=None
oaidts=1670152436; expires=Mon, 04 Dec 2023 11:13:56 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 11 Dec 2022 11:13:56 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ghb.adtelligent.com/v2/auction/
185.239.173.210200 OK 1.2 kB URL HTTP/1.1 ghb.adtelligent.com/v2/auction/
IP 185.239.173.210:0
File type JSON data\012- , ASCII text, with very long lines (3414), with no line terminators
Hash 53136742d475e258c1a861c99efb8dd8
51c9694b6a8d3d07d30be75e35b6a8854bc2afb6
925b7974a3a4ba5d1ad823a6e2d8381c8f8079bac7053f2a4393dc3020ac6634
POST /v2/auction/ HTTP/1.1
Host: ghb.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 838
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Sun, 04 Dec 2022 11:13:56 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 1193
Access-Control-Allow-Origin: https://www.dramacool9.co
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Encoding: gzip
script.4dex.io/localstore.js
188.114.99.234304 Not Modified 0 B URL HTTP/2 script.4dex.io/localstore.js
IP 188.114.99.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 23 Nov 2022 15:43:18 GMT
If-None-Match: W/"922cffdd75f7192f75231d92684885aa"
TE: trailers
HTTP/2 304 Not Modified
date: Sun, 04 Dec 2022 11:13:57 GMT
cache-control: public, max-age=1800
etag: W/"922cffdd75f7192f75231d92684885aa"
last-modified: Wed, 23 Nov 2022 15:43:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 931366
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2FbpNcCptYSm0VTPIV%2BgWtrj4g62Pp2AXTeF%2FCjYSfhsTO2zBRLNVfNYRf0hTkgg5VTyll7IVM6kms0l%2FY4nDDMUoeVFUo3YGutzRBrqb%2FDgiym%2FmnF0rBQdNLFQWRGT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d9bee8fb524-OSL
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.16.0&cb=84622983453&lsavail=1
178.250.2.131200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.16.0&cb=84622983453&lsavail=1
IP 178.250.2.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.16.0&cb=84622983453&lsavail=1 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1324
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:56 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://www.dramacool9.co
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
offerimage.com/www/images/766f2bff7b1b0b942e9c707491f9d867.jpeg
172.67.22.216200 OK 9.0 kB URL HTTP/2 offerimage.com/www/images/766f2bff7b1b0b942e9c707491f9d867.jpeg
IP 172.67.22.216:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 766f2bff7b1b0b942e9c707491f9d867
1cf5b1cbdf1f80b2d4adc44446d6f403b7c56b8a
bb0c41433a0cc421110da9d8d448cc83321c73a64772f14aecbec11e1bfc2a26
GET /www/images/766f2bff7b1b0b942e9c707491f9d867.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:57 GMT
content-type: image/jpeg
content-length: 8995
cache-control: max-age=86400
cf-bgj: h2pri
etag: "62d22dde-2323"
expires: Sun, 04 Dec 2022 22:31:33 GMT
last-modified: Sat, 16 Jul 2022 03:17:50 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 45744
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77441d9bfb4efac0-OSL
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1067
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
cache-control: max-age=0, private, must-revalidate
date: Sun, 04 Dec 2022 11:13:57 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
ssl.p.jwpcdn.com/player/v/8.23.1/jwpsrv.js
151.101.130.114200 OK 19 kB URL HTTP/2 ssl.p.jwpcdn.com/player/v/8.23.1/jwpsrv.js
IP 151.101.130.114:0
File type ASCII text, with very long lines (63039)
Hash 47c80e5e949f9c51cea9f3f4eb3411c8
ea848020d7f54579af52ebd5e5f6922b98cc2512
6455d2bb063d9fde3276b77cb3e6e886c9b2a87dfc1bf16365d0cd3e8c1d131d
GET /player/v/8.23.1/jwpsrv.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://asianplay.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=900, immutable
last-modified: Tue, 02 Aug 2022 22:52:18 GMT
etag: "662d21d9cc48caa9758882be57e10e92"
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 11:13:57 GMT
via: 1.1 varnish
age: 613
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 22
x-timer: S1670152437.095781,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 18857
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.171.84200 OK 144 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.84:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b35cd43ce2bcdf31d38447ec5dcc5adf
830c3ac5d2ac5a92680aa587154362b40bfb93cb
da8f05f0de543fbcf1fb3f0eb663ad51645b90ec490066746c4a423ba6045a98
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 617
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 04 Dec 2022 11:13:57 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.dramacool9.co
AN-X-Request-Uuid: 570d90f1-9402-4ae4-a7da-e44a8ad666b8
Set-Cookie: icu=ChkI8aWIARAKGAEgASgBMPWBspwGOAFAAUgBEPWBspwGGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 04-Mar-2023 11:13:57 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=1874810660174660755; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 04-Mar-2023 11:13:57 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
script.4dex.io/adagio.js
188.114.99.234304 Not Modified 0 B IP 188.114.99.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 22 Nov 2022 09:44:15 GMT
If-None-Match: W/"c56b6332dacf72f135afcd153ae22448"
TE: trailers
HTTP/2 304 Not Modified
date: Sun, 04 Dec 2022 11:13:57 GMT
x-amz-id-2: 6PeMiMauwVpaIa7ZXWsIZE4fYPuBp4wCgfDclWCkL8EsnXeWlayXOVWt7Enwf8ldl7u/ig+6zXQ=
x-amz-request-id: JCYNYTZYG1ZDMXWB
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 22 Nov 2022 09:44:15 GMT
etag: "c56b6332dacf72f135afcd153ae22448"
cache-control: public, max-age=1800
cf-cache-status: HIT
age: 1041893
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MxnPnzYGa3s%2Bgd2ByX9wYK0AgCw%2B1L0YnEX91jSqzo9mZapZ4PUvPhvx4Yat8qLKsPlhRywiVFsxppL%2BmIUvg%2FfMzGns%2BgzSRSysdFEiasu%2FXF5Wd7CXsm5jRk4v5cX7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d9c1b54b518-OSL
X-Firefox-Spdy: h2
rndskittytor.com/500/4231561?excludes=&oaid=f725b9bd438a4b5b8c3927222252beef&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=729&wiw=729&wih=410&wfc=5&pl=https%3A%2F%2Fasianplay.pro%2Fstreaming.php%3Fid%3DMjQxMzg%3D%26title%3D200%2BPounds%2BBeauty%2B%2Bepisode%2B1%26typesub%3DSUB&drf=https%3A%2F%2Fwww.dramacool9.co%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false
139.45.197.238200 OK 0 B URL HTTP/2 rndskittytor.com/500/4231561?excludes=&oaid=f725b9bd438a4b5b8c3927222252beef&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=729&wiw=729&wih=410&wfc=5&pl=https%3A%2F%2Fasianplay.pro%2Fstreaming.php%3Fid%3DMjQxMzg%3D%26title%3D200%2BPounds%2BBeauty%2B%2Bepisode%2B1%26typesub%3DSUB&drf=https%3A%2F%2Fwww.dramacool9.co%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false
IP 139.45.197.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/4231561?excludes=&oaid=f725b9bd438a4b5b8c3927222252beef&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=729&wiw=729&wih=410&wfc=5&pl=https%3A%2F%2Fasianplay.pro%2Fstreaming.php%3Fid%3DMjQxMzg%3D%26title%3D200%2BPounds%2BBeauty%2B%2Bepisode%2B1%26typesub%3DSUB&drf=https%3A%2F%2Fwww.dramacool9.co%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false HTTP/1.1
Host: rndskittytor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://asianplay.pro/
Origin: https://asianplay.pro
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:13:57 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://asianplay.pro
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
ssl.p.jwpcdn.com/player/v/8.23.1/jwplayer.core.controls.js
151.101.130.114200 OK 80 kB URL HTTP/2 ssl.p.jwpcdn.com/player/v/8.23.1/jwplayer.core.controls.js
IP 151.101.130.114:0
File type Unicode text, UTF-8 text, with very long lines (65135)
Hash 59ab2a78797b62adbbeb4a2c0271b448
b06656b6b8b8b2449b091dc672c5677d0d5e2cfb
17befba5de3e05738b1f04ce7fe52e4e1664ad0e8cdea6c1e77e1c8b85f42c5a
GET /player/v/8.23.1/jwplayer.core.controls.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://asianplay.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=31536000, immutable
last-modified: Fri, 08 Oct 2021 21:48:22 GMT
etag: "168485c84f61f3dce164a7df3f4e091a"
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 11:13:57 GMT
via: 1.1 varnish
age: 22674889
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 775
x-timer: S1670152437.103471,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 79802
X-Firefox-Spdy: h2
hb.minutemedia-prebid.com/hb-mm-multi
52.45.30.42200 OK 105 B URL HTTP/2 hb.minutemedia-prebid.com/hb-mm-multi
IP 52.45.30.42:0
File type JSON data\012- , ASCII text
Hash 44ea4ac50f562b7d4272cb10638a0d9e
d9609a56698eea93d850ff3f2f1c25854c5e62c8
0370aa4a9e9db362c90ed6f122727d545341d55e83fbd601098fb91dc7fa5d45
POST /hb-mm-multi HTTP/1.1
Host: hb.minutemedia-prebid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 940
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:57 GMT
content-type: application/json
content-length: 105
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.dramacool9.co
x-reason: gdpr is not applied
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 92464220e27c2ad896e9e146d126c874
fed2f080d6c64a88ce0dc536e739878efbfa5c0a
a0dd715e70b1feaa45841ba05bff7713c6af00d876b653f20f57a6e04945faa2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 11:13:57 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 07:45:25 GMT
Expires: Sat, 10 Dec 2022 07:45:24 GMT
Etag: "fed2f080d6c64a88ce0dc536e739878efbfa5c0a"
Cache-Control: max-age=505286,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77441d9b4bd5fac4-OSL
script.4dex.io/localstore.js
188.114.99.234304 Not Modified 0 B URL HTTP/2 script.4dex.io/localstore.js
IP 188.114.99.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 23 Nov 2022 15:43:18 GMT
If-None-Match: W/"922cffdd75f7192f75231d92684885aa"
TE: trailers
HTTP/2 304 Not Modified
date: Sun, 04 Dec 2022 11:13:57 GMT
cache-control: public, max-age=1800
etag: W/"922cffdd75f7192f75231d92684885aa"
last-modified: Wed, 23 Nov 2022 15:43:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 931366
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8tPIZfdDunaXf74Z9Kfh3D%2BjjNCBc1V2B1SLqfSqdRypwu12ptUnKJnYoZ9OsiUQ1RSqkgVF50VWFi3U19BgTu3DB0PrMUTD%2BC%2F6eOE4jjFKQNoRGnQ9NnjPVl%2Ft6ql"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d9d1ff0b524-OSL
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 922
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
cache-control: max-age=0, private, must-revalidate
date: Sun, 04 Dec 2022 11:13:56 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
pbjs.e-planning.net/pbjs/1/2e112/1/www.dramacool9.co/ROS?rnd=0.5732030645270966&e=300x250_0%3A300x250%2C200x200%2C250x250%2C300x100&ur=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F
185.172.90.251200 OK 63 B URL HTTP/2 pbjs.e-planning.net/pbjs/1/2e112/1/www.dramacool9.co/ROS?rnd=0.5732030645270966&e=300x250_0%3A300x250%2C200x200%2C250x250%2C300x100&ur=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F
IP 185.172.90.251:0
ASN #49981 WorldStream B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 5fba75fda6e891c000a3a93c1b5d43b8
a9c8857d6538a3b2119d39c202599c92b74f8102
db46f4acfbadb984528656b1eeafc627bfb86123ab0c95413c79fd1372f8632a
GET /pbjs/1/2e112/1/www.dramacool9.co/ROS?rnd=0.5732030645270966&e=300x250_0%3A300x250%2C200x200%2C250x250%2C300x100&ur=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F HTTP/1.1
Host: pbjs.e-planning.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sun, 04 Dec 2022 11:13:57 GMT
content-type: application/json
expires: Sun, 04 Dec 2022 11:13:57 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
cache-control: max-age=0, no-cache
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-length: 63
x-sid: AMS-928
X-Firefox-Spdy: h2
b1h-euc1.zemanta.com/api/bidder/prebid/bid/
213.227.153.221204 No Content 0 B URL HTTP/1.1 b1h-euc1.zemanta.com/api/bidder/prebid/bid/
IP 213.227.153.221:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/bidder/prebid/bid/ HTTP/1.1
Host: b1h-euc1.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 511
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.dramacool9.co
goomaphy.com/impression/YpuD_-rhuk5cjYPGyevtu2VSIG5PEuDAW15g_KKqatJXgnn269DgYFTxuMFFoVxEHCmrYlSJ967Po2bEsTVtO8zvlaSD803kNgAFlNSGFI7Fnc7jcQ7GI1p08WP7b8JAUX4K4C2JXDWe8oW6WlUsekkN5biJXvlAzWcwcB_FId2-ieN76nAi8Zt_8J8e7xAiSJR_3EQfk2QjoR5-JhqIqO3FwnfwShPAmc3tYpZ_vqTBQ4a93blpoK_DQAF0nMwNkyYi-ta4RP3SQBmJKKcIxPCg04IBEmujDSMqfOJzniCunp7wkz7SIu02YocqdCB42VJEiWMtwYHyugZyEIsJ6tPWHLtnwqUXuzoDdmSoXZwugGL-p3ITdxKNSrRGTnfffB2DdXILelkqMIOmLMvk5tDDHi1Dmf4gyWR2TOv0PmVrN-awYq5t8wTMIufs39wzOu2CAVlIUDzRnl4DVl5yWxvO0j7Zt-Ai5GQCUok1Z0oPQs7kriYVYGARToc0jniwo9BCtmAjlTN9wCksib9Sg1BpX3Zp0YFzqOwnC0h1zkAdmgEXd7mA76hLlUSXuOWXKlL0t7i0N0fuGQWf4bhmyCo0cLprxeawaDatlA==?_z=5287605&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&pl=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 43 B URL HTTP/2 goomaphy.com/impression/YpuD_-rhuk5cjYPGyevtu2VSIG5PEuDAW15g_KKqatJXgnn269DgYFTxuMFFoVxEHCmrYlSJ967Po2bEsTVtO8zvlaSD803kNgAFlNSGFI7Fnc7jcQ7GI1p08WP7b8JAUX4K4C2JXDWe8oW6WlUsekkN5biJXvlAzWcwcB_FId2-ieN76nAi8Zt_8J8e7xAiSJR_3EQfk2QjoR5-JhqIqO3FwnfwShPAmc3tYpZ_vqTBQ4a93blpoK_DQAF0nMwNkyYi-ta4RP3SQBmJKKcIxPCg04IBEmujDSMqfOJzniCunp7wkz7SIu02YocqdCB42VJEiWMtwYHyugZyEIsJ6tPWHLtnwqUXuzoDdmSoXZwugGL-p3ITdxKNSrRGTnfffB2DdXILelkqMIOmLMvk5tDDHi1Dmf4gyWR2TOv0PmVrN-awYq5t8wTMIufs39wzOu2CAVlIUDzRnl4DVl5yWxvO0j7Zt-Ai5GQCUok1Z0oPQs7kriYVYGARToc0jniwo9BCtmAjlTN9wCksib9Sg1BpX3Zp0YFzqOwnC0h1zkAdmgEXd7mA76hLlUSXuOWXKlL0t7i0N0fuGQWf4bhmyCo0cLprxeawaDatlA==?_z=5287605&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&pl=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/YpuD_-rhuk5cjYPGyevtu2VSIG5PEuDAW15g_KKqatJXgnn269DgYFTxuMFFoVxEHCmrYlSJ967Po2bEsTVtO8zvlaSD803kNgAFlNSGFI7Fnc7jcQ7GI1p08WP7b8JAUX4K4C2JXDWe8oW6WlUsekkN5biJXvlAzWcwcB_FId2-ieN76nAi8Zt_8J8e7xAiSJR_3EQfk2QjoR5-JhqIqO3FwnfwShPAmc3tYpZ_vqTBQ4a93blpoK_DQAF0nMwNkyYi-ta4RP3SQBmJKKcIxPCg04IBEmujDSMqfOJzniCunp7wkz7SIu02YocqdCB42VJEiWMtwYHyugZyEIsJ6tPWHLtnwqUXuzoDdmSoXZwugGL-p3ITdxKNSrRGTnfffB2DdXILelkqMIOmLMvk5tDDHi1Dmf4gyWR2TOv0PmVrN-awYq5t8wTMIufs39wzOu2CAVlIUDzRnl4DVl5yWxvO0j7Zt-Ai5GQCUok1Z0oPQs7kriYVYGARToc0jniwo9BCtmAjlTN9wCksib9Sg1BpX3Zp0YFzqOwnC0h1zkAdmgEXd7mA76hLlUSXuOWXKlL0t7i0N0fuGQWf4bhmyCo0cLprxeawaDatlA==?_z=5287605&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&pl=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Cookie: OAID=d2ri297262ct707738943l4u4egvi980
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:13:57 GMT
content-type: image/gif
content-length: 43
x-trace-id: 5eab71e52d0bec2a888ca313b4e40a49
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.171.84200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.84:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0d672df1fc33a67de3425e10f313f99c
cfb96c7f15f7b4a9ede588b3194b85d5aee35d44
2b658488fce9d2577509f45a5aa17fd826fc78a80d7b2725238dc94920936756
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 736
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 04 Dec 2022 11:13:57 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.dramacool9.co
AN-X-Request-Uuid: 5a4a34c7-5da0-4dd5-88a1-d8e1bc4affc5
Set-Cookie: icu=ChkI8aWIARAKGAEgASgBMPWBspwGOAFAAUgBEPWBspwGGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 04-Mar-2023 11:13:57 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=4228328218048754513; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 04-Mar-2023 11:13:57 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
offerimage.com/www/images/e27e78d3b01907b714b7d939d7eed85d.png
172.67.22.216200 OK 43 kB URL HTTP/2 offerimage.com/www/images/e27e78d3b01907b714b7d939d7eed85d.png
IP 172.67.22.216:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash e27e78d3b01907b714b7d939d7eed85d
2d4aa0d84925e5031861258c341788450ba8b43c
37024bac32f0cc3299c2492471b40e6beb2fd7b3cb73b172d68207e87cdfd6e6
GET /www/images/e27e78d3b01907b714b7d939d7eed85d.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://asianplay.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:57 GMT
content-type: image/png
content-length: 43157
last-modified: Thu, 10 Dec 2020 15:48:31 GMT
etag: "5fd2434f-a895"
expires: Sun, 04 Dec 2022 16:38:45 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 66912
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77441d9d6c3cfac0-OSL
X-Firefox-Spdy: h2
mp.4dex.io/prebid
104.18.2.114200 OK 119 B IP 104.18.2.114:0
File type JSON data\012- , ASCII text
Hash 1cd774e263e6ff83bb8878bb1213fad5
7c805c587d89fc2c3dfadac077975636f1c2deb2
52fd1a0c506a3b41b8232a620e3592c30554b9660f2bffd80f341a499d921a6b
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1880
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:57 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
x-warn: Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: gpt-passback
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77441d9d1818b4fa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
hb.minutemedia-prebid.com/hb-mm-multi
52.45.30.42200 OK 105 B URL HTTP/2 hb.minutemedia-prebid.com/hb-mm-multi
IP 52.45.30.42:0
File type JSON data\012- , ASCII text
Hash 9971348f2bfcacf444fdcd92f21c1a6a
812790a512bcca7c6436930a42d84a608e0a2875
a63dc32bbd8d8110c9b868cf0d7d14515dc391828ad6b2e25a518727d3ff1c3a
POST /hb-mm-multi HTTP/1.1
Host: hb.minutemedia-prebid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 942
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:57 GMT
content-type: application/json
content-length: 105
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.dramacool9.co
x-reason: gdpr is not applied
X-Firefox-Spdy: h2
tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&tmax=3000
3.121.20.22200 OK 19 B URL HTTP/2 tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&tmax=3000
IP 3.121.20.22:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a548f7b55db665b1df71a33a2bee47a7
4f88e5b6a18226d7207f1458b0b83e428dbf9898
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
POST /header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&tmax=3000 HTTP/1.1
Host: tlx.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 410
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:57 GMT
content-type: application/json; charset=utf-8
content-length: 19
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
pragma: no-cache
x-xss-protection: 0
accept-ch: sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
X-Firefox-Spdy: h2
tags.h12-media.com/rtb/?pname=hb_result_v3&impdata=0gaQ8a3V%2DKglRycTHtgnF5JFy4rMOQiky1x6rkzaweMBK9b7b0mBSb7OI4zpI3%2DKYbpXJ2Z5Kcs4FcAdse7k6Mbzh0IDesMyETFoItqNF7VRLqEOUkVLA6ktIBxJYOfF1bx7N0lJDAh%5FCq9k2CzNTfUOapKsVB2VV0KlzJGpUjQiug%5Fkcf%2Dnw37lqxhI150%5F320%5FNpeoByHLBiw06OgTEFTNQv8sd6Fb7EnlFmE5yBW9%2De0BZ4JUAZiHph8ds%5FvQ0SSfjib5TwJJ8%2DlnV7XgRH%5FtwdxoZk6Zt7aZYK%5F53jrYuAV8ol2lATo8wLryZJb37%5F2yvEZawx0awJRuc62KDRCRHq4IqyImxHGbmh%5FBkiE8xXLGGcUrl3z4QlBFKWlCl0H86wq9VI8oopx7gB7D7XR1VhGH8OWx6R3zSi8VubboXKo%2Dgx6Ka5o2Mn1hdB%5F9t80&size=970x90&wp=0%2E02&bd=OBT&d=1
154.51.131.141200 OK 145 B URL HTTP/2 tags.h12-media.com/rtb/?pname=hb_result_v3&impdata=0gaQ8a3V%2DKglRycTHtgnF5JFy4rMOQiky1x6rkzaweMBK9b7b0mBSb7OI4zpI3%2DKYbpXJ2Z5Kcs4FcAdse7k6Mbzh0IDesMyETFoItqNF7VRLqEOUkVLA6ktIBxJYOfF1bx7N0lJDAh%5FCq9k2CzNTfUOapKsVB2VV0KlzJGpUjQiug%5Fkcf%2Dnw37lqxhI150%5F320%5FNpeoByHLBiw06OgTEFTNQv8sd6Fb7EnlFmE5yBW9%2De0BZ4JUAZiHph8ds%5FvQ0SSfjib5TwJJ8%2DlnV7XgRH%5FtwdxoZk6Zt7aZYK%5F53jrYuAV8ol2lATo8wLryZJb37%5F2yvEZawx0awJRuc62KDRCRHq4IqyImxHGbmh%5FBkiE8xXLGGcUrl3z4QlBFKWlCl0H86wq9VI8oopx7gB7D7XR1VhGH8OWx6R3zSi8VubboXKo%2Dgx6Ka5o2Mn1hdB%5F9t80&size=970x90&wp=0%2E02&bd=OBT&d=1
IP 154.51.131.141:0
File type ASCII text, with no line terminators
Hash 7ed96945d942f7b2b6e8e42cdb5d8652
57bc32892c212b7aef47825c70af1e504b0b697b
b77d72cd756d30cb7838af0700cf1e6854df46596bb08c3ed2b60aa49db084a5
GET /rtb/?pname=hb_result_v3&impdata=0gaQ8a3V%2DKglRycTHtgnF5JFy4rMOQiky1x6rkzaweMBK9b7b0mBSb7OI4zpI3%2DKYbpXJ2Z5Kcs4FcAdse7k6Mbzh0IDesMyETFoItqNF7VRLqEOUkVLA6ktIBxJYOfF1bx7N0lJDAh%5FCq9k2CzNTfUOapKsVB2VV0KlzJGpUjQiug%5Fkcf%2Dnw37lqxhI150%5F320%5FNpeoByHLBiw06OgTEFTNQv8sd6Fb7EnlFmE5yBW9%2De0BZ4JUAZiHph8ds%5FvQ0SSfjib5TwJJ8%2DlnV7XgRH%5FtwdxoZk6Zt7aZYK%5F53jrYuAV8ol2lATo8wLryZJb37%5F2yvEZawx0awJRuc62KDRCRHq4IqyImxHGbmh%5FBkiE8xXLGGcUrl3z4QlBFKWlCl0H86wq9VI8oopx7gB7D7XR1VhGH8OWx6R3zSi8VubboXKo%2Dgx6Ka5o2Mn1hdB%5F9t80&size=970x90&wp=0%2E02&bd=OBT&d=1 HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Cookie: 7thMile=7c02e841%2D1079%2D45b9%2Db5e5%2D1da010a4e12d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-store,no-cache,max-age=0,private
content-type: application/x-javascript; Charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
srg-x: x-.174
x-powered-by: ARR/3.0
date: Sun, 04 Dec 2022 11:13:57 GMT
content-length: 145
X-Firefox-Spdy: h2
widgets.outbrain.com/outbrain.js
2.18.173.74200 OK 76 kB URL HTTP/2 widgets.outbrain.com/outbrain.js
IP 2.18.173.74:0
File type ASCII text, with very long lines (1595)
Hash d78e5cd9e7f8559749a38ac301eb151a
a849568fdf4e78164e52fafbd69055ad9c93bb38
badf4703d5685e3a7ce5940f6014f445db5b1926fd4e6c8277d243b0b9d2abb7
GET /outbrain.js HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
x-traceid: 3961facae9d4632097ab9c847f08de52
cache-control: max-age=14400
last-modified: Sun, 04 Dec 2022 07:16:45 GMT
etag: "16-M/G2JLYglxIk5wBZQTUoPXRQjc8"
vary: Accept-Encoding
content-encoding: gzip
date: Sun, 04 Dec 2022 11:13:57 GMT
content-length: 75951
edge-cache-tag: widget-cheetah
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=3&pid=509a83c9da704191ac516dc694c0a62d&sizes=[[160,600],[120,600]]&slotid=e01834ec-1707-4ce6-9397-5c6d79aa5cc2&demand=unifiedPb&ts=1670152434666
18.205.250.251200 OK 1.3 kB URL HTTP/2 api.purpleads.io/x/b/?idx=3&pid=509a83c9da704191ac516dc694c0a62d&sizes=[[160,600],[120,600]]&slotid=e01834ec-1707-4ce6-9397-5c6d79aa5cc2&demand=unifiedPb&ts=1670152434666
IP 18.205.250.251:0
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2522), with no line terminators
Hash fef50eacecbe5bc454d16db8f9250ed6
b4bc57993a9661fc1afa33e4b11c726f9d860271
fbcc2c870a8c77984907a88b1a9ff2f2a3a174f2e1d3b542f714603c958c667d
GET /x/b/?idx=3&pid=509a83c9da704191ac516dc694c0a62d&sizes=[[160,600],[120,600]]&slotid=e01834ec-1707-4ce6-9397-5c6d79aa5cc2&demand=unifiedPb&ts=1670152434666 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Content-Type: application/json
x-purpleads-version: 2.2.13
x-request-url: aHR0cHM6Ly93d3cuZHJhbWFjb29sOS5jby8yMDAtcG91bmRzLWJlYXV0eS1lcGlzb2RlLTEv
Authorization: Bearer b2ceb012c83b9a7144bd1478208f267a:9ab0b065d3810b2fd9aeb6065b8ee85871db6fe4c4ad32f49fd0fc672f69e09f3081599e2f6e24b5210a9db2e188856bcf18a03638f2ecaa4014d5b7915c430d
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:57 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id: 9b402dfb-37d6-41f7-a169-3f624a3bcc6f
etag: W/"9be-j3dqwnmb2OMkknoJwXxsjwEESj8"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
tcheck.outbrainimg.com/tcheck/check/d3d3LmRyYW1hY29vbDkuY28=
2.18.173.172200 OK 16 B URL HTTP/1.1 tcheck.outbrainimg.com/tcheck/check/d3d3LmRyYW1hY29vbDkuY28=
IP 2.18.173.172:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ce08a60aa308225db15c98edf4ae2447
bacf25489bad0312aa2f37fc735fa7e57b2d7306
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
GET /tcheck/check/d3d3LmRyYW1hY29vbDkuY28= HTTP/1.1
Host: tcheck.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 16
X-TraceId: a5c769ba2efffdc5bdebe5e7e4d3c660
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Cache-Control: max-age=12587
Expires: Sun, 04 Dec 2022 14:43:44 GMT
Date: Sun, 04 Dec 2022 11:13:57 GMT
Connection: keep-alive
Access-Control-Max-Age: 43200
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
images.outbrainimg.com/transform/v3/eyJpdSI6IjY3MmVmNzdjOTY0ZDMzNmVhNDhkMThiYjlhOTI2NjZkNDJmNzc4Mzc1NTVhZjczZWQ3MDRkZWRiMGE1ZGU3Y2MiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6MH0.jpg
2.18.173.172200 OK 41 kB URL HTTP/2 images.outbrainimg.com/transform/v3/eyJpdSI6IjY3MmVmNzdjOTY0ZDMzNmVhNDhkMThiYjlhOTI2NjZkNDJmNzc4Mzc1NTVhZjczZWQ3MDRkZWRiMGE1ZGU3Y2MiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6MH0.jpg
IP 2.18.173.172:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash 84cc10a313a3bf5fbc52faec9ddc9d39
e92912d06740a7ed116b2d0994c5104f7cfff3b2
d3c050117f268806c710a96746f955cbf36a447150b60f6909d669a3a3ab99ac
GET /transform/v3/eyJpdSI6IjY3MmVmNzdjOTY0ZDMzNmVhNDhkMThiYjlhOTI2NjZkNDJmNzc4Mzc1NTVhZjczZWQ3MDRkZWRiMGE1ZGU3Y2MiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6MH0.jpg HTTP/1.1
Host: images.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 40890
last-modified: Thu, 27 Oct 2022 16:08:27 GMT
x-traceid: 16db6b8ff283301ef559286aecfc1e39
cache-control: max-age=2146153
date: Sun, 04 Dec 2022 11:13:57 GMT
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
timing-allow-origin: *, *
X-Firefox-Spdy: h2
api.purpleads.io/x/v/?demand=unifiedPb&ts=1670152435007
18.205.250.251200 OK 0 B URL HTTP/2 api.purpleads.io/x/v/?demand=unifiedPb&ts=1670152435007
IP 18.205.250.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /x/v/?demand=unifiedPb&ts=1670152435007 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:57 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: d778f258-cfb9-43fe-b24c-ba71b40e174c
X-Firefox-Spdy: h2
widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
2.18.173.74200 OK 43 B URL HTTP/2 widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
IP 2.18.173.74:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /widget/detect/px.gif?ch=1 HTTP/1.1
Host: widget-pixels.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-length: 43
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
cache-control: max-age=2592000
expires: Tue, 03 Jan 2023 11:13:57 GMT
date: Sun, 04 Dec 2022 11:13:57 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
api.purpleads.io/x/a/b3d966e71140172c4b4f62055089a8af:c75b1ed712add31aed37e871a657ea04a6fc88a41de64a161c2775f05dc1b9a65907f9cfdb9175186ffc3e8bb8efd677db32484e6dfc763f396748a302a00eaae1d831ba45778cea45c69918dabe878487b7576b1ecf98d1bd4042c22710e6b7a05b7874da6e82f437f4d8c5a225667f8eeed53c6cd464cddd31e6a3452a55b989b6ef3bf1faee03037da53586770191/i?id=9b402dfb-37d6-41f7-a169-3f624a3bcc6f
18.205.250.251204 No Content 0 B URL HTTP/2 api.purpleads.io/x/a/b3d966e71140172c4b4f62055089a8af:c75b1ed712add31aed37e871a657ea04a6fc88a41de64a161c2775f05dc1b9a65907f9cfdb9175186ffc3e8bb8efd677db32484e6dfc763f396748a302a00eaae1d831ba45778cea45c69918dabe878487b7576b1ecf98d1bd4042c22710e6b7a05b7874da6e82f437f4d8c5a225667f8eeed53c6cd464cddd31e6a3452a55b989b6ef3bf1faee03037da53586770191/i?id=9b402dfb-37d6-41f7-a169-3f624a3bcc6f
IP 18.205.250.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/a/b3d966e71140172c4b4f62055089a8af:c75b1ed712add31aed37e871a657ea04a6fc88a41de64a161c2775f05dc1b9a65907f9cfdb9175186ffc3e8bb8efd677db32484e6dfc763f396748a302a00eaae1d831ba45778cea45c69918dabe878487b7576b1ecf98d1bd4042c22710e6b7a05b7874da6e82f437f4d8c5a225667f8eeed53c6cd464cddd31e6a3452a55b989b6ef3bf1faee03037da53586770191/i?id=9b402dfb-37d6-41f7-a169-3f624a3bcc6f HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 04 Dec 2022 11:13:57 GMT
access-control-allow-origin: api.purpleads.io
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id: 4771dd67-b529-45d2-a462-985b4d7c475f
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:13:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:13:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
images.outbrainimg.com/transform/v3/eyJpdSI6ImQ0MGI5ZGJmNGZkODgwNjNjNjBhMWUxNTVlMjNkMjQxMmEwNzM0M2JmMTE4MGYzODNlYzUwMmUzODlhYzYyZDkiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6MH0.jpg
2.18.173.172200 OK 45 kB URL HTTP/2 images.outbrainimg.com/transform/v3/eyJpdSI6ImQ0MGI5ZGJmNGZkODgwNjNjNjBhMWUxNTVlMjNkMjQxMmEwNzM0M2JmMTE4MGYzODNlYzUwMmUzODlhYzYyZDkiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6MH0.jpg
IP 2.18.173.172:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash 02fe1a462f432b7d49256416f3362779
1e1db623a613381e35a3bdf23a2d086de510c328
c59720c999702a0d72fe1ee21fad94d89e1fe084fa2486f6fadb8a8406ab84b8
GET /transform/v3/eyJpdSI6ImQ0MGI5ZGJmNGZkODgwNjNjNjBhMWUxNTVlMjNkMjQxMmEwNzM0M2JmMTE4MGYzODNlYzUwMmUzODlhYzYyZDkiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6MH0.jpg HTTP/1.1
Host: images.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 44710
last-modified: Fri, 11 Nov 2022 22:22:58 GMT
x-traceid: 2aaf02a643ab9762c24d2da2ab70797c
cache-control: max-age=1722789
date: Sun, 04 Dec 2022 11:13:57 GMT
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
timing-allow-origin: *, *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 315582
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 315603
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:13:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb3a987e0fd3286232cc3bc37f80b97c
d88b9a9f232d9281f2a0300e9dc5cedc6373e506
0805b1afba517be3b48369a7808df72753fde51e452df0aed5ecd07582a06d7e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5949
Cache-Control: max-age=148424
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:13:57 GMT
Etag: "638c0a80-1d7"
Expires: Tue, 06 Dec 2022 04:27:41 GMT
Last-Modified: Sun, 04 Dec 2022 02:48:32 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb3a987e0fd3286232cc3bc37f80b97c
d88b9a9f232d9281f2a0300e9dc5cedc6373e506
0805b1afba517be3b48369a7808df72753fde51e452df0aed5ecd07582a06d7e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5964
Cache-Control: max-age=148439
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:13:57 GMT
Etag: "638c0a80-1d7"
Expires: Tue, 06 Dec 2022 04:27:56 GMT
Last-Modified: Sun, 04 Dec 2022 02:48:32 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
api.purpleads.io/x/b/?idx=3&pid=509a83c9da704191ac516dc694c0a62d&sizes=[[160,600],[120,600]]&slotid=e01834ec-1707-4ce6-9397-5c6d79aa5cc2&demand=unifiedPb&ts=1670152434666
18.205.250.251200 OK 0 B URL HTTP/2 api.purpleads.io/x/b/?idx=3&pid=509a83c9da704191ac516dc694c0a62d&sizes=[[160,600],[120,600]]&slotid=e01834ec-1707-4ce6-9397-5c6d79aa5cc2&demand=unifiedPb&ts=1670152434666
IP 18.205.250.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /x/b/?idx=3&pid=509a83c9da704191ac516dc694c0a62d&sizes=[[160,600],[120,600]]&slotid=e01834ec-1707-4ce6-9397-5c6d79aa5cc2&demand=unifiedPb&ts=1670152434666 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:57 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 11a5be5e-4a26-400e-b4ef-deb078db5c9a
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:13:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-131447009-1&cid=710564996.1670152434&jid=1841125073&gjid=1399567669&_gid=960051303.1670152434&_u=YEBAAUAAAAAAACAAI~&z=209418837
108.177.14.154200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-131447009-1&cid=710564996.1670152434&jid=1841125073&gjid=1399567669&_gid=960051303.1670152434&_u=YEBAAUAAAAAAACAAI~&z=209418837
IP 108.177.14.154:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-131447009-1&cid=710564996.1670152434&jid=1841125073&gjid=1399567669&_gid=960051303.1670152434&_u=YEBAAUAAAAAAACAAI~&z=209418837 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.dramacool9.co
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 04 Dec 2022 11:13:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:13:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.purpleads.io/x/b/?idx=4&pid=509a83c9da704191ac516dc694c0a62d&sizes=[[300,250],[200,200],[250,250],[300,100]]&slotid=35ce4944-091e-47ae-82ae-0dba070d1c41&demand=unifiedPb&ts=1670152434667
18.205.250.251200 OK 4 B URL HTTP/2 api.purpleads.io/x/b/?idx=4&pid=509a83c9da704191ac516dc694c0a62d&sizes=[[300,250],[200,200],[250,250],[300,100]]&slotid=35ce4944-091e-47ae-82ae-0dba070d1c41&demand=unifiedPb&ts=1670152434667
IP 18.205.250.251:0
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
OPTIONS /x/b/?idx=4&pid=509a83c9da704191ac516dc694c0a62d&sizes=[[300,250],[200,200],[250,250],[300,100]]&slotid=35ce4944-091e-47ae-82ae-0dba070d1c41&demand=unifiedPb&ts=1670152434667 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:57 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 44162258-7527-4e11-8bec-8783486b8a0d
X-Firefox-Spdy: h2
log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=d2e36c218cefa30e049e8ab3111f542d&pvId=d2e36c218cefa30e049e8ab3111f542d&sid=9598473&pid=45718&idx=3&wId=171&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent
70.42.32.95200 OK 4 B URL HTTP/1.1 log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=d2e36c218cefa30e049e8ab3111f542d&pvId=d2e36c218cefa30e049e8ab3111f542d&sid=9598473&pid=45718&idx=3&wId=171&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent
IP 70.42.32.95:0
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
GET /loggerServices/widgetGlobalEvent?rId=d2e36c218cefa30e049e8ab3111f542d&pvId=d2e36c218cefa30e049e8ab3111f542d&sid=9598473&pid=45718&idx=3&wId=171&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent HTTP/1.1
Host: log.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 11:13:58 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 4
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
X-TraceId: 7bba79af7285a7aa607c89ed52def46c
odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&idx=0&rand=55039&key=H12ME1OGI4M4PLMMGPJ01MHAC&widgetJSId=AR_2&va=true&et=true&format=html&rtbEnabled=true&adblck=false&abwl=false&extid=1612402&pubImpId=5698b858bd22588&px=0&py=0&vpd=0&cnsntv2=CPjfQl5PjfQl5BBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cw=970&activeTab=true&darkMode=false&ab=0&wl=0undefined&settings=true&recs=true&version=2000971&sig=ITg2z3FW&apv=false&false&osLang=en-US&winW=970&winH=90&scrW=1280&scrH=1024&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&ogn=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F
151.101.246.132200 OK 14 kB URL HTTP/2 odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&idx=0&rand=55039&key=H12ME1OGI4M4PLMMGPJ01MHAC&widgetJSId=AR_2&va=true&et=true&format=html&rtbEnabled=true&adblck=false&abwl=false&extid=1612402&pubImpId=5698b858bd22588&px=0&py=0&vpd=0&cnsntv2=CPjfQl5PjfQl5BBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cw=970&activeTab=true&darkMode=false&ab=0&wl=0undefined&settings=true&recs=true&version=2000971&sig=ITg2z3FW&apv=false&false&osLang=en-US&winW=970&winH=90&scrW=1280&scrH=1024&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&ogn=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F
IP 151.101.246.132:0
File type Unicode text, UTF-8 text, with very long lines (51832), with no line terminators
Hash a90d3ffcefbb2e619c050a04156be2ba
eb5b97e78c17378d342631c34900e2af2345568e
63cae86bd9549ccedfa2e2166edb02febcb0df9bbdcf8bc70fa73ba272b081f5
GET /utils/platforms?contentUrl=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&idx=0&rand=55039&key=H12ME1OGI4M4PLMMGPJ01MHAC&widgetJSId=AR_2&va=true&et=true&format=html&rtbEnabled=true&adblck=false&abwl=false&extid=1612402&pubImpId=5698b858bd22588&px=0&py=0&vpd=0&cnsntv2=CPjfQl5PjfQl5BBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cw=970&activeTab=true&darkMode=false&ab=0&wl=0undefined&settings=true&recs=true&version=2000971&sig=ITg2z3FW&apv=false&false&osLang=en-US&winW=970&winH=90&scrW=1280&scrH=1024&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&ogn=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F HTTP/1.1
Host: odb.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache
pragma: no-cache
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
set-cookie: obsessionid-p178258=c8fe4cea-ef1f-935f-0000-0184dcd7c0fa|0|1; Max-Age=1800; Expires=Sun, 04 Dec 2022 11:43:58 GMT; Path=/; Domain=outbrain.com
recs_707e150f6b5a9f014b62cca021aeec57=0B4844490536A4392567789ACD1; Max-Age=60; Expires=Sun, 04 Dec 2022 11:14:58 GMT; Path=/; Domain=outbrain.com
obuid=23cf2aba-8802-4eff-827f-8df1f605ea08; Max-Age=7776000; Expires=Sat, 04 Mar 2023 11:13:58 GMT; Path=/; Domain=outbrain.com
x-traceid: 234ec8e55d03eaefb3a4d26a87152818
content-encoding: gzip
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Sun, 04 Dec 2022 11:13:58 GMT
x-served-by: cache-lga21935-LGA, cache-hel1410032-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1670152438.957316,VS0,VE217
vary: Accept-Encoding, User-Agent
traffic-path: NYDC1, LGA, HEL, Europe1
content-length: 13912
X-Firefox-Spdy: h2
log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=d82e0d4758b55d66af6797fd01c42b27&pvId=d82e0d4758b55d66af6797fd01c42b27&sid=9598473&pid=45718&idx=5&wId=171&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent
70.42.32.95200 OK 4 B URL HTTP/1.1 log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=d82e0d4758b55d66af6797fd01c42b27&pvId=d82e0d4758b55d66af6797fd01c42b27&sid=9598473&pid=45718&idx=5&wId=171&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent
IP 70.42.32.95:0
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
GET /loggerServices/widgetGlobalEvent?rId=d82e0d4758b55d66af6797fd01c42b27&pvId=d82e0d4758b55d66af6797fd01c42b27&sid=9598473&pid=45718&idx=5&wId=171&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent HTTP/1.1
Host: log.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 11:13:58 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 4
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
X-TraceId: 479df030bd99d7aff72017aa3ab5a179
widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=23cf2aba-8802-4eff-827f-8df1f605ea08
2.18.173.74200 OK 686 B URL HTTP/2 widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=23cf2aba-8802-4eff-827f-8df1f605ea08
IP 2.18.173.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5b97ec90c55f5357b412825e5e67525a
7dd2ad14245380a730735d18b06346dcbb7aa254
ee4237548288e67df37898219464bc7bd57bf2eb4238a627dcbbb15815090037
GET /nanoWidget/externals/obUserFrame/test.html?lsd=23cf2aba-8802-4eff-827f-8df1f605ea08 HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "1e015194a0e596827cb8971f884eb43c:1670140452.657315"
last-modified: Sun, 04 Dec 2022 07:14:57 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800
expires: Sun, 11 Dec 2022 11:13:58 GMT
date: Sun, 04 Dec 2022 11:13:58 GMT
content-length: 686
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
log.outbrainimg.com/loggerServices/log-viewability?requestId=d82e0d4758b55d66af6797fd01c42b27&position=0
70.42.32.95200 OK 4 B URL HTTP/1.1 log.outbrainimg.com/loggerServices/log-viewability?requestId=d82e0d4758b55d66af6797fd01c42b27&position=0
IP 70.42.32.95:0
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
GET /loggerServices/log-viewability?requestId=d82e0d4758b55d66af6797fd01c42b27&position=0 HTTP/1.1
Host: log.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 11:13:58 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 4
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
X-TraceId: 75d63ca89f42ac7e4648e730579e1e78
log.outbrainimg.com/loggerServices/log-viewability?requestId=465046ff1581d27dbb1b6f4485532a32&position=0
70.42.32.95200 OK 4 B URL HTTP/1.1 log.outbrainimg.com/loggerServices/log-viewability?requestId=465046ff1581d27dbb1b6f4485532a32&position=0
IP 70.42.32.95:0
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
GET /loggerServices/log-viewability?requestId=465046ff1581d27dbb1b6f4485532a32&position=0 HTTP/1.1
Host: log.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 11:13:58 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 4
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
X-TraceId: 2c27c8ebe5e6cc3da6f97cf2749ea10e
widgets.outbrain.com/nanoWidget/externals/cookie/put.html
2.18.173.74200 OK 416 B URL HTTP/2 widgets.outbrain.com/nanoWidget/externals/cookie/put.html
IP 2.18.173.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c0311cf15c21ddda054005e92fad3f9e
5276eceeb0576cbee82010f611dfd6fd305991f9
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
GET /nanoWidget/externals/cookie/put.html HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1670140449.982469"
last-modified: Sun, 04 Dec 2022 07:14:57 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=604800
expires: Sun, 11 Dec 2022 11:13:58 GMT
date: Sun, 04 Dec 2022 11:13:58 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/Close.svg
2.18.173.74200 OK 765 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/Close.svg
IP 2.18.173.74:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (635)
Hash f740f788e2e26736856f7a3a12457a63
d0ec57a47f6a40f23011dd93219873a5eaee96e2
c2c92cde33538b1187bedea3d0b6d5141e4222eba8092476339aa080cee759ac
GET /images/widgetIcons/Close.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "f740f788e2e26736856f7a3a12457a63:1662969029.343348"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 765
cache-control: max-age=2592000
expires: Tue, 03 Jan 2023 11:13:58 GMT
date: Sun, 04 Dec 2022 11:13:58 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/achoice.svg
2.18.173.74200 OK 2.7 kB URL HTTP/2 widgets.outbrain.com/images/widgetIcons/achoice.svg
IP 2.18.173.74:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2290)
Hash 9d26fa4e7238ed94f1d0d92afb453b3e
ae18efe7d09337bf2f580b3f5bc912284aad7821
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
GET /images/widgetIcons/achoice.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 2735
cache-control: max-age=2592000
expires: Tue, 03 Jan 2023 11:13:58 GMT
date: Sun, 04 Dec 2022 11:13:58 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/widgetOBUserSync/obUserSync.html
2.18.173.74200 OK 5.9 kB URL HTTP/2 widgets.outbrain.com/widgetOBUserSync/obUserSync.html
IP 2.18.173.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (18427)
Hash 645ce46ada71d82cb227c560c9b06c98
ca5bf01dd46ff5c6d8c01127ee5b11830ec77ac4
344317ee252cf1b5c987c02c9938b80ae6fb54807f27d4cc2685a06722c29fe8
GET /widgetOBUserSync/obUserSync.html HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "3d588be7f01fe5a6448a8ef1aeb70463:1669278724.034982"
last-modified: Thu, 24 Nov 2022 08:27:03 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800
expires: Sun, 11 Dec 2022 11:13:58 GMT
date: Sun, 04 Dec 2022 11:13:58 GMT
content-length: 5938
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=5&pid=509a83c9da704191ac516dc694c0a62d&sizes=[[300,250],[200,200],[250,250],[300,100]]&slotid=7975d11c-92e2-4a71-adaa-ec1d8705bdd0&demand=unifiedPb&ts=1670152435160
18.205.250.251200 OK 8.2 kB URL HTTP/2 api.purpleads.io/x/b/?idx=5&pid=509a83c9da704191ac516dc694c0a62d&sizes=[[300,250],[200,200],[250,250],[300,100]]&slotid=7975d11c-92e2-4a71-adaa-ec1d8705bdd0&demand=unifiedPb&ts=1670152435160
IP 18.205.250.251:0
File type gzip compressed data, from Unix\012- data
Hash 779fb5d2636ae848c356620a0ecf3a88
0be93c819a4644995df6eec9b8351f1763ff42c4
f893234acf4ba64dd777f0ece342c285b98014cc376307178630552c40506032
OPTIONS /x/b/?idx=5&pid=509a83c9da704191ac516dc694c0a62d&sizes=[[300,250],[200,200],[250,250],[300,100]]&slotid=7975d11c-92e2-4a71-adaa-ec1d8705bdd0&demand=unifiedPb&ts=1670152435160 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:57 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 2fb2a085-d274-4d95-92c2-458f962db3eb
X-Firefox-Spdy: h2
images.outbrainimg.com/transform/v3/eyJpdSI6IjY3MmVmNzdjOTY0ZDMzNmVhNDhkMThiYjlhOTI2NjZkNDJmNzc4Mzc1NTVhZjczZWQ3MDRkZWRiMGE1ZGU3Y2MiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg
2.18.173.172200 OK 11 kB URL HTTP/2 images.outbrainimg.com/transform/v3/eyJpdSI6IjY3MmVmNzdjOTY0ZDMzNmVhNDhkMThiYjlhOTI2NjZkNDJmNzc4Mzc1NTVhZjczZWQ3MDRkZWRiMGE1ZGU3Y2MiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg
IP 2.18.173.172:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x150, components 3\012- data
Hash 8bc64d7586ba79af18f9b1585491c1bc
5b2ec59bf1c8dc34d4a284310f00c82aa6db00fc
ffe2701a60270933fa15423b195a8fbba6fdc2362f384ce2a02da990e0881d55
GET /transform/v3/eyJpdSI6IjY3MmVmNzdjOTY0ZDMzNmVhNDhkMThiYjlhOTI2NjZkNDJmNzc4Mzc1NTVhZjczZWQ3MDRkZWRiMGE1ZGU3Y2MiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg HTTP/1.1
Host: images.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 11355
last-modified: Thu, 27 Oct 2022 16:08:27 GMT
x-traceid: 9c8ff363afbc1597387fc7167a061187
cache-control: max-age=2146263
date: Sun, 04 Dec 2022 11:13:58 GMT
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
timing-allow-origin: *, *
X-Firefox-Spdy: h2
images.outbrainimg.com/transform/v3/eyJpdSI6ImY4YTRkNWY3OGIxMjBiNGFjYjRmMWFhMmY5ZGRiMGM3YzliN2ZiYjViMTA2ZjY0YmYwMDA4NmZiZjI4YmNkZWIiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg
2.18.173.172200 OK 9.6 kB URL HTTP/2 images.outbrainimg.com/transform/v3/eyJpdSI6ImY4YTRkNWY3OGIxMjBiNGFjYjRmMWFhMmY5ZGRiMGM3YzliN2ZiYjViMTA2ZjY0YmYwMDA4NmZiZjI4YmNkZWIiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg
IP 2.18.173.172:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x150, components 3\012- data
Hash dc637bba72c06dbcc0ed83699c60522d
268df3ee90f4217112b832a765edd9360a40e9c9
07f5d0988d9b6f0d73a6c8d13795a543dd3ca5ef534eda50a64e1df0629735a2
GET /transform/v3/eyJpdSI6ImY4YTRkNWY3OGIxMjBiNGFjYjRmMWFhMmY5ZGRiMGM3YzliN2ZiYjViMTA2ZjY0YmYwMDA4NmZiZjI4YmNkZWIiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg HTTP/1.1
Host: images.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 9591
last-modified: Fri, 23 Sep 2022 14:03:09 GMT
x-traceid: 55266b2237929b770e8c08927d855959
cache-control: max-age=575027
date: Sun, 04 Dec 2022 11:13:58 GMT
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
timing-allow-origin: *, *
X-Firefox-Spdy: h2
api.purpleads.io/x/a/c1103da59f08230a9e0ef70fdc7b125e:99424e020827722f87e6ce9148b2e289f5e6d92a2766176bce7b5830b27163246b1dde5f2f0362f698bae99159e8e092ee4f1e1130c66c18b9c086c4b1f6313b2e208943a1933d3640df0195bc88fd580e0873d8bde8ad50690c25db30158826971c3f7ff8fc1b28daf8d04b9e5d469edd369efa7a128e8341eaf05b8ebc9b8541fca0b1acb07be4e5dbe1cc4ed6c336/i?id=fc1ba77e-e7df-4873-b867-17a171139c43
18.205.250.251204 No Content 0 B URL HTTP/2 api.purpleads.io/x/a/c1103da59f08230a9e0ef70fdc7b125e:99424e020827722f87e6ce9148b2e289f5e6d92a2766176bce7b5830b27163246b1dde5f2f0362f698bae99159e8e092ee4f1e1130c66c18b9c086c4b1f6313b2e208943a1933d3640df0195bc88fd580e0873d8bde8ad50690c25db30158826971c3f7ff8fc1b28daf8d04b9e5d469edd369efa7a128e8341eaf05b8ebc9b8541fca0b1acb07be4e5dbe1cc4ed6c336/i?id=fc1ba77e-e7df-4873-b867-17a171139c43
IP 18.205.250.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/a/c1103da59f08230a9e0ef70fdc7b125e:99424e020827722f87e6ce9148b2e289f5e6d92a2766176bce7b5830b27163246b1dde5f2f0362f698bae99159e8e092ee4f1e1130c66c18b9c086c4b1f6313b2e208943a1933d3640df0195bc88fd580e0873d8bde8ad50690c25db30158826971c3f7ff8fc1b28daf8d04b9e5d469edd369efa7a128e8341eaf05b8ebc9b8541fca0b1acb07be4e5dbe1cc4ed6c336/i?id=fc1ba77e-e7df-4873-b867-17a171139c43 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 04 Dec 2022 11:13:58 GMT
access-control-allow-origin: api.purpleads.io
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id: a674fffb-5365-49c8-8f52-1b34d72e2787
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/icon-vi.svg
2.18.173.74200 OK 182 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/icon-vi.svg
IP 2.18.173.74:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash c065312fdb5e02c1399f2622776530df
785d98e9025f7b5cd7e2bd4f80098e44cda01ebf
b9e07d8e5143b4764aeebb012b1b020f60eb1cdca44ed1bc22ba9bc85f3af5eb
GET /images/widgetIcons/icon-vi.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "91990280dce13a095a0da3a6b2fc6816:1662969041.773759"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 182
cache-control: max-age=2592000
expires: Tue, 03 Jan 2023 11:13:58 GMT
date: Sun, 04 Dec 2022 11:13:58 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/BlockBlue.svg
2.18.173.74200 OK 566 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/BlockBlue.svg
IP 2.18.173.74:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (462)
Hash 67fffe0e5c5262bfb3fb57a8d8d69fbf
2731fbd0437ec9e215e9e3847908ce93f866ed6c
e72f0926b3418896301bda925b636ad884f5bf18f54308383ae77522ca5cd9a2
GET /images/widgetIcons/BlockBlue.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "67fffe0e5c5262bfb3fb57a8d8d69fbf:1662969027.986981"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 566
cache-control: max-age=2592000
expires: Tue, 03 Jan 2023 11:13:58 GMT
date: Sun, 04 Dec 2022 11:13:58 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/ChevronRight.svg
2.18.173.74200 OK 524 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/ChevronRight.svg
IP 2.18.173.74:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (422)
Hash c1dc41410784b37a37e29a21baf9aa1f
9b1a4b46b77322f217c3395e32bbb177199c327c
f8d6148b07b2251c53a2605a003b1d29babb8154c5abd0bde0f7e8a800f2dfd9
GET /images/widgetIcons/ChevronRight.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "c1dc41410784b37a37e29a21baf9aa1f:1662969028.698646"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 524
cache-control: max-age=2592000
expires: Tue, 03 Jan 2023 11:13:58 GMT
date: Sun, 04 Dec 2022 11:13:58 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/icon-x-white.svg
2.18.173.74200 OK 559 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/icon-x-white.svg
IP 2.18.173.74:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (363)
Hash 854eb39a3d94a8ec9977261db0c8acc8
ef852997961f946b34e996504912b0606e4c6593
06ffd9e17bd41822b9a7b982a8ff486fafa54f7781baacb6ef3507ae7f9b36b5
GET /images/widgetIcons/icon-x-white.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "854eb39a3d94a8ec9977261db0c8acc8:1662969042.351779"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 559
cache-control: max-age=2592000
expires: Tue, 03 Jan 2023 11:13:58 GMT
date: Sun, 04 Dec 2022 11:13:58 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/nanoWidget/externals/cookie/test.html
2.18.173.74200 OK 355 B URL HTTP/2 widgets.outbrain.com/nanoWidget/externals/cookie/test.html
IP 2.18.173.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e99df827210bbfe6cc6fa90835c27f7e
64019680de3531ff171ab0b5f901b3c6c899f7ec
41f8f5d55a2b4ab4c783bf17b9a36e3343ee2837d167d0b65acbe23b181f9918
GET /nanoWidget/externals/cookie/test.html HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "48053d50141031b1511dbd30f9a31288:1670140450.660484"
last-modified: Sun, 04 Dec 2022 07:14:57 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800
expires: Sun, 11 Dec 2022 11:13:58 GMT
date: Sun, 04 Dec 2022 11:13:58 GMT
content-length: 355
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9b291400ef8d62e8f5f54830a122b442
8529df830a0453c7d79438e76b6f880d1d917c62
c3be4fd4a74f01cf1c073ab7785b24391457cff4406030999688815365b19cc5
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 743
Cache-Control: max-age=123096
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:13:58 GMT
Etag: "638bbbe7-1d7"
Expires: Mon, 05 Dec 2022 21:25:34 GMT
Last-Modified: Sat, 03 Dec 2022 21:13:11 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
mcdp-nydc1.outbrain.com/l?token=2e6fe1d2d4e85bb9201b9f3e5072da1c_178258_1670152438107&tm=633&eT=0&widgetWidth=970&widgetHeight=90&widgetX=0&widgetY=0&wRV=2000971&pVis=1&lsd=23cf2aba-8802-4eff-827f-8df1f605ea08&eIdx=&cnsntV2=CPjfQl5PjfQl5BBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cheq=0&rtt=320&oo=false&lo=936&odbreq=1303&odbres=1622&to=1670152434250&ab=0&wl=0
70.42.32.95200 OK 4 B URL HTTP/1.1 mcdp-nydc1.outbrain.com/l?token=2e6fe1d2d4e85bb9201b9f3e5072da1c_178258_1670152438107&tm=633&eT=0&widgetWidth=970&widgetHeight=90&widgetX=0&widgetY=0&wRV=2000971&pVis=1&lsd=23cf2aba-8802-4eff-827f-8df1f605ea08&eIdx=&cnsntV2=CPjfQl5PjfQl5BBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cheq=0&rtt=320&oo=false&lo=936&odbreq=1303&odbres=1622&to=1670152434250&ab=0&wl=0
IP 70.42.32.95:0
File type ASCII text, with no line terminators
Hash 72054d9a6fbdcc7df012e19f32345b65
52dd4c74c813db3790179c4f236ceadaca3467a8
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
GET /l?token=2e6fe1d2d4e85bb9201b9f3e5072da1c_178258_1670152438107&tm=633&eT=0&widgetWidth=970&widgetHeight=90&widgetX=0&widgetY=0&wRV=2000971&pVis=1&lsd=23cf2aba-8802-4eff-827f-8df1f605ea08&eIdx=&cnsntV2=CPjfQl5PjfQl5BBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cheq=0&rtt=320&oo=false&lo=936&odbreq=1303&odbres=1622&to=1670152434250&ab=0&wl=0 HTTP/1.1
Host: mcdp-nydc1.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 11:13:58 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 4
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: 511c441236dbe3aa4a637818f595a8b1
log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=2e6fe1d2d4e85bb9201b9f3e5072da1c&pvId=2e6fe1d2d4e85bb9201b9f3e5072da1c&sid=9270331&pid=178258&idx=0&wId=101&pad=2&org=0&tm=655&eT=3&cnsnt=CPjfQl5PjfQl5BBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&wRV=2000971&pVis=1&lsd=23cf2aba-8802-4eff-827f-8df1f605ea08&eIdx=0&oo=false&ab=0&wl=0
70.42.32.95200 OK 4 B URL HTTP/1.1 log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=2e6fe1d2d4e85bb9201b9f3e5072da1c&pvId=2e6fe1d2d4e85bb9201b9f3e5072da1c&sid=9270331&pid=178258&idx=0&wId=101&pad=2&org=0&tm=655&eT=3&cnsnt=CPjfQl5PjfQl5BBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&wRV=2000971&pVis=1&lsd=23cf2aba-8802-4eff-827f-8df1f605ea08&eIdx=0&oo=false&ab=0&wl=0
IP 70.42.32.95:0
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
GET /loggerServices/widgetGlobalEvent?rId=2e6fe1d2d4e85bb9201b9f3e5072da1c&pvId=2e6fe1d2d4e85bb9201b9f3e5072da1c&sid=9270331&pid=178258&idx=0&wId=101&pad=2&org=0&tm=655&eT=3&cnsnt=CPjfQl5PjfQl5BBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&wRV=2000971&pVis=1&lsd=23cf2aba-8802-4eff-827f-8df1f605ea08&eIdx=0&oo=false&ab=0&wl=0 HTTP/1.1
Host: log.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 11:13:58 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 4
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
X-TraceId: cf0a51e8ebaf50f79d94fa374cbbb77b
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 052fa8a2a27b7f949c7325adc78d014a
487ebb1ddfaa9d8bbeda94555d6c0f5b0a6077a0
c6fd5454f314e4cbf5bc0bcf91349f20e8bcee6e58eb99f9db2ffb63bc9591de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6FD5454F314E4CBF5BC0BCF91349F20E8BCEE6E58EB99F9DB2FFB63BC9591DE"
Last-Modified: Sat, 03 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10233
Expires: Sun, 04 Dec 2022 14:04:32 GMT
Date: Sun, 04 Dec 2022 11:13:59 GMT
Connection: keep-alive
690a547ebf.5726c893fd.com/health/
162.55.139.130200 OK 0 B URL HTTP/2 690a547ebf.5726c893fd.com/health/
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /health/ HTTP/1.1
Host: 690a547ebf.5726c893fd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.0
date: Sun, 04 Dec 2022 11:13:59 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
690a547ebf.5726c893fd.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IjIwMCUyQ1BvdW5kcyUyQ0JlYXV0eSUyQ0VwJTJDMSUyQyhlbmclMkNzdWIpJTJDSEQlMkNEcmFtYWNvb2wlMkNXYXRjaCUyQ2FuZCUyQ2Rvd25sb2FkJTJDMjAwJTJDUG91bmRzJTJDQmVhdXR5JTJDRXBpc29kZSUyQzElMkNmcmVlJTJDZW5nbGlzaCUyQ3N1YiUyQ2luJTJDMzYwcCUyQzcyMHAlMkMxMDgwcCUyQ0hEJTJDYXQlMkNEcmFtYWNvb2wlMkNIVE1MNSUyQ2F2YWlsYWJsZSUyQ2ZvciUyQ21vYmlsZS4lMjAiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSw0Niw0Nyw1NCw1NSw2MSwxMDkiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxNTI0NDg0NDkiLCJyZWZyZXNoIjoxLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjozMzE5MiwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MCwic3RyYXRhZ2VtIjoibmxhYmVsLWIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM5NzIsImJ0eXBlIjowfSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIzMzE5MiIsImNhdCI6WyJJQUIxIl0sInBhZ2UiOiJodHRwczovL3d3dy5kcmFtYWNvb2w5LmNvLzIwMC1wb3VuZHMtYmVhdXR5LWVwaXNvZGUtMS8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgiLCJmcCI6bnVsbH0sImV4dCI6eyJkdCI6MTY3MDE1MjQzNzU2M319
162.55.139.130302 Found 0 B URL HTTP/2 690a547ebf.5726c893fd.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IjIwMCUyQ1BvdW5kcyUyQ0JlYXV0eSUyQ0VwJTJDMSUyQyhlbmclMkNzdWIpJTJDSEQlMkNEcmFtYWNvb2wlMkNXYXRjaCUyQ2FuZCUyQ2Rvd25sb2FkJTJDMjAwJTJDUG91bmRzJTJDQmVhdXR5JTJDRXBpc29kZSUyQzElMkNmcmVlJTJDZW5nbGlzaCUyQ3N1YiUyQ2luJTJDMzYwcCUyQzcyMHAlMkMxMDgwcCUyQ0hEJTJDYXQlMkNEcmFtYWNvb2wlMkNIVE1MNSUyQ2F2YWlsYWJsZSUyQ2ZvciUyQ21vYmlsZS4lMjAiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSw0Niw0Nyw1NCw1NSw2MSwxMDkiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxNTI0NDg0NDkiLCJyZWZyZXNoIjoxLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjozMzE5MiwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MCwic3RyYXRhZ2VtIjoibmxhYmVsLWIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM5NzIsImJ0eXBlIjowfSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIzMzE5MiIsImNhdCI6WyJJQUIxIl0sInBhZ2UiOiJodHRwczovL3d3dy5kcmFtYWNvb2w5LmNvLzIwMC1wb3VuZHMtYmVhdXR5LWVwaXNvZGUtMS8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgiLCJmcCI6bnVsbH0sImV4dCI6eyJkdCI6MTY3MDE1MjQzNzU2M319
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IjIwMCUyQ1BvdW5kcyUyQ0JlYXV0eSUyQ0VwJTJDMSUyQyhlbmclMkNzdWIpJTJDSEQlMkNEcmFtYWNvb2wlMkNXYXRjaCUyQ2FuZCUyQ2Rvd25sb2FkJTJDMjAwJTJDUG91bmRzJTJDQmVhdXR5JTJDRXBpc29kZSUyQzElMkNmcmVlJTJDZW5nbGlzaCUyQ3N1YiUyQ2luJTJDMzYwcCUyQzcyMHAlMkMxMDgwcCUyQ0hEJTJDYXQlMkNEcmFtYWNvb2wlMkNIVE1MNSUyQ2F2YWlsYWJsZSUyQ2ZvciUyQ21vYmlsZS4lMjAiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSw0Niw0Nyw1NCw1NSw2MSwxMDkiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxNTI0NDg0NDkiLCJyZWZyZXNoIjoxLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjozMzE5MiwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MCwic3RyYXRhZ2VtIjoibmxhYmVsLWIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM5NzIsImJ0eXBlIjowfSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIzMzE5MiIsImNhdCI6WyJJQUIxIl0sInBhZ2UiOiJodHRwczovL3d3dy5kcmFtYWNvb2w5LmNvLzIwMC1wb3VuZHMtYmVhdXR5LWVwaXNvZGUtMS8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgiLCJmcCI6bnVsbH0sImV4dCI6eyJkdCI6MTY3MDE1MjQzNzU2M319 HTTP/1.1
Host: 690a547ebf.5726c893fd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Sun, 04 Dec 2022 11:13:59 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://rtbrennab.com/banner/in/show/?mid=7844914041963291628&pid=0&site=33192&sc=NO&usage_type=DCH&subid=152448449&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=www.dramacool9.co&hostname=auc-banner-hz-4&site_id=0&spot_id=33192&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB1&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=95&ml=&tag_ab=c&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB1&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D33192%26source%3D152448449%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D33192%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3D200%252CPounds%252CBeauty%252CEp%252C1%252C%28eng%252Csub%29%252CHD%252CDramacool%252CWatch%252Cand%252Cdownload%252C200%252CPounds%252CBeauty%252CEpisode%252C1%252Cfree%252Cenglish%252Csub%252Cin%252C360p%252C720p%252C1080p%252CHD%252Cat%252CDramacool%252CHTML5%252Cavailable%252Cfor%252Cmobile.%2520%26spot_id%3D33192%26p%3Dhttps%253A%252F%252Fwww.dramacool9.co%252F200-pounds-beauty-episode-1%252F%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26btype%3D0%26score%3D95%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=200%2CPounds%2CBeauty%2CEp%2C1%2C(eng%2Csub)%2CHD%2CDramacool%2CWatch%2Cand%2Cdownload%2C200%2CPounds%2CBeauty%2CEpisode%2C1%2Cfree%2Cenglish%2Csub%2Cin%2C360p%2C720p%2C1080p%2CHD%2Cat%2CDramacool%2CHTML5%2Cavailable%2Cfor%2Cmobile.%20&stratagem=nlabel-b&ssp=3972
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash acff0c848e7651fa3d857853b59661bb
b863cf802eb1de5a7cd468349c5264466501152d
08489377ff120c7a6f7c7f904262dd0e628a470e4501801bd534e2f6c778521c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08489377FF120C7A6F7C7F904262DD0E628A470E4501801BD534E2F6C778521C"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3635
Expires: Sun, 04 Dec 2022 12:14:35 GMT
Date: Sun, 04 Dec 2022 11:14:00 GMT
Connection: keep-alive
rtbrennab.com/banner/in/show/?mid=7844914041963291628&pid=0&site=33192&sc=NO&usage_type=DCH&subid=152448449&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=www.dramacool9.co&hostname=auc-banner-hz-4&site_id=0&spot_id=33192&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB1&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=95&ml=&tag_ab=c&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB1&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D33192%26source%3D152448449%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D33192%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3D200%252CPounds%252CBeauty%252CEp%252C1%252C%28eng%252Csub%29%252CHD%252CDramacool%252CWatch%252Cand%252Cdownload%252C200%252CPounds%252CBeauty%252CEpisode%252C1%252Cfree%252Cenglish%252Csub%252Cin%252C360p%252C720p%252C1080p%252CHD%252Cat%252CDramacool%252CHTML5%252Cavailable%252Cfor%252Cmobile.%2520%26spot_id%3D33192%26p%3Dhttps%253A%252F%252Fwww.dramacool9.co%252F200-pounds-beauty-episode-1%252F%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26btype%3D0%26score%3D95%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=200%2CPounds%2CBeauty%2CEp%2C1%2C(eng%2Csub)%2CHD%2CDramacool%2CWatch%2Cand%2Cdownload%2C200%2CPounds%2CBeauty%2CEpisode%2C1%2Cfree%2Cenglish%2Csub%2Cin%2C360p%2C720p%2C1080p%2CHD%2Cat%2CDramacool%2CHTML5%2Cavailable%2Cfor%2Cmobile.%20&stratagem=nlabel-b&ssp=3972
159.69.163.6302 Found 0 B URL HTTP/2 rtbrennab.com/banner/in/show/?mid=7844914041963291628&pid=0&site=33192&sc=NO&usage_type=DCH&subid=152448449&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=www.dramacool9.co&hostname=auc-banner-hz-4&site_id=0&spot_id=33192&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB1&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=95&ml=&tag_ab=c&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB1&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D33192%26source%3D152448449%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D33192%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3D200%252CPounds%252CBeauty%252CEp%252C1%252C%28eng%252Csub%29%252CHD%252CDramacool%252CWatch%252Cand%252Cdownload%252C200%252CPounds%252CBeauty%252CEpisode%252C1%252Cfree%252Cenglish%252Csub%252Cin%252C360p%252C720p%252C1080p%252CHD%252Cat%252CDramacool%252CHTML5%252Cavailable%252Cfor%252Cmobile.%2520%26spot_id%3D33192%26p%3Dhttps%253A%252F%252Fwww.dramacool9.co%252F200-pounds-beauty-episode-1%252F%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26btype%3D0%26score%3D95%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=200%2CPounds%2CBeauty%2CEp%2C1%2C(eng%2Csub)%2CHD%2CDramacool%2CWatch%2Cand%2Cdownload%2C200%2CPounds%2CBeauty%2CEpisode%2C1%2Cfree%2Cenglish%2Csub%2Cin%2C360p%2C720p%2C1080p%2CHD%2Cat%2CDramacool%2CHTML5%2Cavailable%2Cfor%2Cmobile.%20&stratagem=nlabel-b&ssp=3972
IP 159.69.163.6:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner/in/show/?mid=7844914041963291628&pid=0&site=33192&sc=NO&usage_type=DCH&subid=152448449&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=www.dramacool9.co&hostname=auc-banner-hz-4&site_id=0&spot_id=33192&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB1&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=95&ml=&tag_ab=c&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB1&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D33192%26source%3D152448449%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D33192%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3D200%252CPounds%252CBeauty%252CEp%252C1%252C%28eng%252Csub%29%252CHD%252CDramacool%252CWatch%252Cand%252Cdownload%252C200%252CPounds%252CBeauty%252CEpisode%252C1%252Cfree%252Cenglish%252Csub%252Cin%252C360p%252C720p%252C1080p%252CHD%252Cat%252CDramacool%252CHTML5%252Cavailable%252Cfor%252Cmobile.%2520%26spot_id%3D33192%26p%3Dhttps%253A%252F%252Fwww.dramacool9.co%252F200-pounds-beauty-episode-1%252F%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26btype%3D0%26score%3D95%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=200%2CPounds%2CBeauty%2CEp%2C1%2C(eng%2Csub)%2CHD%2CDramacool%2CWatch%2Cand%2Cdownload%2C200%2CPounds%2CBeauty%2CEpisode%2C1%2Cfree%2Cenglish%2Csub%2Cin%2C360p%2C720p%2C1080p%2CHD%2Cat%2CDramacool%2CHTML5%2Cavailable%2Cfor%2Cmobile.%20&stratagem=nlabel-b&ssp=3972 HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.18.0
date: Sun, 04 Dec 2022 11:14:00 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://btds.zog.link/in/912/?sid=33192&source=152448449&idzone=0&w=1&h=1&mo=&ve=&site_id=33192&utm1=&utm2=&utm3=&utm4=&ad_tags=200%2CPounds%2CBeauty%2CEp%2C1%2C(eng%2Csub)%2CHD%2CDramacool%2CWatch%2Cand%2Cdownload%2C200%2CPounds%2CBeauty%2CEpisode%2C1%2Cfree%2Cenglish%2Csub%2Cin%2C360p%2C720p%2C1080p%2CHD%2Cat%2CDramacool%2CHTML5%2Cavailable%2Cfor%2Cmobile.%20&spot_id=33192&p=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&btype=0&score=95&bf=0.0001
X-Firefox-Spdy: h2
prebid.media.net/rtb/prebid?cid=8CUT3342T
34.107.148.139200 OK 503 B URL HTTP/2 prebid.media.net/rtb/prebid?cid=8CUT3342T
IP 34.107.148.139:0
Hash 741d810390fb17707d6c5bceaf2cca04
e899eba219fc183ed833df3286d531e845e91159
0c2db4db221ff45d4d7fdd2a192eb762c1232f78f13c9f88f548c452ea9cd105
POST /rtb/prebid?cid=8CUT3342T HTTP/1.1
Host: prebid.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 4671
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:13:57 GMT
content-type: application/json;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
expires: Sun, 04 Dec 2022 11:13:57 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
151.101.65.108200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 151.101.65.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 04 Dec 2022 11:14:00 GMT
Age: 24150
X-Served-By: cache-lga13626-LGA, cache-bma1681-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 38, 62620
X-Timer: S1670152440.434071,VS0,VE0
Vary: Accept-Encoding
btds.zog.link/in/912/?sid=33192&source=152448449&idzone=0&w=1&h=1&mo=&ve=&site_id=33192&utm1=&utm2=&utm3=&utm4=&ad_tags=200%2CPounds%2CBeauty%2CEp%2C1%2C(eng%2Csub)%2CHD%2CDramacool%2CWatch%2Cand%2Cdownload%2C200%2CPounds%2CBeauty%2CEpisode%2C1%2Cfree%2Cenglish%2Csub%2Cin%2C360p%2C720p%2C1080p%2CHD%2Cat%2CDramacool%2CHTML5%2Cavailable%2Cfor%2Cmobile.%20&spot_id=33192&p=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&btype=0&score=95&bf=0.0001
109.206.182.60302 Found 0 B URL HTTP/2 btds.zog.link/in/912/?sid=33192&source=152448449&idzone=0&w=1&h=1&mo=&ve=&site_id=33192&utm1=&utm2=&utm3=&utm4=&ad_tags=200%2CPounds%2CBeauty%2CEp%2C1%2C(eng%2Csub)%2CHD%2CDramacool%2CWatch%2Cand%2Cdownload%2C200%2CPounds%2CBeauty%2CEpisode%2C1%2Cfree%2Cenglish%2Csub%2Cin%2C360p%2C720p%2C1080p%2CHD%2Cat%2CDramacool%2CHTML5%2Cavailable%2Cfor%2Cmobile.%20&spot_id=33192&p=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&btype=0&score=95&bf=0.0001
IP 109.206.182.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/912/?sid=33192&source=152448449&idzone=0&w=1&h=1&mo=&ve=&site_id=33192&utm1=&utm2=&utm3=&utm4=&ad_tags=200%2CPounds%2CBeauty%2CEp%2C1%2C(eng%2Csub)%2CHD%2CDramacool%2CWatch%2Cand%2Cdownload%2C200%2CPounds%2CBeauty%2CEpisode%2C1%2Cfree%2Cenglish%2Csub%2Cin%2C360p%2C720p%2C1080p%2CHD%2Cat%2CDramacool%2CHTML5%2Cavailable%2Cfor%2Cmobile.%20&spot_id=33192&p=https%3A%2F%2Fwww.dramacool9.co%2F200-pounds-beauty-episode-1%2F&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&btype=0&score=95&bf=0.0001 HTTP/1.1
Host: btds.zog.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.20.1
date: Sun, 04 Dec 2022 11:13:59 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://cdn.1vag.com/1x1.png
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: *
set-cookie: 912.0=1; expires=Mon, 05 Dec 2022 11:14:00 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.171.84307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.171.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 04 Dec 2022 11:14:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 02641e06-d96f-48ab-ad48-bc7877964dd5
Set-Cookie: uuid2=7012610047604573220; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 04-Mar-2023 11:14:00 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
log.outbrainimg.com/api/loggerBatch/log-viewability
70.42.32.95200 OK 4 B URL HTTP/1.1 log.outbrainimg.com/api/loggerBatch/log-viewability
IP 70.42.32.95:0
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
POST /api/loggerBatch/log-viewability HTTP/1.1
Host: log.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 351
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 11:14:00 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 4
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
X-TraceId: 477a17fb4e0bdb6824aed06533aaed89
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.171.84200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.171.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 04 Dec 2022 11:14:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: b0b2277c-7f99-4780-99f9-d555b44a7022
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash edec464b8ea651d5f01588b81055ad41
400f9e27571f5f92b15161ebf3ca027828f0e945
1e14235861231ddc6a99d6eae254dfb94c5b936f8978be38c53a3db0c608b8a4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E14235861231DDC6A99D6EAE254DFB94C5B936F8978BE38C53A3DB0C608B8A4"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13736
Expires: Sun, 04 Dec 2022 15:02:56 GMT
Date: Sun, 04 Dec 2022 11:14:00 GMT
Connection: keep-alive
cdn.1vag.com/1x1.png
45.133.44.25200 OK 68 B IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /1x1.png HTTP/1.1
Host: cdn.1vag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:14:00 GMT
content-type: image/png
content-length: 68
server: nginx/1.20.1
last-modified: Wed, 15 Apr 2020 13:30:15 GMT
etag: "5e970c67-44"
cache-control: max-age=3600
x-request-id: 28eea0836f6cd5562d41ccabe8fa4a5b
expires: Sun, 04 Dec 2022 12:14:00 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.171.84307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.171.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 04 Dec 2022 11:14:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 59e99a2a-4806-4a9c-9471-a4bb2409316e
Set-Cookie: uuid2=8989416109991848801; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 04-Mar-2023 11:14:01 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.171.84200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.171.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 04 Dec 2022 11:14:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 18d6cddd-a63d-41bd-a912-10833304675a
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
js.wpadmngr.com/static/adManager.js
45.133.44.24200 OK 0 B URL HTTP/2 js.wpadmngr.com/static/adManager.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:53 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 13 Jul 2022 06:52:04 GMT
etag: W/"62ce6b94-4e2"
content-encoding: gzip
expires: Sun, 04 Dec 2022 11:18:53 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
js.wpadmngr.com/static/adManager.m.js
45.133.44.24200 OK 0 B URL HTTP/2 js.wpadmngr.com/static/adManager.m.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:53 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 30 Nov 2022 13:10:49 GMT
etag: W/"63875659-17718"
content-encoding: gzip
expires: Sun, 04 Dec 2022 11:18:53 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
rndskittytor.com/500/4231561?excludes=&oaid=f725b9bd438a4b5b8c3927222252beef&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=729&wiw=729&wih=410&wfc=5&pl=https%3A%2F%2Fasianplay.pro%2Fstreaming.php%3Fid%3DMjQxMzg%3D%26title%3D200%2BPounds%2BBeauty%2B%2Bepisode%2B1%26typesub%3DSUB&drf=https%3A%2F%2Fwww.dramacool9.co%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false
139.45.197.238200 OK 0 B URL HTTP/2 rndskittytor.com/500/4231561?excludes=&oaid=f725b9bd438a4b5b8c3927222252beef&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=729&wiw=729&wih=410&wfc=5&pl=https%3A%2F%2Fasianplay.pro%2Fstreaming.php%3Fid%3DMjQxMzg%3D%26title%3D200%2BPounds%2BBeauty%2B%2Bepisode%2B1%26typesub%3DSUB&drf=https%3A%2F%2Fwww.dramacool9.co%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false
IP 139.45.197.238:0
Analyzer Verdict Alert quad9 Sinkholed
GET /500/4231561?excludes=&oaid=f725b9bd438a4b5b8c3927222252beef&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=729&wiw=729&wih=410&wfc=5&pl=https%3A%2F%2Fasianplay.pro%2Fstreaming.php%3Fid%3DMjQxMzg%3D%26title%3D200%2BPounds%2BBeauty%2B%2Bepisode%2B1%26typesub%3DSUB&drf=https%3A%2F%2Fwww.dramacool9.co%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false HTTP/1.1
Host: rndskittytor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://asianplay.pro
Connection: keep-alive
Referer: https://asianplay.pro/
Cookie: OAID=76fa58edb0fb427c9f625ea591371649
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:13:57 GMT
content-type: application/javascript
x-trace-id: 8611a9b611d3adf3f845bfcab51027ca
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: https://asianplay.pro
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=f725b9bd438a4b5b8c3927222252beef; expires=Mon, 04 Dec 2023 11:13:57 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=2&pid=509a83c9da704191ac516dc694c0a62d&sizes=[[300,250],[200,200],[250,250],[300,100]]&slotid=7975d11c-92e2-4a71-adaa-ec1d8705bdd0&ts=1670152433752
18.205.250.251200 OK 0 B URL HTTP/2 api.purpleads.io/x/b/?idx=2&pid=509a83c9da704191ac516dc694c0a62d&sizes=[[300,250],[200,200],[250,250],[300,100]]&slotid=7975d11c-92e2-4a71-adaa-ec1d8705bdd0&ts=1670152433752
IP 18.205.250.251:0
OPTIONS /x/b/?idx=2&pid=509a83c9da704191ac516dc694c0a62d&sizes=[[300,250],[200,200],[250,250],[300,100]]&slotid=7975d11c-92e2-4a71-adaa-ec1d8705bdd0&ts=1670152433752 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:56 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: d8057c3e-09ce-4373-86c9-7417d9ed8285
X-Firefox-Spdy: h2
asianplay.pro/encrypt-ajax.php?id=zZHv3zjjbez6lHvpr+Bc0Q==&title=200+Pounds+Beauty++episode+1&typesub=SUB&mip=0.0.0.0&refer=https://www.dramacool9.co/&op=1&alias=MjQxMzg=
172.67.74.229200 OK 0 B URL HTTP/2 asianplay.pro/encrypt-ajax.php?id=zZHv3zjjbez6lHvpr+Bc0Q==&title=200+Pounds+Beauty++episode+1&typesub=SUB&mip=0.0.0.0&refer=https://www.dramacool9.co/&op=1&alias=MjQxMzg=
IP 172.67.74.229:0
GET /encrypt-ajax.php?id=zZHv3zjjbez6lHvpr+Bc0Q==&title=200+Pounds+Beauty++episode+1&typesub=SUB&mip=0.0.0.0&refer=https://www.dramacool9.co/&op=1&alias=MjQxMzg= HTTP/1.1
Host: asianplay.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://asianplay.pro/streaming.php?id=MjQxMzg=&title=200+Pounds+Beauty++episode+1&typesub=SUB
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:56 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
x-powered-by: PHP/5.6.13
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWBBKcHbC803xAwqA2hSVLe6oJVWcodFhxjpL25aWaiMC%2FYq8zb0UYwGCAsG6QqZmXLWrLUucfC9wcHJkOJ8p8YtTZ%2BRJoz9kRanbZZwZRLEQ1C79BQTG8epV2UwU8U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d958bd20b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
platform.bidgear.com/ads.php?domainid=2175&sizeid=28&zoneid=7307
172.67.74.36200 OK 0 B URL HTTP/2 platform.bidgear.com/ads.php?domainid=2175&sizeid=28&zoneid=7307
IP 172.67.74.36:0
GET /ads.php?domainid=2175&sizeid=28&zoneid=7307 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:53 GMT
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q331W3bdgf9%2BMfz3Nteo%2B7ln7IDCfBpltoBgGq8vUem4ZMWmTISLc%2Fyc%2BcsIax47dJb7GjeoY8J8e8jDocaVrw8k0mkNmccYSwhnGGGtBZ2GIWNTBK42SaQXD56Zknd97d3d3srO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d85c8c2b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=1&pid=509a83c9da704191ac516dc694c0a62d&sizes=[[160,600],[120,600]]&slotid=e01834ec-1707-4ce6-9397-5c6d79aa5cc2&ts=1670152431838
18.205.250.251200 OK 0 B URL HTTP/2 api.purpleads.io/x/b/?idx=1&pid=509a83c9da704191ac516dc694c0a62d&sizes=[[160,600],[120,600]]&slotid=e01834ec-1707-4ce6-9397-5c6d79aa5cc2&ts=1670152431838
IP 18.205.250.251:0
OPTIONS /x/b/?idx=1&pid=509a83c9da704191ac516dc694c0a62d&sizes=[[160,600],[120,600]]&slotid=e01834ec-1707-4ce6-9397-5c6d79aa5cc2&ts=1670152431838 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:54 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: f3726cf7-7e7d-4461-ac0e-552875c433a0
X-Firefox-Spdy: h2
goomaphy.com/401/5287605
139.45.197.239200 OK 0 B IP 139.45.197.239:0
Analyzer Verdict Alert quad9 Sinkholed
GET /401/5287605 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:13:54 GMT
content-type: application/javascript
x-trace-id: 10ce423a5d3aec70a084f1536c2da2bc
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=5d52d3133d0b41c9b63885e282154e6a; expires=Mon, 04 Dec 2023 11:13:54 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
pocli.click/pub?id=53
104.21.83.81200 OK 0 B IP 104.21.83.81:0
GET /pub?id=53 HTTP/1.1
Host: pocli.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://asianplay.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:54 GMT
content-type: text/javascript;charset=UTF-8
cf-bgj: minify
cf-polished: origSize=58087
vary: Accept-Encoding
cache-control: max-age=120
cf-cache-status: HIT
age: 1558
last-modified: Sun, 04 Dec 2022 10:47:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgWHpEL33Iu2V57ApIfoovbgrQidxDuFl7bloKj%2Blqh4MHPufZ44RAwI6r8sXnVh06HgW09JTTBjFkKYDFnLkhQXhd85lyxPhDp3RRteCnNI%2Fc4rCsqIiEB%2B5ySq3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d8e18ccb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mp.4dex.io/prebid
104.18.2.114200 OK 0 B IP 104.18.2.114:0
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2020
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:57 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77441d9bee70b4fa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
demand.bidgear.com/css/ad/ad.20190411.2.css?v=1
172.67.74.36200 OK 0 B URL HTTP/2 demand.bidgear.com/css/ad/ad.20190411.2.css?v=1
IP 172.67.74.36:0
GET /css/ad/ad.20190411.2.css?v=1 HTTP/1.1
Host: demand.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:53 GMT
content-type: text/css
last-modified: Tue, 25 Jan 2022 08:46:11 GMT
vary: Accept-Encoding
etag: W/"61efb8d3-38b1"
cf-cache-status: HIT
age: 4270
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Hr1FkNawotrs%2Bg2J30sAiN%2Bc%2FPLw9IKE%2FSuuqn7ywejQPcQBGXSF7r1o2lAJk5MvpTVhWtf7Ukfr0jLC6%2Fnq7y1V0Wia%2B9TDC7l68OJyqM1r1FJybZ3CBAOsp6ShIc80nOsXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d877abdb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
asianplay.pro/js/crypto-js/crypto-js.js?v=10.1.19
172.67.74.229200 OK 0 B URL HTTP/2 asianplay.pro/js/crypto-js/crypto-js.js?v=10.1.19
IP 172.67.74.229:0
GET /js/crypto-js/crypto-js.js?v=10.1.19 HTTP/1.1
Host: asianplay.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://asianplay.pro/streaming.php?id=MjQxMzg=&title=200+Pounds+Beauty++episode+1&typesub=SUB
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:54 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Mon, 21 Jun 2021 05:38:08 GMT
etag: W/"60d025c0-2f4dd"
expires: Tue, 13 Dec 2022 03:55:59 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 1840675
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0BEpQByMiIxd2AbeU7nPUinjlhr%2FkEmGu20A6%2BdDrhwJXOxFspJ0IG2pa855z%2B5qhZz2TxQFB0GLtGyKrJue%2Fj6hSsHzKOYtX46WiAOMIL7JOPgEfc36sk7y69OkMQ4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d8d3ca50b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
IP 142.250.74.106:0
GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 11:13:57 GMT
date: Sun, 04 Dec 2022 11:13:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.dramacool9.co/200-pounds-beauty-episode-1/
104.21.51.232200 OK 0 B URL HTTP/2 www.dramacool9.co/200-pounds-beauty-episode-1/
IP 104.21.51.232:0
GET /200-pounds-beauty-episode-1/ HTTP/1.1
Host: www.dramacool9.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-pingback: https://www.dramacool9.co/xmlrpc.php
link: <https://www.dramacool9.co/wp-json/>; rel="https://api.w.org/", <https://www.dramacool9.co/wp-json/wp/v2/posts/35882>; rel="alternate"; type="application/json", <https://www.dramacool9.co/?p=35882>; rel=shortlink
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8PU5%2Ft7hjp1eTyLuyoBnpL1YQH%2F2FKqRsCRkbRcYUQ6Vc15G%2FKpytHjZGULRvvWFXQ0vVg9%2B5fR54GcsKFH6VpBgFXPPhig5mmYSAzy2GusevnoxxH1GW3Jh%2Bry1ccdxg0EbgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d837feb0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
platform.pubfuture.com/v1/config/61b31c050eed05002711813a.js?v=6&ip=OTEuOTAuNDIuMTU0&cc=Tk8=&c=MzE0MzI0NA==&d=b3RoZXJz&s=aHR0cHM6Ly93d3cuZHJhbWFjb29sOS5jby8yMDAtcG91bmRzLWJlYXV0eS1lcGlzb2RlLTEv
54.161.122.246200 OK 0 B URL HTTP/2 platform.pubfuture.com/v1/config/61b31c050eed05002711813a.js?v=6&ip=OTEuOTAuNDIuMTU0&cc=Tk8=&c=MzE0MzI0NA==&d=b3RoZXJz&s=aHR0cHM6Ly93d3cuZHJhbWFjb29sOS5jby8yMDAtcG91bmRzLWJlYXV0eS1lcGlzb2RlLTEv
IP 54.161.122.246:0
GET /v1/config/61b31c050eed05002711813a.js?v=6&ip=OTEuOTAuNDIuMTU0&cc=Tk8=&c=MzE0MzI0NA==&d=b3RoZXJz&s=aHR0cHM6Ly93d3cuZHJhbWFjb29sOS5jby8yMDAtcG91bmRzLWJlYXV0eS1lcGlzb2RlLTEv HTTP/1.1
Host: platform.pubfuture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:13:54 GMT
content-type: application/javascript; charset=utf-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
access-control-allow-origin: *
etag: W/"119a-qPA+TzmwlBmZ8H8dW11nhFvSkGA"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN, SAMEORIGIN
X-Firefox-Spdy: h2
cdn.uponelectabuzzor.club/27/1ead059fa749da4c72410ffa55976f24
139.45.197.239200 OK 0 B URL HTTP/2 cdn.uponelectabuzzor.club/27/1ead059fa749da4c72410ffa55976f24
IP 139.45.197.239:0
GET /27/1ead059fa749da4c72410ffa55976f24 HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Cookie: scm=1; OAID=8afea7cbcc224a4bbe6eae56dc41c6c5; oaidts=1670152434
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:13:54 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Fri, 02 Dec 2022 03:31:44 GMT
expires: Fri, 01 Jan 2083 03:31:44 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
f.h12-media.com/?init=1&rnd=0.35749202513348344
188.114.96.1200 OK 0 B URL HTTP/2 f.h12-media.com/?init=1&rnd=0.35749202513348344
IP 188.114.96.1:0
GET /?init=1&rnd=0.35749202513348344 HTTP/1.1
Host: f.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:54 GMT
content-type: application/json; Charset=UTF-8
cache-control: max-age=3600,private
vary: Accept-Encoding
access-control-allow-origin: *
x-powered-by: ASP.NET, ARR/3.0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jh6M9KekOeF47ZIDbUj2s2JwXTIPZ7qI4YEkZa9UnMjsuBUnCoCV3slsXD2aEE1KVAi4xhbbuKUJtV81%2BsSYt5VtYmT%2BMHQlBIlThzotKyZVjx6wCrZ0mF07%2FVVyMEf8Dv8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d8bb9fab512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
platform.bidgear.com/ads.php?domainid=2175&sizeid=3&zoneid=5787
172.67.74.36200 OK 0 B URL HTTP/2 platform.bidgear.com/ads.php?domainid=2175&sizeid=3&zoneid=5787
IP 172.67.74.36:0
GET /ads.php?domainid=2175&sizeid=3&zoneid=5787 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:53 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52kIeHlUjcKUIgIQQykMiBZsJq8SjxGnax8KkMBJvOpxT%2BEXUvJBe%2BkAmmRMK791Py%2Fk3dHhUsbaVsFG18LcGHZsIFgY83ukY1%2Bbn7vC%2FCzhoGwZB7FScxihXh%2FZM%2BhEZWCj2C25"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d859891b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
mp.4dex.io/prebid
104.18.2.114200 OK 0 B IP 104.18.2.114:0
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1779
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:54 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77441d8d6ba3b4fa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
platform.bidgear.com/ads.php?domainid=2175&sizeid=2&zoneid=6833
172.67.74.36200 OK 0 B URL HTTP/2 platform.bidgear.com/ads.php?domainid=2175&sizeid=2&zoneid=6833
IP 172.67.74.36:0
GET /ads.php?domainid=2175&sizeid=2&zoneid=6833 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:53 GMT
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ihtzy7WXJVHjRENRTf%2FK%2F8CyZUPycipuIXHecJOZe9wUJfM6s9ccEj4KBYGVtSpqLZuqTvNuimL0ul%2FChMlLggFrbeBQtQfw08Fz2oNN8pVQbuLLa%2B9mGy6fG56nj9qE0Qbo6RzW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d85989ab521-OSL
content-encoding: br
X-Firefox-Spdy: h2
demand.bidgear.com/tag?z=1366&k=63033dbf298c0
172.67.74.36200 OK 0 B URL HTTP/2 demand.bidgear.com/tag?z=1366&k=63033dbf298c0
IP 172.67.74.36:0
GET /tag?z=1366&k=63033dbf298c0 HTTP/1.1
Host: demand.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:53 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _dsp_8_bg=Uf948541a9df342f1b84733a686260bff; Domain=bidgear.com; Expires=Mon, 04 Dec 2023 11:13:53 GMT; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bK8URXURsvJdJPin2OPH469dO5fDYfWW3%2By04sdlRuNuludhthzbKHQciilGdCF2tG57oZQW6fj2OSX0r6%2FgNn0%2Bj%2BXjBXz%2BbRNy4WtskVD%2BZmVCSid3nGNUNBgsMvaG1L0sBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d865959b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=0&pid=509a83c9da704191ac516dc694c0a62d&sizes=[[300,250],[200,200],[250,250],[300,100]]&slotid=35ce4944-091e-47ae-82ae-0dba070d1c41&ts=1670152431838
18.205.250.251200 OK 0 B URL HTTP/2 api.purpleads.io/x/b/?idx=0&pid=509a83c9da704191ac516dc694c0a62d&sizes=[[300,250],[200,200],[250,250],[300,100]]&slotid=35ce4944-091e-47ae-82ae-0dba070d1c41&ts=1670152431838
IP 18.205.250.251:0
OPTIONS /x/b/?idx=0&pid=509a83c9da704191ac516dc694c0a62d&sizes=[[300,250],[200,200],[250,250],[300,100]]&slotid=35ce4944-091e-47ae-82ae-0dba070d1c41&ts=1670152431838 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:54 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 02b39586-f7f6-4fa7-b9b1-7e15c4005285
X-Firefox-Spdy: h2
asianplay.pro/js/player.min.js?v=10.1.19
172.67.74.229200 OK 0 B URL HTTP/2 asianplay.pro/js/player.min.js?v=10.1.19
IP 172.67.74.229:0
GET /js/player.min.js?v=10.1.19 HTTP/1.1
Host: asianplay.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://asianplay.pro/streaming.php?id=MjQxMzg=&title=200+Pounds+Beauty++episode+1&typesub=SUB
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:54 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Fri, 14 Oct 2022 04:48:09 GMT
etag: W/"6348ea09-31dc1"
expires: Tue, 13 Dec 2022 04:55:40 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 1840675
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRekTEWnmjOTfNjFArdVtaFdFDT2Ie3YSpPCmQMaVfaLtC4S21vue4nG2jY3Q6ZnKkkc%2FzMQgJBGdAvOhZGmkr4BXLAE9LZwI6G0klQzrApcPe8j4Sy2ALva9VBTTGU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d8d3ca80b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
188.114.99.234200 OK 0 B URL HTTP/2 script.4dex.io/localstore.js
IP 188.114.99.234:0
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:54 GMT
content-type: application/javascript
cache-control: public, max-age=1800
etag: W/"922cffdd75f7192f75231d92684885aa"
last-modified: Wed, 23 Nov 2022 15:43:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 931363
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2BkE%2FE3MbodxWOlBhBifwRylwXTX1F9cyFtSnsGy2t0IHb%2FxDnjEwjKaZuDg8oIzwL31TftWz%2FQGo6TsZArXJ0UlH1kF4yBfhAlnwkA8gXpl%2FBlIzcCBnTI0dcnBCAfS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d8d1bdeb524-OSL
content-encoding: br
X-Firefox-Spdy: h2
delivery.taroads.com/creative
188.114.96.1200 OK 0 B URL HTTP/2 delivery.taroads.com/creative
IP 188.114.96.1:0
POST /creative HTTP/1.1
Host: delivery.taroads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Origin: https://asianplay.pro
Content-Length: 192
Connection: keep-alive
Referer: https://asianplay.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:56 GMT
content-type: application/json
vary: Accept-Encoding, Origin
set-cookie: ___tasd=e27,; Path=/; Expires=Sun, 04-Dec-22 17:13:56 GMT; SameSite=None; Secure
access-control-allow-origin: https://asianplay.pro
access-control-allow-credentials: true
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3tP9w73lwFc3Fn%2Frefn2RW8eVjxWKj2hMbWOhJ7FSkJAUE2rOS20zzKgvyvPs0cdcQfY16W2rkMck5Q6RhrfQfYe%2BVo%2Ba7809XI%2FXstpv2m%2BAeMSMRHKGZ5%2FKRq%2BsJef0G2%2FFaKgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77441d956ea91c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.purpleads.io/x/v/?ts=1670152433786
18.205.250.251200 OK 0 B URL HTTP/2 api.purpleads.io/x/v/?ts=1670152433786
IP 18.205.250.251:0
OPTIONS /x/v/?ts=1670152433786 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:13:56 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 2089a91f-d9aa-4daf-bcf5-1c83616294c9
X-Firefox-Spdy: h2
ssl.p.jwpcdn.com/player/v/8.23.1/provider.hlsjs.js
151.101.130.114200 OK 0 B URL HTTP/2 ssl.p.jwpcdn.com/player/v/8.23.1/provider.hlsjs.js
IP 151.101.130.114:0
GET /player/v/8.23.1/provider.hlsjs.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://asianplay.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=31536000, immutable
last-modified: Fri, 08 Oct 2021 21:48:25 GMT
etag: "579ca51b4fb9fd747e0fc5cb338b5ab2"
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 11:13:57 GMT
via: 1.1 varnish
age: 23440325
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 804
x-timer: S1670152437.118889,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 115635
X-Firefox-Spdy: h2