dramacool9.co/
172.67.190.162301 Moved Permanently 0 B IP 172.67.190.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: dramacool9.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 21 Nov 2022 08:34:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 21 Nov 2022 09:34:54 GMT
Location: https://dramacool9.co/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DAjZTbS0YrzyLT4HOQ%2F4jdmJAWngaRHe8fovusIk2%2BN3HshSYP14xIb0%2FEDblHfCPUpL2fDP3AuyiDdzmaW1aZ6VrnHsEWvUIRKdyrk766dEXGp8%2BYqFf4qaBdbxVPw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76d816c3cfc9b523-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6ed951622549ed76959631f8a1bf497b
682b2dd2a72190510e3fa7bdb0c0c6f25a322dfb
86f5e5ae2da408a899d16c83b7ca441033ac0c30062cd29f2db1b1b5be666746
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86F5E5AE2DA408A899D16C83B7CA441033AC0C30062CD29F2DB1B1B5BE666746"
Last-Modified: Sat, 19 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14955
Expires: Mon, 21 Nov 2022 12:44:09 GMT
Date: Mon, 21 Nov 2022 08:34:54 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2061bb5a62c7dbe5a39e49a98bf7d214
812ff4923fc0fa69fa7db7c362d5af728e297099
6f0c1ecd37ba47802a386c487e3c2eb1794a06e8b9f56e016326686e3d80ef92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3504
Cache-Control: max-age=96894
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:54 GMT
Etag: "637a01fc-1d7"
Expires: Tue, 22 Nov 2022 11:29:48 GMT
Last-Modified: Sun, 20 Nov 2022 10:31:24 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e7724a1f27dc1b5b2fb63c7e486f74db
ef0ea648ce8bc189d31382baec4b181c724af93b
2a46916079563d95fa6a695104ebf41829ee95a156d6e4d45b9aef7231a8a80e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A46916079563D95FA6A695104EBF41829EE95A156D6E4D45B9AEF7231A8A80E"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14710
Expires: Mon, 21 Nov 2022 12:40:05 GMT
Date: Mon, 21 Nov 2022 08:34:55 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 21 Nov 2022 07:45:23 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2972
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: YCE0vhnrK03OWBykrFL1FdKCCnFuCEc9bXrPT2oCpD9EC43CXhiTu2gYU97KmbZcbT3NaYtPtmo=
x-amz-request-id: KC99VSPYZ0CZ4K1T
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 21 Nov 2022 07:39:03 GMT
age: 3352
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4fe3c40e2fcc49fdca1882abace71e2b
795a577447739d1e5d6ce53b5ec271721a780626
e976aee16147707f9d800b50ab5d092d2425ecea94eb135cd3f478ab494ab42f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2147
Cache-Control: max-age=110276
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:55 GMT
Etag: "637a3b90-117"
Expires: Tue, 22 Nov 2022 15:12:51 GMT
Last-Modified: Sun, 20 Nov 2022 14:37:04 GMT
Server: ECS (amb/6B9D)
X-Cache: HIT
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 08:34:55 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4fe3c40e2fcc49fdca1882abace71e2b
795a577447739d1e5d6ce53b5ec271721a780626
e976aee16147707f9d800b50ab5d092d2425ecea94eb135cd3f478ab494ab42f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2147
Cache-Control: max-age=110276
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:55 GMT
Etag: "637a3b90-117"
Expires: Tue, 22 Nov 2022 15:12:51 GMT
Last-Modified: Sun, 20 Nov 2022 14:37:04 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
www.dramacool9.co/
104.21.51.232301 Moved Permanently 0 B IP 104.21.51.232:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: www.dramacool9.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 21 Nov 2022 08:34:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 21 Nov 2022 09:34:55 GMT
Location: https://www.dramacool9.co/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HfmwvOlpWvPrb9C9HA4UBhYKkpFF6ncRHq57SmiC1RvC6AVFzXmTs%2Br%2Bde4fHiWPe2t1N8dZ61PS2MjE%2FC%2BRO4XNCDZ9ObSycdmh%2Fi7MaQ8XLVe3lQxgVR%2FlQ0YMKswrWNeClA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76d816c6dc24b527-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 21 Nov 2022 08:25:04 GMT
cache-control: public,max-age=3600
age: 591
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 12 kB IP 93.184.220.29:0
Hash eda87ba27bb25f1544d079cc8892d905
9f98a629206fe3f45725bd44732950c9da2f0541
d83f1140cd2dbb1e6d934402d328d36a619077bb3f57b4c5168b1a149fb89f1b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4262
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:55 GMT
Last-Modified: Mon, 21 Nov 2022 07:23:53 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0387a44e9986d98fc1e2d881abd66da1
5a57c17830d9f63c314e91e890454d46a0f26f86
8941fe7c144c95fb658ddc677fd6af1470aa5894df0feaf468039e512e35e247
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4262
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:55 GMT
Last-Modified: Mon, 21 Nov 2022 07:23:53 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
cdnjs.cloudflare.com/ajax/libs/jquery_lazyload/1.9.7/jquery.lazyload.min.js?ver=1
104.17.24.14200 OK 1.1 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery_lazyload/1.9.7/jquery.lazyload.min.js?ver=1
IP 104.17.24.14:0
File type ASCII text, with very long lines (3309)
Hash edf1dd25b1ab3d24fbf2444b4061838c
e59cb30ed49d56313ee1f770f6784f5faaa1199f
c31915d8a610a15ca29180348abb37bdaff9d8bde76f13c0e78bc841e633c06e
GET /ajax/libs/jquery_lazyload/1.9.7/jquery.lazyload.min.js?ver=1 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:55 GMT
content-type: application/javascript; charset=utf-8
content-length: 1120
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-d35"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1607770
expires: Sat, 11 Nov 2023 08:34:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FMuB9FFNpXPGL0nSoaUa4Si0Q51HoX7krcYVTfXLs%2BrOHX1BxzVKryqFSgLFlLLdYO6HGo8Y3ZtOb%2BaluOA%2B1MiEefPyYUM9vHoMUMB34If6YFLmBsruKXCuLyvyQ7xRYYWYdTMg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76d816ca3bbab4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0387a44e9986d98fc1e2d881abd66da1
5a57c17830d9f63c314e91e890454d46a0f26f86
8941fe7c144c95fb658ddc677fd6af1470aa5894df0feaf468039e512e35e247
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4262
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:55 GMT
Last-Modified: Mon, 21 Nov 2022 07:23:53 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0387a44e9986d98fc1e2d881abd66da1
5a57c17830d9f63c314e91e890454d46a0f26f86
8941fe7c144c95fb658ddc677fd6af1470aa5894df0feaf468039e512e35e247
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4262
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:55 GMT
Last-Modified: Mon, 21 Nov 2022 07:23:53 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 27138f8625c320bd1434ccd92263b641
6a8f18728c9f324c1c631ffc85901d84ec4d0e0c
02338368cfa2325e8463bd169cb0ad4df2967ca4260b75bc665cd0836e90e9f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6029
Cache-Control: max-age=94347
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:55 GMT
Etag: "6379ee2d-1d7"
Expires: Tue, 22 Nov 2022 10:47:22 GMT
Last-Modified: Sun, 20 Nov 2022 09:06:53 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2da59c4a9be4f0dc74fbbf22e88a9b80
a10e268ad97c13e283fff7111910b7ad6b2fb13f
c30830d604a72b45aa1e021906348c8c0b54625e1faa93cc84e8caca7fb4bf38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C30830D604A72B45AA1E021906348C8C0B54625E1FAA93CC84E8CACA7FB4BF38"
Last-Modified: Mon, 21 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14246
Expires: Mon, 21 Nov 2022 12:32:21 GMT
Date: Mon, 21 Nov 2022 08:34:55 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 662c6190c63609f87a23660fc808a650
a4178dd92d6f8a4f7c4da846a08d4104575f3636
93a8fd2af027f09640a8f5c3e2f10603d8b7aff4c74bc274cdbea7deeb396f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 017ae7e427ed0373c987ed87d19b9c66
7c4d638cb232e0daee41365ede5cd947c4f40097
0dab204ddfd89857e7909be8fe6b1479641d50cabbc1799cc867867cdfc4b486
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0DAB204DDFD89857E7909BE8FE6B1479641D50CABBC1799CC867867CDFC4B486"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3949
Expires: Mon, 21 Nov 2022 09:40:44 GMT
Date: Mon, 21 Nov 2022 08:34:55 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=UA-131447009-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-131447009-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash cf712c65b03c7979650dfb9d99e0ce6e
cc2386965369baddec6da11b2b446f672c2f1580
2411e927a38c729b1fd33d55d68df935eba50b99ce58acd3fc26e19fe63bfff8
GET /gtag/js?id=UA-131447009-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 21 Nov 2022 08:34:55 GMT
expires: Mon, 21 Nov 2022 08:34:55 GMT
cache-control: private, max-age=900
last-modified: Mon, 21 Nov 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cenaclesuccoth.com/1clkn/16782
172.255.6.237200 OK 26 B URL HTTP/1.1 cenaclesuccoth.com/1clkn/16782
IP 172.255.6.237:0
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
GET /1clkn/16782 HTTP/1.1
Host: cenaclesuccoth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 21 Nov 2022 08:34:55 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Tue, 22-Nov-2022 08:34:55 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Tue, 22-Nov-2022 08:34:55 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 832 B IP 142.250.74.3:0
Hash c45c4b18d9414f7d3fefeaa1e8cd3563
9370edac2f2cb6a0ca4b7f05d24bbbe29fbbb787
8c9c92e32d9f04f8542ca9a5f7f4021cb044668896f2839e7db0784bfc12586c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.purpleads.io/agent.js?publisherId=b2ceb012c83b9a7144bd1478208f267a:9ab0b065d3810b2fd9aeb6065b8ee85871db6fe4c4ad32f49fd0fc672f69e09f3081599e2f6e24b5210a9db2e188856bcf18a03638f2ecaa4014d5b7915c430d
143.204.55.90200 OK 14 kB URL HTTP/2 cdn.purpleads.io/agent.js?publisherId=b2ceb012c83b9a7144bd1478208f267a:9ab0b065d3810b2fd9aeb6065b8ee85871db6fe4c4ad32f49fd0fc672f69e09f3081599e2f6e24b5210a9db2e188856bcf18a03638f2ecaa4014d5b7915c430d
IP 143.204.55.90:0
File type Unicode text, UTF-8 text, with very long lines (54845), with no line terminators
Hash 9360b022880c529475cb4f1bb530d520
26992e6a7b2f816dd16db03d7c8f450c1c3bc8d0
2611080441a0294526ad22cbcb98974d92c1970d001d6bb2fb7b2d55be77071a
GET /agent.js?publisherId=b2ceb012c83b9a7144bd1478208f267a:9ab0b065d3810b2fd9aeb6065b8ee85871db6fe4c4ad32f49fd0fc672f69e09f3081599e2f6e24b5210a9db2e188856bcf18a03638f2ecaa4014d5b7915c430d HTTP/1.1
Host: cdn.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 13472
last-modified: Thu, 17 Nov 2022 10:44:18 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Sun, 20 Nov 2022 10:44:23 GMT
etag: "9360b022880c529475cb4f1bb530d520"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vTZkIbHXMsb7T3LR1PKTG_s4cFhM20Io0SQ1D1vnGRSMC5OSZ9EA_w==
age: 78633
X-Firefox-Spdy: h2
imp9.bidgear.com/rec?t=1&z=3133&uuid=96abc54c7f3e400fb3928d092bed0bfb&p=61&g=NO&token=4a44335432&tbg=1669019695
104.26.3.107200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=3133&uuid=96abc54c7f3e400fb3928d092bed0bfb&p=61&g=NO&token=4a44335432&tbg=1669019695
IP 104.26.3.107:0
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=3133&uuid=96abc54c7f3e400fb3928d092bed0bfb&p=61&g=NO&token=4a44335432&tbg=1669019695 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:56 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbT0qN99122%2FrlH%2FiCxTDQm37IIEVCGU5NgQK%2F2GesEXzOvJh3WZglbe2CWqqgfuQh1tcN7qxMxSPIjC50pWSHL8K6OxeNab%2BZLZHlM6dygLbBFPr%2FNdNWkgLIrHPvkq5pU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d816cb5a32b51d-OSL
X-Firefox-Spdy: h2
imp9.bidgear.com/rec?t=1&z=6833&uuid=34435166c425404d86e06b3dae7f64a4&p=47&g=NO&token=4a44335432&tbg=1669019695
104.26.3.107200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=6833&uuid=34435166c425404d86e06b3dae7f64a4&p=47&g=NO&token=4a44335432&tbg=1669019695
IP 104.26.3.107:0
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=6833&uuid=34435166c425404d86e06b3dae7f64a4&p=47&g=NO&token=4a44335432&tbg=1669019695 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:56 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4ICPio3J%2BwHYW8kFXZddRC3unGqQBpb%2Fm2GSDRXHH66nETphRiaVB9oo%2Fglj7xyOO7A8ogJmjCwRbxNLZ%2BWp9ac5Fd4DT0PnP4ISdVGnckA63bQd4jRdz%2BOEEHSmFPfFCw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d816cb5a35b51d-OSL
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.237.163.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.163.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PUdRm/RWLIsykYfDeYAe3Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jTyIkIWXqCXk0X+RAgqvC260DIo=
js.wpadmngr.com/npc/sdk/wp-banners.js
45.133.44.24200 OK 0 B URL HTTP/2 js.wpadmngr.com/npc/sdk/wp-banners.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:56 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Mon, 21 Nov 2022 08:39:56 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 265d64e2c889af56fb8876900da07a9f
b5fa22d710fc3abc06f15462870a6892b3b64d93
09d60a815c240aae9c88bec76294536ad67ee8b519d798909ea82ba800b9b8cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "09D60A815C240AAE9C88BEC76294536AD67EE8B519D798909EA82BA800B9B8CC"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3792
Expires: Mon, 21 Nov 2022 09:38:08 GMT
Date: Mon, 21 Nov 2022 08:34:56 GMT
Connection: keep-alive
cdn.purpleads.io/agent.js?publisherId=b2ceb012c83b9a7144bd1478208f267a:9ab0b065d3810b2fd9aeb6065b8ee85871db6fe4c4ad32f49fd0fc672f69e09f3081599e2f6e24b5210a9db2e188856bcf18a03638f2ecaa4014d5b7915c430d
143.204.55.90304 Not Modified 0 B URL HTTP/2 cdn.purpleads.io/agent.js?publisherId=b2ceb012c83b9a7144bd1478208f267a:9ab0b065d3810b2fd9aeb6065b8ee85871db6fe4c4ad32f49fd0fc672f69e09f3081599e2f6e24b5210a9db2e188856bcf18a03638f2ecaa4014d5b7915c430d
IP 143.204.55.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /agent.js?publisherId=b2ceb012c83b9a7144bd1478208f267a:9ab0b065d3810b2fd9aeb6065b8ee85871db6fe4c4ad32f49fd0fc672f69e09f3081599e2f6e24b5210a9db2e188856bcf18a03638f2ecaa4014d5b7915c430d HTTP/1.1
Host: cdn.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 17 Nov 2022 10:44:18 GMT
If-None-Match: "9360b022880c529475cb4f1bb530d520"
TE: trailers
HTTP/2 304 Not Modified
last-modified: Thu, 17 Nov 2022 10:44:18 GMT
server: AmazonS3
date: Sun, 20 Nov 2022 10:44:23 GMT
etag: "9360b022880c529475cb4f1bb530d520"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4Cvy9HEcF6uBbcFzgi4NG4QsjL3ynNmcNT0XXP0OWgNy5KMPJmamQw==
age: 78634
X-Firefox-Spdy: h2
imp-dsp.bidgear.com/rec?viewId=NNDoXVBnrUlgUwqnAwgnYE0G2USTsJWuHlIGhlVg8RYOYacXgi0iv13neYCh7U1WWYiGSaSAfANDVdiB001GB000GZ2Qed2I7IVaadsFd8GB001GVovSlzGJWCDzqLLuRl71KpT1K48RgFOyF5gB001G1nd2EX7B001GU9MU8dOWlNcJgR5E4eAusOUzmX0FZX6gk7PCpS2V5r7odKAG5t0uT2lIyBkZ9RI4dQs0txZnZZP5NkIw0IyvnwqWTphpzyPK0zFhGtaBB001Gbj5Bty5jtw4CgB002GB002G&token=ba80ee8a06&time=1669019695
104.26.3.107200 OK 1 B URL HTTP/2 imp-dsp.bidgear.com/rec?viewId=NNDoXVBnrUlgUwqnAwgnYE0G2USTsJWuHlIGhlVg8RYOYacXgi0iv13neYCh7U1WWYiGSaSAfANDVdiB001GB000GZ2Qed2I7IVaadsFd8GB001GVovSlzGJWCDzqLLuRl71KpT1K48RgFOyF5gB001G1nd2EX7B001GU9MU8dOWlNcJgR5E4eAusOUzmX0FZX6gk7PCpS2V5r7odKAG5t0uT2lIyBkZ9RI4dQs0txZnZZP5NkIw0IyvnwqWTphpzyPK0zFhGtaBB001Gbj5Bty5jtw4CgB002GB002G&token=ba80ee8a06&time=1669019695
IP 104.26.3.107:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
GET /rec?viewId=NNDoXVBnrUlgUwqnAwgnYE0G2USTsJWuHlIGhlVg8RYOYacXgi0iv13neYCh7U1WWYiGSaSAfANDVdiB001GB000GZ2Qed2I7IVaadsFd8GB001GVovSlzGJWCDzqLLuRl71KpT1K48RgFOyF5gB001G1nd2EX7B001GU9MU8dOWlNcJgR5E4eAusOUzmX0FZX6gk7PCpS2V5r7odKAG5t0uT2lIyBkZ9RI4dQs0txZnZZP5NkIw0IyvnwqWTphpzyPK0zFhGtaBB001Gbj5Bty5jtw4CgB002GB002G&token=ba80ee8a06&time=1669019695 HTTP/1.1
Host: imp-dsp.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:56 GMT
content-type: text/plain; charset=utf-8
content-length: 1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7qYvdlEYxw2uV%2Bq8T0vC9LVua6GHrw7OwaenMZlrYDwu58VkAOPDUSmVZyfWOSHxj6N1QbK3Q9Y6ehhfRwG3p7DCdtWUcTNq1QYuPi5vqTuJ5F70j6JXcSN87rGwBYIYOpNhHg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d816cc8c00b51d-OSL
X-Firefox-Spdy: h2
cdn.purpleads.io/video-agent.js?publisherId=e870d9c685526361f0dfe0dbe722da83:78486cdd6d81b9a12ffc06178d32ba7ebbe9fa8e26f91bcddf2adadd02adf65ae34cdfe77754097fa2c7d26474961f11c0299b6f98c1e66eacc3320c8202d711
143.204.55.90200 OK 15 kB URL HTTP/2 cdn.purpleads.io/video-agent.js?publisherId=e870d9c685526361f0dfe0dbe722da83:78486cdd6d81b9a12ffc06178d32ba7ebbe9fa8e26f91bcddf2adadd02adf65ae34cdfe77754097fa2c7d26474961f11c0299b6f98c1e66eacc3320c8202d711
IP 143.204.55.90:0
File type Unicode text, UTF-8 text, with very long lines (42551), with no line terminators
Hash 93d6d567d3d71c464502ac6000c6239f
7076ba75e66fb77d2158f1f77761e30077a39632
0e5def7db40692c71b4ac85bdea787d72fd94b84d437fd6ab1dfc0f16bf3745e
GET /video-agent.js?publisherId=e870d9c685526361f0dfe0dbe722da83:78486cdd6d81b9a12ffc06178d32ba7ebbe9fa8e26f91bcddf2adadd02adf65ae34cdfe77754097fa2c7d26474961f11c0299b6f98c1e66eacc3320c8202d711 HTTP/1.1
Host: cdn.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 14876
last-modified: Wed, 16 Nov 2022 14:12:22 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Sun, 20 Nov 2022 10:44:24 GMT
etag: "93d6d567d3d71c464502ac6000c6239f"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: iyzakkodtKYLYbrAa54-A1jYErQrMDMjIzEAwpQ8yVSd25rZ_ILppw==
age: 78633
X-Firefox-Spdy: h2
pixel-dsp.bidgear.com/rec?t=1366&p=1&l1=3272&l2=19737&d1=3187&d2=3188&b=3124&token=ba80ee8a06&time=1669019695
104.26.3.107200 OK 1 B URL HTTP/2 pixel-dsp.bidgear.com/rec?t=1366&p=1&l1=3272&l2=19737&d1=3187&d2=3188&b=3124&token=ba80ee8a06&time=1669019695
IP 104.26.3.107:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
GET /rec?t=1366&p=1&l1=3272&l2=19737&d1=3187&d2=3188&b=3124&token=ba80ee8a06&time=1669019695 HTTP/1.1
Host: pixel-dsp.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:56 GMT
content-type: text/plain; charset=utf-8
content-length: 1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YpNTvicD3mgRxW38Rim19Onraf6tC0mw8qLWg3o6lhc%2Bnf9M5Ok%2BvYAFWgDJFgcFfYQ7u2l8DwUM5P2XctTQj1OBPTDKmSkPuUhh3WzVhkYAcOidK64BwNcL3RcVc%2B%2Faw1t%2BFSy2vg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d816ccbc38b51d-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6f4097e98f1030cc293aae7af90b462a
3a2336082b2fc2283a35ddf60a4f0f3879d66726
2858c726f1b6097962452414681e4ff114149b026ff230b6b5a9b163da769781
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2858C726F1B6097962452414681E4FF114149B026FF230B6B5A9B163DA769781"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=953
Expires: Mon, 21 Nov 2022 08:50:49 GMT
Date: Mon, 21 Nov 2022 08:34:56 GMT
Connection: keep-alive
js.wpadmngr.com/static/adManager.js
45.133.44.24200 OK 72 kB URL HTTP/2 js.wpadmngr.com/static/adManager.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash b8e63c5909f92c90abbba3975c4a6b1c
e4f7e4122e53908ef24114a71a161a912c229c4a
5ad6bfdc8c1bb6b2418eb39054b1e4fb88b97b9ea0166633dc04837aa1e5574c
GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:55 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 13 Jul 2022 06:52:04 GMT
etag: W/"62ce6b94-4e2"
content-encoding: gzip
expires: Mon, 21 Nov 2022 08:39:55 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
imp9.bidgear.com/rec?t=1&z=5787&uuid=46c9685994544250b7ed71631cc9c8cc&p=61&g=NO&token=4a44335432&tbg=1669019695
104.26.3.107200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=5787&uuid=46c9685994544250b7ed71631cc9c8cc&p=61&g=NO&token=4a44335432&tbg=1669019695
IP 104.26.3.107:0
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=5787&uuid=46c9685994544250b7ed71631cc9c8cc&p=61&g=NO&token=4a44335432&tbg=1669019695 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:56 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKmcrBQukf8GLpgVKTt7eV6lwsl%2B7MFt6%2BcWldktk583QiPWHvK%2BIHzFW9ZdLQD60wnFaYwTJYe8guUKC7N2WFLFBJFe0CE9T6qqy1Z8Id1W%2BUYbIffb1qJOMdfTeUu2bN8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d816cd3cadb51d-OSL
X-Firefox-Spdy: h2
imp9.bidgear.com/rec?t=1&z=7307&uuid=277abb338dc7488a92e34bf3851fc59c&p=17&g=NO&token=4a44335432&tbg=1669019695
104.26.3.107200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=7307&uuid=277abb338dc7488a92e34bf3851fc59c&p=17&g=NO&token=4a44335432&tbg=1669019695
IP 104.26.3.107:0
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=7307&uuid=277abb338dc7488a92e34bf3851fc59c&p=17&g=NO&token=4a44335432&tbg=1669019695 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:56 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5QOZEL0ZjgA77By5wgi42%2Fu4hJeYFXGqwrX%2FcWn%2BasjvIuTLT3%2BF%2FC0u7LS59xmUI3KiWWUlLaKGl2lwxlC9xO0IQRgSgzRT%2Fx%2FwXO5Pnvbu1iXeF5TI8AmXQteBXmdV%2BtA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d816cd4cc6b51d-OSL
X-Firefox-Spdy: h2
tags.h12-media.com/load2.js
154.51.131.141200 OK 98 kB URL HTTP/2 tags.h12-media.com/load2.js
IP 154.51.131.141:0
File type HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 23a5f46fa4ce325c30a3be4a2aef0c01
ca5893e62be0bce6884ec6ba96ea657b3724dff4
3ca6aee82460751181b5037387ed29a0316eaa3cefb66262be18497fbb64fb31
GET /load2.js HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 20:29:09 GMT
accept-ranges: bytes
etag: "86b5363fc3fad81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
date: Mon, 21 Nov 2022 08:34:55 GMT
content-length: 98011
X-Firefox-Spdy: h2
api.purpleads.io/x/init?ts=1669019696054
52.204.242.76200 OK 68 B URL HTTP/2 api.purpleads.io/x/init?ts=1669019696054
IP 52.204.242.76:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f28248b8cdef8ef9e4181ef6e9b11742
3e6e5226ddedd8a23980cbec45ddc657e7714f65
587259314084a04755f0dfb2d0f0e9f07bdf03a575352e366e308d2e19cfc70a
OPTIONS /x/init?ts=1669019696054 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:56 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: b1353bb6-8106-4aa1-8a82-7ddc781cc379
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=0&pid=2e567e935d0840a1a3143e1db1b91859&sizes=[[300,250],[200,200],[250,250],[300,100]]&slotid=d2e26db6-2785-4b6b-9c06-ba695637d995&ts=1669019696351
52.204.242.76200 OK 14 kB URL HTTP/2 api.purpleads.io/x/b/?idx=0&pid=2e567e935d0840a1a3143e1db1b91859&sizes=[[300,250],[200,200],[250,250],[300,100]]&slotid=d2e26db6-2785-4b6b-9c06-ba695637d995&ts=1669019696351
IP 52.204.242.76:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 180x220, components 3\012- data
Hash fe0598c50266dadb15b0e85572ea7cd5
63d43cd1648ca3fc0d9bd37a346ee5e47f8f4d34
a256db57f9a292e1df99bb0355a595fd768a454b645c1c405667ce2116173143
OPTIONS /x/b/?idx=0&pid=2e567e935d0840a1a3143e1db1b91859&sizes=[[300,250],[200,200],[250,250],[300,100]]&slotid=d2e26db6-2785-4b6b-9c06-ba695637d995&ts=1669019696351 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:56 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 6c23f8af-ede6-4293-af0a-8163e523097d
X-Firefox-Spdy: h2
na.nawpush.com/tags/20140?version_name=d
45.133.44.24200 OK 19 kB URL HTTP/2 na.nawpush.com/tags/20140?version_name=d
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash 868739bef685e1d30ffb382c86da85e2
f802c2b97cc2d5aef642f033e13d5f09d09abc46
c1151366b18e97916686c5b99d7dc3477f86af726923efc580285a8ce213caac
GET /tags/20140?version_name=d HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:56 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300, public
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
205.185.216.10200 OK 86 kB URL HTTP/2 cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
IP 205.185.216.10:0
File type ASCII text, with very long lines (65020)
Hash 700d1de734b4979c4c3059b613e9d7b1
0a7d2ad10cba258cfc2e0376240852a4ae5f4012
2031fbefbf1b070dcf0ebb746438e628fdd59c7daac6952000ef9056b7294eb6
GET /prebid-video-7.22.0-2022-10-26.gz.js HTTP/1.1
Host: cdn.psdn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:56 GMT
content-encoding: gzip
content-length: 86507
content-type: application/javascript
last-modified: Wed, 26 Oct 2022 13:24:00 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "700d1de734b4979c4c3059b613e9d7b1"
cache-control: max-age=31536000
x-amz-request-id: tx0000000000001178867eb-00635934f6-34c6886a-nyc3b
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1669019696.dop009.sk1.t,1669019696.cds066.sk1.hn,1669019696.cds218.sk1.c
X-Firefox-Spdy: h2
goomaphy.com/401/5287605
139.45.197.239200 OK 44 kB IP 139.45.197.239:0
Hash 98c76c82f5ccbc56de0faa17cc1920f6
556c94255316eafdc9763eeb07a174408a33904a
816911ebcc71bdbe12d12b0dd0e4a6c048f4a55ea5fb0ed1d578c7a3b4b352fa
Analyzer Verdict Alert quad9 Sinkholed
GET /401/5287605 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 08:34:56 GMT
content-type: application/javascript
x-trace-id: 3f20b94659d86aba012c36bda1bd8ef4
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=233ae0984a67488faa9b1c80b44ea675; expires=Tue, 21 Nov 2023 08:34:56 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e1fee52baa5c11a94459c67d8fe93ef4
e57ee1ce391b4daf4a0d059c45a090b9c6b5354a
406a94e764b73c626b2b63784b0cb1a0de086c014c1e4add434c4558a8ce5114
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4278
Cache-Control: max-age=89716
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:56 GMT
Etag: "6379e2ee-117"
Expires: Tue, 22 Nov 2022 09:30:12 GMT
Last-Modified: Sun, 20 Nov 2022 08:18:54 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f5214593d139c0355855a0f8d90f498c
e24b6d98ef7529bcdc2235a977f2b956b79bccc4
15dbb12c3b2dcc23b4a4cb5f9ba20f2a607218eb13cf0016d951bfe954870bf2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "15DBB12C3B2DCC23B4A4CB5F9BA20F2A607218EB13CF0016D951BFE954870BF2"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17826
Expires: Mon, 21 Nov 2022 13:32:02 GMT
Date: Mon, 21 Nov 2022 08:34:56 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e1fee52baa5c11a94459c67d8fe93ef4
e57ee1ce391b4daf4a0d059c45a090b9c6b5354a
406a94e764b73c626b2b63784b0cb1a0de086c014c1e4add434c4558a8ce5114
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6122
Cache-Control: max-age=91560
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:56 GMT
Etag: "6379e2ee-117"
Expires: Tue, 22 Nov 2022 10:00:56 GMT
Last-Modified: Sun, 20 Nov 2022 08:18:54 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4107b19215c83f4626d7858df84484b3
f999d548da2fc5aa72090afd07d37f6b07d66f60
d489af1e8234442d7ddee3bb76eb47676826cebbf91436d82969e8337661cebc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D489AF1E8234442D7DDEE3BB76EB47676826CEBBF91436D82969E8337661CEBC"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2448
Expires: Mon, 21 Nov 2022 09:15:44 GMT
Date: Mon, 21 Nov 2022 08:34:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eb1a7e8ca9b7432a2d578c55bd4339bb
65b51fabb64d25cf6ec76e6dc13f06438bb99cfc
93698072d5ca076cc4ee07ecc876d0ed8ac1d79c81612c3678edfc4b884d1308
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "93698072D5CA076CC4EE07ECC876D0ED8AC1D79C81612C3678EDFC4B884D1308"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17954
Expires: Mon, 21 Nov 2022 13:34:10 GMT
Date: Mon, 21 Nov 2022 08:34:56 GMT
Connection: keep-alive
notification.tubecup.net/tags?tag_id=20140&timezone_olson=UTC&version_name=d
88.198.209.15200 OK 6.9 kB URL HTTP/2 notification.tubecup.net/tags?tag_id=20140&timezone_olson=UTC&version_name=d
IP 88.198.209.15:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with very long lines (6852), with no line terminators
Hash ca6cfb253bfb5c17f2bf1b0c8f807e06
cc7cc3086029273c7c1906cff83214e57e2ca79b
1f034ecbf88b785feddcbc592787572e7ea1b383c8ca3b26b338acdde544aa6b
GET /tags?tag_id=20140&timezone_olson=UTC&version_name=d HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 21 Nov 2022 08:34:57 GMT
content-type: application/json
content-length: 6852
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
fp.metricswpsh.com/fp?tag_id=20140
157.90.84.242204 No Content 0 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=20140
IP 157.90.84.242:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=20140 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Mon, 21 Nov 2022 08:34:57 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.dramacool9.co
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
cdn.uponelectabuzzor.club/1?z=5305455
139.45.197.239200 OK 117 kB URL HTTP/2 cdn.uponelectabuzzor.club/1?z=5305455
IP 139.45.197.239:0
File type ASCII text, with very long lines (47535)
Size 117 kB (117290 bytes)
Hash 6f452c245b514365e545b17d27e66730
68c4de4c12da4c0002be7ed66fb57faaa23c51a5
7d349434d253471c853ad6efaed99a66cbb6631e5fff4d44b107c8ce5ec9e6ca
GET /1?z=5305455 HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 08:34:57 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: de4b87aaae2f632b6e8089ade1e5793b
access-control-expose-headers: X-Sc
x-sc: oAP4dJR2z-2uC4N8_Q96grqebW58d05BTFtm0Hrl3PsdYy5-IBZhJaUOVxObWJDCESpHlRCQQclXdSJgdNCzAfq8MzE=
set-cookie: scm=1; expires=Tue, 21 Nov 2023 08:34:57 GMT; secure; SameSite=None
OAID=7d113af33fa043e8962bd03ee94b0cde; expires=Tue, 21 Nov 2023 08:34:57 GMT; secure; SameSite=None
oaidts=1669019697; expires=Tue, 21 Nov 2023 08:34:57 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
fp.metricswpsh.com/fp?tag_id=20140
157.90.84.242200 OK 28 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=20140
IP 157.90.84.242:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text
Hash e3af49472d683a217237a6ebaf79bcb7
378db4d7e6171a2676ee15c80b4475d7f5ec9742
7714898d715fb8b1ce7a1de73e0e7c9f6394acc8a08cf1a3b342a7829d4de84a
POST /fp?tag_id=20140 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22286
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Mon, 21 Nov 2022 08:34:57 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.dramacool9.co
Set-Cookie: id=10950374645697960340; Expires=Tue, 21 Nov 2023 08:34:57 GMT; Secure; SameSite=None
Vary: Origin
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 4332d0900d3cd53ac42efd0b2eb53a08
ca1769530510d8f90e314d3e38df053b6459af33
98e064dfa98a24096831471fcfeba5650d9a60381e259cea25b2bddd83c416f9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1860
Cache-Control: max-age=161835
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:57 GMT
Etag: "637b0618-116"
Expires: Wed, 23 Nov 2022 05:32:12 GMT
Last-Modified: Mon, 21 Nov 2022 05:01:12 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 71ca5c6b2d858ffb0291e8788bb37dad
0ee2348896a61af0b5ce90bbc1576f67ab821925
0a14e8b3b99d1b96710361139ae2328ccee88634e4d2eaec9a678c91ffa50551
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 08:34:57 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 00:52:20 GMT
Expires: Mon, 28 Nov 2022 00:52:19 GMT
Etag: "0ee2348896a61af0b5ce90bbc1576f67ab821925"
Cache-Control: max-age=576441,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76d816d37bd1b4ed-OSL
cdn.itskiddien.club/apu.php?zoneid=5290228
139.45.197.236200 OK 29 kB URL HTTP/2 cdn.itskiddien.club/apu.php?zoneid=5290228
IP 139.45.197.236:0
Hash 226b9088424446c36c9cb27d77245053
e8008b27eb573be29c9c2019d80b5ff5483eee15
84a8889cccdc0759796bb271d445e662c330d8c015a64a4378ed6f4cc5abe9e1
GET /apu.php?zoneid=5290228 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 08:34:57 GMT
content-type: application/javascript
x-trace-id: db530d3dd3f35079fe19f47b2aa56d10
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=e79070da693746c58dace899eb8a4e1f; expires=Tue, 21 Nov 2023 08:34:57 GMT; path=/; secure; SameSite=None
oaidts=1669019697; expires=Tue, 21 Nov 2023 08:34:57 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash d9fc305a152b948877a19e64f07e9904
0a6f467107ca0284e5d9c7a89e2431b3709b41ae
b0ffff086e960ab6a18ec015d70ccb6d1259aee22ceadda17ad465e1253756aa
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 08:34:57 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 06:25:22 GMT
Expires: Mon, 28 Nov 2022 06:25:21 GMT
Etag: "0a6f467107ca0284e5d9c7a89e2431b3709b41ae"
Cache-Control: max-age=596423,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76d816d3490fb51b-OSL
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash d4103e2078946a8b126e08a12e5a51b6
55ad5eae83885058d3dfae31a3a122c2680ffb46
f6a0ae777ad7b66b49ee63f0ba68933050b04542fe5cf4454d6330c65cf07431
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 08:34:57 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f3baf22a23a34308a2e48fd0c364e5ac; expires=Tue, 21 Nov 2023 08:34:57 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 4332d0900d3cd53ac42efd0b2eb53a08
ca1769530510d8f90e314d3e38df053b6459af33
98e064dfa98a24096831471fcfeba5650d9a60381e259cea25b2bddd83c416f9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6065
Cache-Control: max-age=166040
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:57 GMT
Etag: "637b0618-116"
Expires: Wed, 23 Nov 2022 06:42:17 GMT
Last-Modified: Mon, 21 Nov 2022 05:01:12 GMT
Server: ECS (amb/6B85)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0e3d42e9a524b259507c43e1fcb4265a
084cae2419d37e55f21d747f02627d3d190f138b
2029a453a1a6adfbcdc8b9f08f5bc1f08a57e4007c626cf7f4e8ad56611f7573
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6049
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:57 GMT
Etag: "6379deb8-117"
Last-Modified: Mon, 21 Nov 2022 06:54:08 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15046
Expires: Mon, 21 Nov 2022 12:45:43 GMT
Date: Mon, 21 Nov 2022 08:34:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15046
Expires: Mon, 21 Nov 2022 12:45:43 GMT
Date: Mon, 21 Nov 2022 08:34:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e2c726b-e91a-4cf6-95b8-c267e110416c.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e2c726b-e91a-4cf6-95b8-c267e110416c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9e0f5c07511d0f6ad0f2441db92797d
2dcc6187d7173ce741975ad4ec24435c9dcb0880
3c57bf58bab9d54dd152eb0260a203b1cb201a9e2d960f25a0cea685b539ea04
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e2c726b-e91a-4cf6-95b8-c267e110416c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5342
x-amzn-requestid: e396cea4-ddae-4b88-a73a-ceafb1e11620
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0b91EMLoAMFYYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63780d25-7f1187713f288a0c158508ea;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 22:54:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: PkFAourr7ixQ5NYcdMugerMxFTdCLgIAaBz6erANuppgzE2Tm4yVpA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 21:55:58 GMT
age: 38339
etag: "2dcc6187d7173ce741975ad4ec24435c9dcb0880"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15046
Expires: Mon, 21 Nov 2022 12:45:43 GMT
Date: Mon, 21 Nov 2022 08:34:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15046
Expires: Mon, 21 Nov 2022 12:45:43 GMT
Date: Mon, 21 Nov 2022 08:34:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308504cf-ed6b-4fb8-bc67-4165549bba4e.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308504cf-ed6b-4fb8-bc67-4165549bba4e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131cae0245e456c2497833b48cc1be0e
01b7bf2cfcdac73911dbd0a570d262978a43daf1
539cc2fdefb049df026b18d450c56d85b7821b8723ea0070efa460096669576e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308504cf-ed6b-4fb8-bc67-4165549bba4e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7996
x-amzn-requestid: af3a6545-f0ad-40de-b1f6-56b9607242f4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1BvREKZoAMFzDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63784994-2659c8ec5fc04c510ea0e643;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 03:12:20 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: UU9m-kzHM4oKCHNiK2q4NWftsCueXeiBpJkk0cDv3et4v3MpF6eCtQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 f268a165a18929fd0a24a3189fbd16b2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 13:08:40 GMT
age: 69977
etag: "01b7bf2cfcdac73911dbd0a570d262978a43daf1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: nirP6BxhN9QUwG2Z_RdA5pCRm36dQKCJMPZMIBRCjt39dQueZh094g==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 09:31:47 GMT
age: 82990
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b49d97cae29aeb3468953c397e82f247
8c31f568adcc1b4d9749c1d41c4c163e28cbd750
d2623a6ce5e3b792c0a24e0eebdfbc8129c2a870439656c37b17ca02ed8bdcc8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2623A6CE5E3B792C0A24E0EEBDFBC8129C2A870439656C37B17CA02ED8BDCC8"
Last-Modified: Sat, 19 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2477
Expires: Mon, 21 Nov 2022 09:16:14 GMT
Date: Mon, 21 Nov 2022 08:34:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb887a886-c144-47cc-bd88-c20180fd79ee.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb887a886-c144-47cc-bd88-c20180fd79ee.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 379503256d42092f53620f3abfc69438
621d80219a8fbb23ee32a69b2d61d280b22a59a9
398a4b899de52101bbb532634bead90cf489efc7d42a1523f2eaf23f02e27482
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb887a886-c144-47cc-bd88-c20180fd79ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12264
x-amzn-requestid: b9ad0edd-ce99-4314-add0-2d394c9d9d97
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b61qmEZeoAMFviQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637a9caa-79e45df94fed4bca0b499a67;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 21:31:22 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: pSwJtINqonB9NUrDofUi9RnVgsDkXPOhtq3g3O1hDcub5_wxsDCDRA==
via: 1.1 2ecd59b4298afe9d7bb9266870458a74.cloudfront.net (CloudFront), 1.1 6bdc2963c9ed59b475ec36c35e5932a4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 21:55:22 GMT
age: 38375
etag: "621d80219a8fbb23ee32a69b2d61d280b22a59a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 21 Nov 2022 06:41:09 GMT
expires: Mon, 21 Nov 2022 08:41:09 GMT
cache-control: public, max-age=7200
age: 6828
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc4c1abc-3872-4c83-8aa1-1567c50e3925.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc4c1abc-3872-4c83-8aa1-1567c50e3925.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e638957bdf77d8602fce86edbb2e9689
847d3be0fead43e8826f4aa8d98d787d8a2bfecc
903b543712fbbcb79e65115fc9573c4578fb1811ea623ad77890794736f9e225
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc4c1abc-3872-4c83-8aa1-1567c50e3925.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14563
x-amzn-requestid: 5e99f7c5-4aef-495f-8621-5b07c7512586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bkiY3EmZIAMF4Rw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371b105-5a98f8c9324ce0aa2db4bc96;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 03:07:49 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: nnzULBXYiCYS-EaFjsnF1blZ60CmqR-eENdxMSmaMpsuZqoYkwluuQ==
via: 1.1 45d6a557ecb29942f314e3dd736d817a.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 07:53:03 GMT
age: 2514
etag: "847d3be0fead43e8826f4aa8d98d787d8a2bfecc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F645dc32f-cd66-4021-92e9-77c4eff2fa1f.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F645dc32f-cd66-4021-92e9-77c4eff2fa1f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 96135f96986369533c0362367c1e6fd8
bc8b0612b79cb30817880fac9728318f837854b4
f4eab133baf21daae8b809966e8ffbe64a2414fd334538a226a2a39ab39c3d46
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F645dc32f-cd66-4021-92e9-77c4eff2fa1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5045
x-amzn-requestid: a1d93586-2973-4156-8b59-a4be8bfb8cc4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b6x2zF6YoAMFazQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637a9691-7c6f10a850f8cbaa3065e39a;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 21:05:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 8DDV0ZMws_Ta7xMvRiefhpDx6TuAynkYB-rX0KWpLtqq8HaW3Le0rA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 21:50:48 GMT
age: 38649
etag: "bc8b0612b79cb30817880fac9728318f837854b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
172.67.75.241304 Not Modified 0 B URL HTTP/2 script.4dex.io/localstore.js
IP 172.67.75.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 21 Oct 2022 15:24:42 GMT
If-None-Match: W/"922cffdd75f7192f75231d92684885aa"
TE: trailers
HTTP/2 304 Not Modified
date: Mon, 21 Nov 2022 08:34:57 GMT
x-amz-id-2: tx36ec54edbeb74121a0ef5-006352b9e9
last-modified: Fri, 21 Oct 2022 15:24:42 GMT
etag: "922cffdd75f7192f75231d92684885aa"
cache-control: public, max-age=1800
x-amz-version-id: 1666365882701197
x-amz-request-id: tx36ec54edbeb74121a0ef5-006352b9e9
cf-cache-status: HIT
age: 2653767
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=36jI4vA%2B1RtGrCUrBtAF0tCZlHbyuuntv%2BS6b2A9NfWm%2FGU8fAt%2FfSh620HRqm1d4e%2BNyAq38OBb3j2hqfWU326Z%2FSzO4PRG5NFNYqIVBZ191tD0MaD62rde6pkNiuLy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76d816d5dce40b39-OSL
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 866
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
cache-control: max-age=0, private, must-revalidate
date: Mon, 21 Nov 2022 08:34:57 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8796b1bba5e0df458c07179adea64173
b3c3f64718de099805a200e156774ea356a08132
ae32033094ed99df37e4537b91ec3d52a8fd2f0d2f538e3c81901e1f9c29a0a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4e0070c6c3b1639d65ea578b7ac50061
7778b80a7701591c9c018040360ae465aa3d5ed7
bf95c2a7d825a5166bbaba8139cb2c56126b420a362ad6242659f096a24416fc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4235
Cache-Control: max-age=154499
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:57 GMT
Etag: "637ae029-1d7"
Expires: Wed, 23 Nov 2022 03:29:56 GMT
Last-Modified: Mon, 21 Nov 2022 02:19:21 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash a23d14e29a03340350eedf7deeb335be
34645a7b8af30e7e80820ccf7d3e12ae2c562c81
10aac9bb1946b24c335f10fbe1c0a83c10ed95a6503d97a5eb510107214741e5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 08:34:57 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 20 Nov 2022 04:30:34 GMT
Expires: Sun, 27 Nov 2022 04:30:33 GMT
Etag: "34645a7b8af30e7e80820ccf7d3e12ae2c562c81"
Cache-Control: max-age=503135,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76d816d5bec9b4ed-OSL
ib.adnxs.com/ut/v3/prebid
37.252.171.85200 OK 140 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.85:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6e77e42242a0d77855c995c4b6b4f64f
34947d374eb564439b981dacc980a5a9b85744d3
72037741d92e7b00f89fc5dfbbac5d69bd5a3c22ff439d7167a2e030b9d4f81e
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 618
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 21 Nov 2022 08:34:57 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 140
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.dramacool9.co
AN-X-Request-Uuid: 9164f4c0-4c0e-4fd0-930b-7cbd1bcb24c9
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8f2627ee72962cbf6d68772fdad9479c
453e92b60f1ad0487d7c1f90621e419c59dfacf7
e8e1991fd005876fa0a585f91c939adfc0f5a91c1a7ce8a06242362b7a896102
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3807
Cache-Control: max-age=153691
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:57 GMT
Etag: "637adead-1d7"
Expires: Wed, 23 Nov 2022 03:16:28 GMT
Last-Modified: Mon, 21 Nov 2022 02:13:01 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 826
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
cache-control: max-age=0, private, must-revalidate
date: Mon, 21 Nov 2022 08:34:57 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
script.4dex.io/adagio.js
172.67.75.241304 Not Modified 0 B IP 172.67.75.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 21 Oct 2022 15:24:42 GMT
If-None-Match: W/"c56b6332dacf72f135afcd153ae22448"
TE: trailers
HTTP/2 304 Not Modified
date: Mon, 21 Nov 2022 08:34:57 GMT
access-control-allow-headers: Authorization
access-control-max-age: 3000
x-amz-id-2: tx78dfa5b3d7f6402288d27-006352b9ec
access-control-allow-credentials: true
x-amz-request-id: tx78dfa5b3d7f6402288d27-006352b9ec
last-modified: Fri, 21 Oct 2022 15:24:42 GMT
etag: "c56b6332dacf72f135afcd153ae22448"
cache-control: public, max-age=1800
x-amz-version-id: 1666365881812584
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: HIT
age: 2269615
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8PJLkteq3pzpZQnJ%2BPi1d%2BSAnrduWmzAw2FQ1%2Fu2URZvIDyqgBxGRrSLSTOTqoJ2JwYgqVseiThCxY8jMLYTaAEP4r%2Bu%2BUtiM3OR8%2FckQE6aRcUamW2t4kcFwNVBROgx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76d816d64d550b39-OSL
X-Firefox-Spdy: h2
b1h-euc1.zemanta.com/api/bidder/prebid/bid/
213.227.153.221204 No Content 0 B URL HTTP/1.1 b1h-euc1.zemanta.com/api/bidder/prebid/bid/
IP 213.227.153.221:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/bidder/prebid/bid/ HTTP/1.1
Host: b1h-euc1.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 483
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.dramacool9.co
ib.adnxs.com/ut/v3/prebid
37.252.171.85200 OK 138 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.85:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a90b72005fa56d3403b52b5b4e26cde6
dee8737f8b081f9f2564b364aa41012794839782
4b69bd8607b6110381f66c756c043f79077085bcf67e0b423579d10e7d627132
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 563
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 21 Nov 2022 08:34:57 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 138
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.dramacool9.co
AN-X-Request-Uuid: ec8f7506-be90-41d1-b1fa-fde8c2cb2fea
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash abf9e091773153443e2599f978bfd9c4
e5d5202f72eec48b0d3343bf66bd313a44e7352e
fd6bfe2b100fdd3584850c1df037736d8fd510e43a1f84fbd6c3646e0b48f6d6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=108850
Date: Mon, 21 Nov 2022 08:34:57 GMT
Etag: "637a252e-1d7"
Expires: Tue, 22 Nov 2022 14:49:07 GMT
Last-Modified: Sun, 20 Nov 2022 13:01:34 GMT
Server: ECS (bsa/EB22)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FkQRD1JdkiYr3NNuo2hRdgubepsqBVf8uq3HDAK_Rwi2itH2yN9apQ==
Age: 6453
b1h-euc1.zemanta.com/api/bidder/prebid/bid/
213.227.153.221204 No Content 0 B URL HTTP/1.1 b1h-euc1.zemanta.com/api/bidder/prebid/bid/
IP 213.227.153.221:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/bidder/prebid/bid/ HTTP/1.1
Host: b1h-euc1.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 447
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.dramacool9.co
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 411
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 21 Nov 2022 08:34:57 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/sdkloader/ima3.js
142.250.74.138200 OK 127 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (2791)
Size 127 kB (126568 bytes)
Hash d298ebea71faa19cd8237ddf8c37d550
628f6436cdc4db74ecda4fad134b4499f41ad4cb
f02e9221a17b677d0aa0b76876bd82931f57bf5dd1ff9aa24a1ab945838b0e64
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 126568
date: Mon, 21 Nov 2022 08:34:57 GMT
expires: Mon, 21 Nov 2022 08:34:57 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8796b1bba5e0df458c07179adea64173
b3c3f64718de099805a200e156774ea356a08132
ae32033094ed99df37e4537b91ec3d52a8fd2f0d2f538e3c81901e1f9c29a0a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 375
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 21 Nov 2022 08:34:57 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 061fb425434ff0cd7aa65ad853b30020
6be6887d8ac0f22d247933f67e09a55efc781215
1062e55e1d331c44672192cb63b5585a727b29cb54e5354341f4bebc5f865e1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1062E55E1D331C44672192CB63B5585A727B29CB54E5354341F4BEBC5F865E1F"
Last-Modified: Sat, 19 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3836
Expires: Mon, 21 Nov 2022 09:38:53 GMT
Date: Mon, 21 Nov 2022 08:34:57 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash abf9e091773153443e2599f978bfd9c4
e5d5202f72eec48b0d3343bf66bd313a44e7352e
fd6bfe2b100fdd3584850c1df037736d8fd510e43a1f84fbd6c3646e0b48f6d6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=108768
Date: Mon, 21 Nov 2022 08:34:57 GMT
Etag: "637a252e-1d7"
Expires: Tue, 22 Nov 2022 14:47:45 GMT
Last-Modified: Sun, 20 Nov 2022 13:01:34 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ESLVkX2bMTO_OojtjI-ijBg5V3scZe9P_6qZsQK1le8QhiOtSXH7rA==
Age: 6371
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31fc22ebd7802b7289c5e6a795cf329c
fbd646ec387dab3ba485b8871e97b8ecf6754dd0
04169dd51b35afbfef66b2b8266bf9be024c8d46a57332ad8468835706d72366
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "04169DD51B35AFBFEF66B2B8266BF9BE024C8D46A57332AD8468835706D72366"
Last-Modified: Sun, 20 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14290
Expires: Mon, 21 Nov 2022 12:33:07 GMT
Date: Mon, 21 Nov 2022 08:34:57 GMT
Connection: keep-alive
tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fwww.dramacool9.co%2F&tmax=3000
3.67.212.83200 OK 19 B URL HTTP/2 tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fwww.dramacool9.co%2F&tmax=3000
IP 3.67.212.83:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a548f7b55db665b1df71a33a2bee47a7
4f88e5b6a18226d7207f1458b0b83e428dbf9898
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
POST /header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fwww.dramacool9.co%2F&tmax=3000 HTTP/1.1
Host: tlx.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 382
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:57 GMT
content-type: application/json; charset=utf-8
content-length: 19
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
pragma: no-cache
x-xss-protection: 0
accept-ch: user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 35c489643f84dd883dbf3a92a938ee30
4cc67efa6e4dc834cfc96631570341b7887b4bf2
949096e20a93735f243a1e649185754fc8972781fbc48c7122d65c6846d07c87
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=113917
Date: Mon, 21 Nov 2022 08:34:57 GMT
Etag: "637a38a1-1d7"
Expires: Tue, 22 Nov 2022 16:13:34 GMT
Last-Modified: Sun, 20 Nov 2022 14:24:33 GMT
Server: ECS (nyb/1D0F)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -G4094evGul6Cu1MtX6JlQ8rttDCAYWMX2V6nX6Yzr3t-ox_Tu0xhg==
Age: 6541
224aab93ad.14badb5195.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNzY2NTM3MzY2MjMyMDg1MzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE3LjIiLCJ0YWdfaWQiOjIwMTQwLCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjEuNjMsImlzX3YyIjoxLCJpc192Ml9lbXB0eSI6bnVsbCwidXNlcl9rZXl3b3JkcyI6IkRyYW1hY29vbCUyQ0FzaWFuJTJDRHJhbWElMkNNb3ZpZXMlMkNhbmQlMkNLU2hvdyUyQ0VuZ2xpc2glMkNTdWIlMkNpbiUyQ0hEJTJDKDIwMjIpJTJDV2F0Y2glMkNhbmQlMkNkb3dubG9hZCUyQ0tvcmVhbiUyQ2RyYW1hJTJDbW92aWVzJTJDS3Nob3clMkNhbmQlMkNvdGhlciUyQ0FzaWFuJTJDZHJhbWFzJTJDd2l0aCUyQ2VuZ2xpc2glMkNzdWJ0aXRsZXMlMkNvbmxpbmUlMkNmcmVlJTJDRHJhbWFjb29sJTJDZm9yJTJDZXZlcnlvbmUhJTIwIn0=
45.133.44.25200 OK 0 B URL HTTP/2 224aab93ad.14badb5195.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNzY2NTM3MzY2MjMyMDg1MzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE3LjIiLCJ0YWdfaWQiOjIwMTQwLCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjEuNjMsImlzX3YyIjoxLCJpc192Ml9lbXB0eSI6bnVsbCwidXNlcl9rZXl3b3JkcyI6IkRyYW1hY29vbCUyQ0FzaWFuJTJDRHJhbWElMkNNb3ZpZXMlMkNhbmQlMkNLU2hvdyUyQ0VuZ2xpc2glMkNTdWIlMkNpbiUyQ0hEJTJDKDIwMjIpJTJDV2F0Y2glMkNhbmQlMkNkb3dubG9hZCUyQ0tvcmVhbiUyQ2RyYW1hJTJDbW92aWVzJTJDS3Nob3clMkNhbmQlMkNvdGhlciUyQ0FzaWFuJTJDZHJhbWFzJTJDd2l0aCUyQ2VuZ2xpc2glMkNzdWJ0aXRsZXMlMkNvbmxpbmUlMkNmcmVlJTJDRHJhbWFjb29sJTJDZm9yJTJDZXZlcnlvbmUhJTIwIn0=
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNzY2NTM3MzY2MjMyMDg1MzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE3LjIiLCJ0YWdfaWQiOjIwMTQwLCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjEuNjMsImlzX3YyIjoxLCJpc192Ml9lbXB0eSI6bnVsbCwidXNlcl9rZXl3b3JkcyI6IkRyYW1hY29vbCUyQ0FzaWFuJTJDRHJhbWElMkNNb3ZpZXMlMkNhbmQlMkNLU2hvdyUyQ0VuZ2xpc2glMkNTdWIlMkNpbiUyQ0hEJTJDKDIwMjIpJTJDV2F0Y2glMkNhbmQlMkNkb3dubG9hZCUyQ0tvcmVhbiUyQ2RyYW1hJTJDbW92aWVzJTJDS3Nob3clMkNhbmQlMkNvdGhlciUyQ0FzaWFuJTJDZHJhbWFzJTJDd2l0aCUyQ2VuZ2xpc2glMkNzdWJ0aXRsZXMlMkNvbmxpbmUlMkNmcmVlJTJDRHJhbWFjb29sJTJDZm9yJTJDZXZlcnlvbmUhJTIwIn0= HTTP/1.1
Host: 224aab93ad.14badb5195.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:57 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
tags.h12-media.com/v3/tags.js?payload=%7B%22mtoken%22%3A%2291.90.42.154%22%2C%22adtype%22%3A%22sticky%22%2C%22adformat%22%3A%22stickybottom%22%2C%22pubid%22%3A%22f21629f80d751907d93079a5076d4249%22%2C%22adunitid%22%3A%2227138%22%2C%22topurl%22%3A%22https%3A%2F%2Fwww.dramacool9.co%2F%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%22e0pr4mn7l7%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A1%2C%22hourofday%22%3A8%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22LTR%22%2C%22cdims%22%3A%5B1268%2C939%5D%2C%22ddims%22%3A%5B1268%2C1665%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B149%2C1656%5D%2C%22pwidth%22%3A%5B100%2C970%2C1268%5D%2C%22pheight%22%3A%5Bnull%2C0%2C1664%5D%2C%22maxwidth%22%3A1268%2C%22maxheight%22%3A939%7D&rnd=0.12037337192885555
154.51.131.141200 OK 25 kB URL HTTP/2 tags.h12-media.com/v3/tags.js?payload=%7B%22mtoken%22%3A%2291.90.42.154%22%2C%22adtype%22%3A%22sticky%22%2C%22adformat%22%3A%22stickybottom%22%2C%22pubid%22%3A%22f21629f80d751907d93079a5076d4249%22%2C%22adunitid%22%3A%2227138%22%2C%22topurl%22%3A%22https%3A%2F%2Fwww.dramacool9.co%2F%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%22e0pr4mn7l7%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A1%2C%22hourofday%22%3A8%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22LTR%22%2C%22cdims%22%3A%5B1268%2C939%5D%2C%22ddims%22%3A%5B1268%2C1665%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B149%2C1656%5D%2C%22pwidth%22%3A%5B100%2C970%2C1268%5D%2C%22pheight%22%3A%5Bnull%2C0%2C1664%5D%2C%22maxwidth%22%3A1268%2C%22maxheight%22%3A939%7D&rnd=0.12037337192885555
IP 154.51.131.141:0
File type ISO-8859 text, with very long lines (10181), with CRLF line terminators
Hash 8e5364196eee40d53bdf401ba6f218c9
91433a7c264229889e511f2e68815e5e9dd2cf6b
423cd0adee3a908c9f5095e1f854a67ba506335520b7ad5afb20e8f750b79b33
GET /v3/tags.js?payload=%7B%22mtoken%22%3A%2291.90.42.154%22%2C%22adtype%22%3A%22sticky%22%2C%22adformat%22%3A%22stickybottom%22%2C%22pubid%22%3A%22f21629f80d751907d93079a5076d4249%22%2C%22adunitid%22%3A%2227138%22%2C%22topurl%22%3A%22https%3A%2F%2Fwww.dramacool9.co%2F%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%22e0pr4mn7l7%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A1%2C%22hourofday%22%3A8%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22LTR%22%2C%22cdims%22%3A%5B1268%2C939%5D%2C%22ddims%22%3A%5B1268%2C1665%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B149%2C1656%5D%2C%22pwidth%22%3A%5B100%2C970%2C1268%5D%2C%22pheight%22%3A%5Bnull%2C0%2C1664%5D%2C%22maxwidth%22%3A1268%2C%22maxheight%22%3A939%7D&rnd=0.12037337192885555 HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-store,no-cache,max-age=0,private
content-type: application/x-javascript; Charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
set-cookie: 7thMile=330de083%2Deae6%2D4e91%2D8ec4%2D8ed8e0c54879; Max-Age=5000000; Domain=.h12-media.com; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-origin:
srg-x: x-.158
x-powered-by: ARR/3.0
date: Mon, 21 Nov 2022 08:34:57 GMT
content-length: 25107
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 35c489643f84dd883dbf3a92a938ee30
4cc67efa6e4dc834cfc96631570341b7887b4bf2
949096e20a93735f243a1e649185754fc8972781fbc48c7122d65c6846d07c87
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=112196
Date: Mon, 21 Nov 2022 08:34:57 GMT
Etag: "637a38a1-1d7"
Expires: Tue, 22 Nov 2022 15:44:53 GMT
Last-Modified: Sun, 20 Nov 2022 14:24:33 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: H4lNzGVIyyCqvfaL1dhIBwX_kOTvCreQlW3-cKADeNSryBBvJP4v7Q==
Age: 4820
tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fwww.dramacool9.co%2F&tmax=3000
3.67.212.83200 OK 4.9 kB URL HTTP/2 tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fwww.dramacool9.co%2F&tmax=3000
IP 3.67.212.83:0
File type JSON data\012- HTML document, ASCII text, with very long lines (10126), with no line terminators
Hash 01415d98c172fbfa3d9f0783e50d729f
c0275afcf1d92c24f260b3fb10aaac5cd35b567c
e34b26a02c245105235d00f83ebbb409427a590c6145e2178935d5196cfdec5f
POST /header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fwww.dramacool9.co%2F&tmax=3000 HTTP/1.1
Host: tlx.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 346
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:57 GMT
content-type: application/json; charset=utf-8
content-length: 4906
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
pragma: no-cache
x-xss-protection: 0
accept-ch: sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.uponelectabuzzor.club/9?z=5305455&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.dramacool9.co%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=f3baf22a23a34308a2e48fd0c364e5ac
139.45.197.239204 No Content 0 B URL HTTP/2 cdn.uponelectabuzzor.club/9?z=5305455&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.dramacool9.co%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=f3baf22a23a34308a2e48fd0c364e5ac
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /9?z=5305455&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.dramacool9.co%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=f3baf22a23a34308a2e48fd0c364e5ac HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 21 Nov 2022 08:34:57 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
hb.minutemedia-prebid.com/hb-mm-multi
3.213.213.78200 OK 105 B URL HTTP/2 hb.minutemedia-prebid.com/hb-mm-multi
IP 3.213.213.78:0
File type JSON data\012- , ASCII text
Hash a36346f8d62413128b72bdf07bb81a17
4577170fd61317b33e76afdd343214fdd6d053cb
ecd498689da91185c5d14196b002560e4ae2be67af316e8add779a41487ac198
POST /hb-mm-multi HTTP/1.1
Host: hb.minutemedia-prebid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 885
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:57 GMT
content-type: application/json
content-length: 105
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.dramacool9.co
x-reason: gdpr is not applied
X-Firefox-Spdy: h2
cdn.uponelectabuzzor.club/9?z=5305455&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.dramacool9.co%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=f3baf22a23a34308a2e48fd0c364e5ac
139.45.197.239200 OK 7 B URL HTTP/2 cdn.uponelectabuzzor.club/9?z=5305455&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.dramacool9.co%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=f3baf22a23a34308a2e48fd0c364e5ac
IP 139.45.197.239:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
POST /9?z=5305455&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.dramacool9.co%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=f3baf22a23a34308a2e48fd0c364e5ac HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 237
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Cookie: scm=1; OAID=7d113af33fa043e8962bd03ee94b0cde; oaidts=1669019697
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 08:34:57 GMT
content-type: application/javascript
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: ef354bbb5ef19c895352214574fdc7ab
access-control-expose-headers: X-Sc
set-cookie: OAID=f3baf22a23a34308a2e48fd0c364e5ac; expires=Tue, 21 Nov 2023 08:34:57 GMT; secure; SameSite=None
oaidts=1669019697; expires=Tue, 21 Nov 2023 08:34:57 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
goomaphy.com/500/5287605?excludes=&oaid=f3baf22a23a34308a2e48fd0c364e5ac&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.dramacool9.co%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 goomaphy.com/500/5287605?excludes=&oaid=f3baf22a23a34308a2e48fd0c364e5ac&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.dramacool9.co%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5287605?excludes=&oaid=f3baf22a23a34308a2e48fd0c364e5ac&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.dramacool9.co%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 08:34:58 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
172.67.75.241200 OK 374 B URL HTTP/2 script.4dex.io/localstore.js
IP 172.67.75.241:0
File type ASCII text, with very long lines (482)
Hash 8130d31a3b004715932e4b7d9652b229
10cbea9cc770ea91bba72ac564ae16c3938989cb
6a5568a41c69925c1c50881dd099b5d61551d4fecdc7637310868e7f51a663b5
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:57 GMT
content-type: application/javascript
x-amz-id-2: tx36ec54edbeb74121a0ef5-006352b9e9
last-modified: Fri, 21 Oct 2022 15:24:42 GMT
etag: W/"922cffdd75f7192f75231d92684885aa"
cache-control: public, max-age=1800
x-amz-version-id: 1666365882701197
x-amz-request-id: tx36ec54edbeb74121a0ef5-006352b9e9
cf-cache-status: HIT
age: 2653767
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXIdVj5nmd7Tz5M%2FVgzfI6LZvHB29Gb8m19l3GuKbWi1RDVxbe5fZ34Plla10Bk5xzFfU%2Fxb3toK%2BjNOzQaxBk6Q5HjOK5MKtyV8Qhb%2BSzEMv9LcmLO7o2nj%2FvrhFyEF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76d816d56c940b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/v/?ts=1669019698078
52.204.242.76200 OK 472 B URL HTTP/2 api.purpleads.io/x/v/?ts=1669019698078
IP 52.204.242.76:0
Hash 1b6cc48c7f314bc7ef251703eabe72b4
a70bf5ad955836f15b24590f0e322d5cee53b0b1
4d6e589df129380106a5a4f666882703fb04074c3b2a9b963be91b14fc20352f
OPTIONS /x/v/?ts=1669019698078 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:58 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: ea3c5f1b-6a7f-47d7-8047-0d0c93a0e6ed
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-131447009-1&cid=1154513147.1669019698&jid=539259836&gjid=353343646&_gid=1631473431.1669019698&_u=YEBAAUAAAAAAACAAI~&z=1524714352
142.250.150.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-131447009-1&cid=1154513147.1669019698&jid=539259836&gjid=353343646&_gid=1631473431.1669019698&_u=YEBAAUAAAAAAACAAI~&z=1524714352
IP 142.250.150.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-131447009-1&cid=1154513147.1669019698&jid=539259836&gjid=353343646&_gid=1631473431.1669019698&_u=YEBAAUAAAAAAACAAI~&z=1524714352 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.dramacool9.co
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 21 Nov 2022 08:34:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tlx.3lift.com/header/notify?px=1&pr=0.008&ts=1669019697&aid=9480596171993319908480&ec=2711_67911_11235855&n=GoYFaHR0cDovL3J0Yi5mci5ldS5jcml0ZW8uY29tL3RyaXBsZWxpZnRvcnRiYmFubmVyL2F1Y3Rpb24vbm90aWZ5P3Byb2ZpbGU9Mjc4JmltcD1hRlg5d3V4QS1uMmFJNC1kNW1za1lNMVNaUzFsYXQxR25US1N6VXU2cDN5eHJuRVdycS1rTkw3SVdLbDFQX0oyTldyUzF0anhxX2RrY2p4WnZaV0djOW51SGJfZVE5REtJTDNzQlNRT2E4SEwyTU5aZzJlNThna3VOMzRuMG5CeGoxZGgydURfZXUxVXNBdEZoSm9xZUZjUHN6UG1ybFZaT1hkOWFMenFvemZ2VXRvdk9kRXd6dUV0VWM4QlVlanU1cGQ4OW1UWUhKUWpUVlRGamgyQzZvTVMyclc0RDMzRTRmRlp3eFRMWmdLdXE2aVdreWRqWVc2YVNRbVZ3UTJfWXNIdlNqem1ZWGl2ZGNtRmU3WHRLYnV6TnBVNEVqM3BtdlRSZjVLMVBXQm1pWmFURl9VWmxIeXlGczVreVNWRzRHMVgxVTVlYnItZ0V0eWxRRXNnWlZBa2dBOW4yc1ctZExCZW52RExGdzlqSDNxenAtQW1iVTFvb2hnU0NiTkdPem5QRU5KNnRvRGx6a3NkOXBMLWFBUy1OVmVkX256Nk1fTFRJbGx3bTcxNU1hQlA1R2JDemxtZUFROVBDSUw5T0ZmZWFwZkhmVFpSUG5LZTV1M2lrMG5kNjFJcHVGTGZ2QlVDcThQX0lmVVBHU1Z3V21XaHNPNFhIM05yd2s5V1R0UUhxNW5pN3dsZlpNaGtxMjdSQmNBUHFyWS1NWXlNR3RHdG9EaGlPUThkakFMbHNQYWxuQfICvQEIABIWOTQ4MDU5NjE3MTk5MzMxOTkwODQ4MBgAIAEolxUwx5IEQAFIAFABYApoAHCqiR2QAQCYAQCoAQC4AQXAAQjIAQrwAQD4AQqAAgiRAgAAAAAAAPA%2FmQIzMzMzMzPDP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4Av84gAOgAYgD2ASQAwCYAwCgAwC4A4bFAsgDANIDCDExMjM1ODU14AODu4Ep6QMAAAAAAAAAAPADCvkDAAAAAAAAAAD4AgyCA6sBaHR0cHM6Ly9wb3N0LnVwZGF0ZS4zbGlmdC5jb20vMi81OTY5MTgvaW1wcmVzc2lvbj90aT05NDgwNTk2MTcxOTkzMzE5OTA4NDgwJmNiPTE2NjkwMTk2OTcmaXA9OTEuOTAuNDIuMTU0JmR0PTU5NjkxODE1MjA5NTEzNjczNjEwMDAmcHY9OWQyN2E2ZTctNzk4NS00YmM2LWFjNGYtYmUyYTMyOTE4YjFmiAMAkgMEMDEzYpgDAKAD7sERqAMA
3.67.212.83200 OK 37 B URL HTTP/2 tlx.3lift.com/header/notify?px=1&pr=0.008&ts=1669019697&aid=9480596171993319908480&ec=2711_67911_11235855&n=GoYFaHR0cDovL3J0Yi5mci5ldS5jcml0ZW8uY29tL3RyaXBsZWxpZnRvcnRiYmFubmVyL2F1Y3Rpb24vbm90aWZ5P3Byb2ZpbGU9Mjc4JmltcD1hRlg5d3V4QS1uMmFJNC1kNW1za1lNMVNaUzFsYXQxR25US1N6VXU2cDN5eHJuRVdycS1rTkw3SVdLbDFQX0oyTldyUzF0anhxX2RrY2p4WnZaV0djOW51SGJfZVE5REtJTDNzQlNRT2E4SEwyTU5aZzJlNThna3VOMzRuMG5CeGoxZGgydURfZXUxVXNBdEZoSm9xZUZjUHN6UG1ybFZaT1hkOWFMenFvemZ2VXRvdk9kRXd6dUV0VWM4QlVlanU1cGQ4OW1UWUhKUWpUVlRGamgyQzZvTVMyclc0RDMzRTRmRlp3eFRMWmdLdXE2aVdreWRqWVc2YVNRbVZ3UTJfWXNIdlNqem1ZWGl2ZGNtRmU3WHRLYnV6TnBVNEVqM3BtdlRSZjVLMVBXQm1pWmFURl9VWmxIeXlGczVreVNWRzRHMVgxVTVlYnItZ0V0eWxRRXNnWlZBa2dBOW4yc1ctZExCZW52RExGdzlqSDNxenAtQW1iVTFvb2hnU0NiTkdPem5QRU5KNnRvRGx6a3NkOXBMLWFBUy1OVmVkX256Nk1fTFRJbGx3bTcxNU1hQlA1R2JDemxtZUFROVBDSUw5T0ZmZWFwZkhmVFpSUG5LZTV1M2lrMG5kNjFJcHVGTGZ2QlVDcThQX0lmVVBHU1Z3V21XaHNPNFhIM05yd2s5V1R0UUhxNW5pN3dsZlpNaGtxMjdSQmNBUHFyWS1NWXlNR3RHdG9EaGlPUThkakFMbHNQYWxuQfICvQEIABIWOTQ4MDU5NjE3MTk5MzMxOTkwODQ4MBgAIAEolxUwx5IEQAFIAFABYApoAHCqiR2QAQCYAQCoAQC4AQXAAQjIAQrwAQD4AQqAAgiRAgAAAAAAAPA%2FmQIzMzMzMzPDP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4Av84gAOgAYgD2ASQAwCYAwCgAwC4A4bFAsgDANIDCDExMjM1ODU14AODu4Ep6QMAAAAAAAAAAPADCvkDAAAAAAAAAAD4AgyCA6sBaHR0cHM6Ly9wb3N0LnVwZGF0ZS4zbGlmdC5jb20vMi81OTY5MTgvaW1wcmVzc2lvbj90aT05NDgwNTk2MTcxOTkzMzE5OTA4NDgwJmNiPTE2NjkwMTk2OTcmaXA9OTEuOTAuNDIuMTU0JmR0PTU5NjkxODE1MjA5NTEzNjczNjEwMDAmcHY9OWQyN2E2ZTctNzk4NS00YmM2LWFjNGYtYmUyYTMyOTE4YjFmiAMAkgMEMDEzYpgDAKAD7sERqAMA
IP 3.67.212.83:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /header/notify?px=1&pr=0.008&ts=1669019697&aid=9480596171993319908480&ec=2711_67911_11235855&n=GoYFaHR0cDovL3J0Yi5mci5ldS5jcml0ZW8uY29tL3RyaXBsZWxpZnRvcnRiYmFubmVyL2F1Y3Rpb24vbm90aWZ5P3Byb2ZpbGU9Mjc4JmltcD1hRlg5d3V4QS1uMmFJNC1kNW1za1lNMVNaUzFsYXQxR25US1N6VXU2cDN5eHJuRVdycS1rTkw3SVdLbDFQX0oyTldyUzF0anhxX2RrY2p4WnZaV0djOW51SGJfZVE5REtJTDNzQlNRT2E4SEwyTU5aZzJlNThna3VOMzRuMG5CeGoxZGgydURfZXUxVXNBdEZoSm9xZUZjUHN6UG1ybFZaT1hkOWFMenFvemZ2VXRvdk9kRXd6dUV0VWM4QlVlanU1cGQ4OW1UWUhKUWpUVlRGamgyQzZvTVMyclc0RDMzRTRmRlp3eFRMWmdLdXE2aVdreWRqWVc2YVNRbVZ3UTJfWXNIdlNqem1ZWGl2ZGNtRmU3WHRLYnV6TnBVNEVqM3BtdlRSZjVLMVBXQm1pWmFURl9VWmxIeXlGczVreVNWRzRHMVgxVTVlYnItZ0V0eWxRRXNnWlZBa2dBOW4yc1ctZExCZW52RExGdzlqSDNxenAtQW1iVTFvb2hnU0NiTkdPem5QRU5KNnRvRGx6a3NkOXBMLWFBUy1OVmVkX256Nk1fTFRJbGx3bTcxNU1hQlA1R2JDemxtZUFROVBDSUw5T0ZmZWFwZkhmVFpSUG5LZTV1M2lrMG5kNjFJcHVGTGZ2QlVDcThQX0lmVVBHU1Z3V21XaHNPNFhIM05yd2s5V1R0UUhxNW5pN3dsZlpNaGtxMjdSQmNBUHFyWS1NWXlNR3RHdG9EaGlPUThkakFMbHNQYWxuQfICvQEIABIWOTQ4MDU5NjE3MTk5MzMxOTkwODQ4MBgAIAEolxUwx5IEQAFIAFABYApoAHCqiR2QAQCYAQCoAQC4AQXAAQjIAQrwAQD4AQqAAgiRAgAAAAAAAPA%2FmQIzMzMzMzPDP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4Av84gAOgAYgD2ASQAwCYAwCgAwC4A4bFAsgDANIDCDExMjM1ODU14AODu4Ep6QMAAAAAAAAAAPADCvkDAAAAAAAAAAD4AgyCA6sBaHR0cHM6Ly9wb3N0LnVwZGF0ZS4zbGlmdC5jb20vMi81OTY5MTgvaW1wcmVzc2lvbj90aT05NDgwNTk2MTcxOTkzMzE5OTA4NDgwJmNiPTE2NjkwMTk2OTcmaXA9OTEuOTAuNDIuMTU0JmR0PTU5NjkxODE1MjA5NTEzNjczNjEwMDAmcHY9OWQyN2E2ZTctNzk4NS00YmM2LWFjNGYtYmUyYTMyOTE4YjFmiAMAkgMEMDEzYpgDAKAD7sERqAMA HTTP/1.1
Host: tlx.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:58 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b6cc48c7f314bc7ef251703eabe72b4
a70bf5ad955836f15b24590f0e322d5cee53b0b1
4d6e589df129380106a5a4f666882703fb04074c3b2a9b963be91b14fc20352f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.purpleads.io/x/v/?ts=1669019698078
52.204.242.76200 OK 602 B URL HTTP/2 api.purpleads.io/x/v/?ts=1669019698078
IP 52.204.242.76:0
Hash 33e8d9fe09174cc523048b5f1d3d20b0
615898f789c92966372d289a2f67c312d5b53ad8
9d7d8889446b5b94a03cd45dfc786e0947600e52dac516c88d36e62e92e18825
GET /x/v/?ts=1669019698078 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Content-Type: application/json
x-purpleads-version: 2.0.16
x-request-url: aHR0cHM6Ly93d3cuZHJhbWFjb29sOS5jby8=
Authorization: Bearer e870d9c685526361f0dfe0dbe722da83:78486cdd6d81b9a12ffc06178d32ba7ebbe9fa8e26f91bcddf2adadd02adf65ae34cdfe77754097fa2c7d26474961f11c0299b6f98c1e66eacc3320c8202d711
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:58 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id: cde8913e-da2e-4c87-ae42-2dac0e647db2
etag: W/"52c-TKsNNGvsOuMKLKW2HB+sGrezmJw"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1504
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
cache-control: max-age=0, private, must-revalidate
date: Mon, 21 Nov 2022 08:34:57 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2
api.purpleads.io/x/a/winner?ts=1669019698373
52.204.242.76200 OK 0 B URL HTTP/2 api.purpleads.io/x/a/winner?ts=1669019698373
IP 52.204.242.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /x/a/winner?ts=1669019698373 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:58 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 2e3d5afa-c4a4-406d-818d-1415627b6008
X-Firefox-Spdy: h2
api.purpleads.io/x/a/716ee4c6b1698e20f05c36d3af9f8037:db1ec4aab5622daf24deaacabc10cfed2bee60df9e8022b32ce6a6a76bcd72248d90313f379818a9ee88fe2a36dc29f05eb6a1c08829354be1103eaaa19134c83349d46a233884be46ed73607b1681275f08371f7d6570533c1af5c529838cb2be71cb10b5bec4494919475229849efa0cc5a845244104e4381b9f81a4d1598ed0c0f8273d05c84c41f2969406026f4f/i?id=11554cc0-f277-4ba7-85e4-cfe5c099eb56&ts=1669019698375
52.204.242.76204 No Content 0 B URL HTTP/2 api.purpleads.io/x/a/716ee4c6b1698e20f05c36d3af9f8037:db1ec4aab5622daf24deaacabc10cfed2bee60df9e8022b32ce6a6a76bcd72248d90313f379818a9ee88fe2a36dc29f05eb6a1c08829354be1103eaaa19134c83349d46a233884be46ed73607b1681275f08371f7d6570533c1af5c529838cb2be71cb10b5bec4494919475229849efa0cc5a845244104e4381b9f81a4d1598ed0c0f8273d05c84c41f2969406026f4f/i?id=11554cc0-f277-4ba7-85e4-cfe5c099eb56&ts=1669019698375
IP 52.204.242.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/a/716ee4c6b1698e20f05c36d3af9f8037:db1ec4aab5622daf24deaacabc10cfed2bee60df9e8022b32ce6a6a76bcd72248d90313f379818a9ee88fe2a36dc29f05eb6a1c08829354be1103eaaa19134c83349d46a233884be46ed73607b1681275f08371f7d6570533c1af5c529838cb2be71cb10b5bec4494919475229849efa0cc5a845244104e4381b9f81a4d1598ed0c0f8273d05c84c41f2969406026f4f/i?id=11554cc0-f277-4ba7-85e4-cfe5c099eb56&ts=1669019698375 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Content-Type: application/json
x-purpleads-version: 2.2.12
x-request-url: aHR0cHM6Ly93d3cuZHJhbWFjb29sOS5jby8=
Authorization: Bearer b2ceb012c83b9a7144bd1478208f267a:9ab0b065d3810b2fd9aeb6065b8ee85871db6fe4c4ad32f49fd0fc672f69e09f3081599e2f6e24b5210a9db2e188856bcf18a03638f2ecaa4014d5b7915c430d
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 21 Nov 2022 08:34:58 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id: fca5dcee-96d1-40b2-8001-b41170458882
X-Firefox-Spdy: h2
www.statcounter.com/counter/counter.js
104.20.228.67200 OK 31 kB URL HTTP/2 www.statcounter.com/counter/counter.js
IP 104.20.228.67:0
File type ASCII text, with very long lines (43632), with no line terminators
Hash e2c42bf30cdfe2c30f448b609a4c0fea
389a5213221034c812b4c2a11b755df1f560ba5b
75320f3331e877b15bf6cf634eac2f9317225479c76b2f666efe4c5224d04c65
GET /counter/counter.js HTTP/1.1
Host: www.statcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:57 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 18 Nov 2022 11:10:43 GMT
etag: W/"63776833-aa70"
expires: Mon, 21 Nov 2022 10:48:28 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 35189
server: cloudflare
cf-ray: 76d816d65ff2b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.itskiddien.club/?rb=T_MqGCELN8pYT-tyqVEh42GYXLM69Tad509S5Uh5EYGutA0Sg98q5RQp3TCdHqaY-jeA2YEcLug6C_ae8FIlwhCta-q8TnIeVL7y1rg-qORY7sdObdCLB8B__ahZB8-mEtei7-VkBSkraMiL_ky9F6nCBXERbGvNPQ3yThIiL9XeMUwmrT6z1sanb6pYEreV6fNUFSGb9If0qPYnrjJdrJDQA9IyTS6ldlbcdlrV02eBjiu_&request_ab2=0&zoneid=5290228&js_build=iclick-v1.450.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=2&pl=https%3A%2F%2Fwww.dramacool9.co%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.450.0&bs=716ff05b-5294-4730-bf4d-14f0c90b7755&userId=f3baf22a23a34308a2e48fd0c364e5ac&m=link
139.45.197.236200 OK 4.8 kB URL HTTP/2 cdn.itskiddien.club/?rb=T_MqGCELN8pYT-tyqVEh42GYXLM69Tad509S5Uh5EYGutA0Sg98q5RQp3TCdHqaY-jeA2YEcLug6C_ae8FIlwhCta-q8TnIeVL7y1rg-qORY7sdObdCLB8B__ahZB8-mEtei7-VkBSkraMiL_ky9F6nCBXERbGvNPQ3yThIiL9XeMUwmrT6z1sanb6pYEreV6fNUFSGb9If0qPYnrjJdrJDQA9IyTS6ldlbcdlrV02eBjiu_&request_ab2=0&zoneid=5290228&js_build=iclick-v1.450.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=2&pl=https%3A%2F%2Fwww.dramacool9.co%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.450.0&bs=716ff05b-5294-4730-bf4d-14f0c90b7755&userId=f3baf22a23a34308a2e48fd0c364e5ac&m=link
IP 139.45.197.236:0
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (5269), with no line terminators
Hash 3391b61f70e5763746ce0d7e88faacb6
abbf8849035688062d59d3c90515a22e37e506cb
9e9d45574b0da2bbed69261c90fb55fe834a3280afd423ccaff3fb03c335abc3
GET /?rb=T_MqGCELN8pYT-tyqVEh42GYXLM69Tad509S5Uh5EYGutA0Sg98q5RQp3TCdHqaY-jeA2YEcLug6C_ae8FIlwhCta-q8TnIeVL7y1rg-qORY7sdObdCLB8B__ahZB8-mEtei7-VkBSkraMiL_ky9F6nCBXERbGvNPQ3yThIiL9XeMUwmrT6z1sanb6pYEreV6fNUFSGb9If0qPYnrjJdrJDQA9IyTS6ldlbcdlrV02eBjiu_&request_ab2=0&zoneid=5290228&js_build=iclick-v1.450.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=2&pl=https%3A%2F%2Fwww.dramacool9.co%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.450.0&bs=716ff05b-5294-4730-bf4d-14f0c90b7755&userId=f3baf22a23a34308a2e48fd0c364e5ac&m=link HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Cookie: OAID=e79070da693746c58dace899eb8a4e1f; oaidts=1669019697
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 08:34:57 GMT
content-type: application/json
x-trace-id: f12438553edceca8d873c490f242f870
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=f3baf22a23a34308a2e48fd0c364e5ac; expires=Tue, 21 Nov 2023 08:34:57 GMT; path=/; secure; SameSite=None
oaidts=1669019697; expires=Tue, 21 Nov 2023 08:34:57 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Mon, 28 Nov 2022 08:34:57 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash cd29a44e2f43e4fb28d91c91f9e322da
f112e4e4486931a7c8028655705a377d5c3ef33a
50328a10eb9a9218f67ed0ff34544037cc395153f03e9ed604c87d53f856d519
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 08:34:58 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 19 Nov 2022 07:45:26 GMT
Expires: Sat, 26 Nov 2022 07:45:25 GMT
Etag: "f112e4e4486931a7c8028655705a377d5c3ef33a"
Cache-Control: max-age=428426,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76d816dbbec9b4ed-OSL
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e929adeca08ca98b0a8d89d102e9e949
8309b3667fe60f522b6d9e063b66d6437176632d
1dfb137d27fb1215acecae14385683b64cddee9a197b6904a7635a8c6786f08d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5479
Cache-Control: max-age=151397
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:58 GMT
Etag: "637acf30-118"
Expires: Wed, 23 Nov 2022 02:38:15 GMT
Last-Modified: Mon, 21 Nov 2022 01:06:56 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
script.4dex.io/localstore.js
172.67.75.241304 Not Modified 0 B URL HTTP/2 script.4dex.io/localstore.js
IP 172.67.75.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 21 Oct 2022 15:24:42 GMT
If-None-Match: W/"922cffdd75f7192f75231d92684885aa"
TE: trailers
HTTP/2 304 Not Modified
date: Mon, 21 Nov 2022 08:34:58 GMT
x-amz-id-2: tx36ec54edbeb74121a0ef5-006352b9e9
last-modified: Fri, 21 Oct 2022 15:24:42 GMT
etag: "922cffdd75f7192f75231d92684885aa"
cache-control: public, max-age=1800
x-amz-version-id: 1666365882701197
x-amz-request-id: tx36ec54edbeb74121a0ef5-006352b9e9
cf-cache-status: HIT
age: 2653768
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kzRtEk5KjA2KBe6UGgvHeSrQKOi%2FMz5V6sio6Jc2Bx5HqnQuwuieuAPNiBTrNfy%2BqejYDdhKl%2B2Hk7J6XnaKoYsu4afEThjPIUielNp1zxVcq3paW3SWvvWRI5brA7NL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76d816dc2c0a0b39-OSL
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.16.0&cb=39496437019&lsavail=1
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.16.0&cb=39496437019&lsavail=1
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.16.0&cb=39496437019&lsavail=1 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1296
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:58 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://www.dramacool9.co
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
script.4dex.io/adagio.js
172.67.75.241304 Not Modified 0 B IP 172.67.75.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 21 Oct 2022 15:24:42 GMT
If-None-Match: W/"c56b6332dacf72f135afcd153ae22448"
TE: trailers
HTTP/2 304 Not Modified
date: Mon, 21 Nov 2022 08:34:58 GMT
access-control-allow-headers: Authorization
access-control-max-age: 3000
x-amz-id-2: tx78dfa5b3d7f6402288d27-006352b9ec
access-control-allow-credentials: true
x-amz-request-id: tx78dfa5b3d7f6402288d27-006352b9ec
last-modified: Fri, 21 Oct 2022 15:24:42 GMT
etag: "c56b6332dacf72f135afcd153ae22448"
cache-control: public, max-age=1800
x-amz-version-id: 1666365881812584
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: HIT
age: 2269616
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j9Jlud4cdQBr7jDDWwg4o96ge7oBjNxB9C8SPxWsLxkPIkQIAz%2FE6678iW6kmB1v6MRSL9FYLFDn4abEI0nYhfJdCI7E59JtnduvFthCOIzrZc43r2EvsjGGSkoRo6jk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76d816dc4c310b39-OSL
X-Firefox-Spdy: h2
offerimage.com/www/images/766f2bff7b1b0b942e9c707491f9d867.jpeg
104.22.33.172200 OK 9.0 kB URL HTTP/2 offerimage.com/www/images/766f2bff7b1b0b942e9c707491f9d867.jpeg
IP 104.22.33.172:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 766f2bff7b1b0b942e9c707491f9d867
1cf5b1cbdf1f80b2d4adc44446d6f403b7c56b8a
bb0c41433a0cc421110da9d8d448cc83321c73a64772f14aecbec11e1bfc2a26
GET /www/images/766f2bff7b1b0b942e9c707491f9d867.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:58 GMT
content-type: image/jpeg
content-length: 8995
cache-control: max-age=86400
cf-bgj: h2pri
etag: "62d22dde-2323"
expires: Mon, 21 Nov 2022 21:19:28 GMT
last-modified: Sat, 16 Jul 2022 03:17:50 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 40530
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76d816dc39221695-ARN
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1037
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
cache-control: max-age=0, private, must-revalidate
date: Mon, 21 Nov 2022 08:34:58 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.171.85200 OK 138 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.85:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4f6aaef64f7e84498fe9c9fbf1fbf557
bf5ea897b03d28a17e7a58cbb383b6290e920c3a
ddb6f8b9883947a1381543de8f4023a0a0691cb0b4070ee5201620f263b80608
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 546
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 21 Nov 2022 08:34:58 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 138
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.dramacool9.co
AN-X-Request-Uuid: 3bd54819-d90f-49bf-bab6-5b514f013aba
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
hb.minutemedia-prebid.com/hb-mm-multi
3.213.213.78200 OK 105 B URL HTTP/2 hb.minutemedia-prebid.com/hb-mm-multi
IP 3.213.213.78:0
File type JSON data\012- , ASCII text
Hash 0fd48472b0d3c23a7d375c730adf2576
88379c362ddb8b18fd841ca9b10ea4c6e4ea5afe
7855d0f2e77ba86fd5603ccc484f32505eecbe4c1ba4d2dde1be913d7643ad10
POST /hb-mm-multi HTTP/1.1
Host: hb.minutemedia-prebid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 909
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:58 GMT
content-type: application/json
content-length: 105
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.dramacool9.co
x-reason: gdpr is not applied
X-Firefox-Spdy: h2
mp.4dex.io/prebid
104.18.2.114200 OK 431 B IP 104.18.2.114:0
Hash a7739dd3b9bcce302ff01d5d4e9eade7
7ee64e470f40216ed86a441f61ef72f31ae9f01a
858c19b036829a1ecc6af4829a00e3b70e45c89061be5667ad6a7d90a80a6474
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1989
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:58 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76d816dc4f350b41-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
api.purpleads.io/x/a/716ee4c6b1698e20f05c36d3af9f8037:db1ec4aab5622daf24deaacabc10cfed2bee60df9e8022b32ce6a6a76bcd72248d90313f379818a9ee88fe2a36dc29f05eb6a1c08829354be1103eaaa19134c83349d46a233884be46ed73607b1681275f08371f7d6570533c1af5c529838cb2be71cb10b5bec4494919475229849efa0cc5a845244104e4381b9f81a4d1598ed0c0f8273d05c84c41f2969406026f4f/i?id=11554cc0-f277-4ba7-85e4-cfe5c099eb56&ts=1669019698375
52.204.242.76200 OK 1.1 kB URL HTTP/2 api.purpleads.io/x/a/716ee4c6b1698e20f05c36d3af9f8037:db1ec4aab5622daf24deaacabc10cfed2bee60df9e8022b32ce6a6a76bcd72248d90313f379818a9ee88fe2a36dc29f05eb6a1c08829354be1103eaaa19134c83349d46a233884be46ed73607b1681275f08371f7d6570533c1af5c529838cb2be71cb10b5bec4494919475229849efa0cc5a845244104e4381b9f81a4d1598ed0c0f8273d05c84c41f2969406026f4f/i?id=11554cc0-f277-4ba7-85e4-cfe5c099eb56&ts=1669019698375
IP 52.204.242.76:0
File type gzip compressed data, max speed\012- data
Hash bb293b7b55a8316225ec918d8eb0e08e
61aff0b0c849130aa263b18cbf360d6782ebd2ad
353d2c0dbc9b9e4e57d94a04277e18e29e2e811ad1e9ee2d852ebc24fea5ff46
OPTIONS /x/a/716ee4c6b1698e20f05c36d3af9f8037:db1ec4aab5622daf24deaacabc10cfed2bee60df9e8022b32ce6a6a76bcd72248d90313f379818a9ee88fe2a36dc29f05eb6a1c08829354be1103eaaa19134c83349d46a233884be46ed73607b1681275f08371f7d6570533c1af5c529838cb2be71cb10b5bec4494919475229849efa0cc5a845244104e4381b9f81a4d1598ed0c0f8273d05c84c41f2969406026f4f/i?id=11554cc0-f277-4ba7-85e4-cfe5c099eb56&ts=1669019698375 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:58 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 3c9ffdc7-66da-4428-9be4-2b73e8cce53c
X-Firefox-Spdy: h2
goomaphy.com/impression/I4stUHAxVseo84wSNWRVVD-I3nfdJiuUazHCsODGMZnTnlSp0S0dQEj-7Hhe3JTLLog-dJrEa3UeMVZK5UMsEq4eOCM5OGXZzWHfr69zivJ37GLyLIi4Bl4-k4HU2dnuexwk3YNZ4skA6_kuSlGBqqqRcJlQkb_RRzzPMEUqLSRk94jaUAo9wY6Hgd737ZGoyYQr9MTeMlPgcBOEBSggwqzTsaI8Erv6QT1JuDR0SrX7RQ1GW8Fnd_qff5kj_GDPpUE1PAyC7soYHFDPLh1KLGmPINfJLENVLAGb6rYnrzrBrucSTdpggMfQYPBBuSbIldwjvJ7h4LCpMVRwmpY3FVKOQsO_IxnNDg2V4Q6x7TmmCQsRLYTQ09Za-KBk-1J757pem8orpGfhLImXPV14AcMXTK1Nn2B48GmuzVDJiItjQU-kKhpAdAO704ac-wj_rtSPP5p_apIcEHdKr0S6heGhSvJtv_W-4tcnaIYM9934xD_YSrzscxFNlG1DqcvdM-2jMNjiNnqIT9eM9qSJIN_mOF-9wpIye7BVfMM1ujujpJsqtjihRlWPCMdNkLeiL-fW6YAZufYwk_ZOMmhGuxMRnQv08B2p9TkEwQ==?_z=5287605&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.dramacool9.co%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 43 B URL HTTP/2 goomaphy.com/impression/I4stUHAxVseo84wSNWRVVD-I3nfdJiuUazHCsODGMZnTnlSp0S0dQEj-7Hhe3JTLLog-dJrEa3UeMVZK5UMsEq4eOCM5OGXZzWHfr69zivJ37GLyLIi4Bl4-k4HU2dnuexwk3YNZ4skA6_kuSlGBqqqRcJlQkb_RRzzPMEUqLSRk94jaUAo9wY6Hgd737ZGoyYQr9MTeMlPgcBOEBSggwqzTsaI8Erv6QT1JuDR0SrX7RQ1GW8Fnd_qff5kj_GDPpUE1PAyC7soYHFDPLh1KLGmPINfJLENVLAGb6rYnrzrBrucSTdpggMfQYPBBuSbIldwjvJ7h4LCpMVRwmpY3FVKOQsO_IxnNDg2V4Q6x7TmmCQsRLYTQ09Za-KBk-1J757pem8orpGfhLImXPV14AcMXTK1Nn2B48GmuzVDJiItjQU-kKhpAdAO704ac-wj_rtSPP5p_apIcEHdKr0S6heGhSvJtv_W-4tcnaIYM9934xD_YSrzscxFNlG1DqcvdM-2jMNjiNnqIT9eM9qSJIN_mOF-9wpIye7BVfMM1ujujpJsqtjihRlWPCMdNkLeiL-fW6YAZufYwk_ZOMmhGuxMRnQv08B2p9TkEwQ==?_z=5287605&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.dramacool9.co%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/I4stUHAxVseo84wSNWRVVD-I3nfdJiuUazHCsODGMZnTnlSp0S0dQEj-7Hhe3JTLLog-dJrEa3UeMVZK5UMsEq4eOCM5OGXZzWHfr69zivJ37GLyLIi4Bl4-k4HU2dnuexwk3YNZ4skA6_kuSlGBqqqRcJlQkb_RRzzPMEUqLSRk94jaUAo9wY6Hgd737ZGoyYQr9MTeMlPgcBOEBSggwqzTsaI8Erv6QT1JuDR0SrX7RQ1GW8Fnd_qff5kj_GDPpUE1PAyC7soYHFDPLh1KLGmPINfJLENVLAGb6rYnrzrBrucSTdpggMfQYPBBuSbIldwjvJ7h4LCpMVRwmpY3FVKOQsO_IxnNDg2V4Q6x7TmmCQsRLYTQ09Za-KBk-1J757pem8orpGfhLImXPV14AcMXTK1Nn2B48GmuzVDJiItjQU-kKhpAdAO704ac-wj_rtSPP5p_apIcEHdKr0S6heGhSvJtv_W-4tcnaIYM9934xD_YSrzscxFNlG1DqcvdM-2jMNjiNnqIT9eM9qSJIN_mOF-9wpIye7BVfMM1ujujpJsqtjihRlWPCMdNkLeiL-fW6YAZufYwk_ZOMmhGuxMRnQv08B2p9TkEwQ==?_z=5287605&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.dramacool9.co%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Cookie: OAID=f3baf22a23a34308a2e48fd0c364e5ac
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 08:34:58 GMT
content-type: image/gif
content-length: 43
x-trace-id: da7076b9d1645f609ede058bb54888df
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
widgets.outbrain.com/outbrain.js
23.38.201.81200 OK 76 kB URL HTTP/2 widgets.outbrain.com/outbrain.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (1595)
Hash 2f1998ddd600394ad88b31849a012082
8d66c9f6fe660ff0c567eed9593494be82e0a60d
e3a41d95fe76cea4ef1a343aea7d8f2d98efd823e34f94d185c4d80d83eaddce
GET /outbrain.js HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
x-traceid: 87fb213cb49171f9a0d0a06699062371
cache-control: max-age=14400
last-modified: Thu, 17 Nov 2022 09:19:00 GMT
etag: "16-tDA/gKl8RCCDtU7PdTpEV7xpoeY"
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 21 Nov 2022 08:34:58 GMT
content-length: 75613
edge-cache-tag: widget-cheetah
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
tags.h12-media.com/rtb/?pname=hb_result_v3&impdata=5%5FkGj2wxV28KEKBWnZxHhfFK7LJKKoPyW3gYU3OgM4WSsdpfSjHSgbOVhvdSTeFPkBARbRriyRt7JgICZbD%5F1Li3sON7gMrUH%2DOvLZ5TCG1rtBTpwhRZqXwuhwmJfaJwcAKteUgRcOKNjOuP%2DEQ01vCK8jxeWzY3ee1cTRm1EXYkUJMFbcJl9q6w96tkvb68Yajjk93j6liDgQDkWUsd62%5Fxdx0D3uiNkWau4uOqbIkXvdBgeju3sr%2DSR3e4L%5FRA%2DB3V24gRHChVowidbbdj8HIMmQOrtL6rrN9cQzNv8diKMGOponYSxOyN%2DzCRtmYzOBN7DrFCfqCgVP%5F6YbaDTySCPNHz3D0crnOdjsQvrNxQMJcmTQfnVYzuUfndxrQlBOCbj%5FK9qzlju3Doe9f1Z5hQK3%2DimBpzIrIZYCeSuSEmiWrdSz3%2D%5FD0b%2DW4VF4tv420&size=970x90&wp=0%2E013&bd=OBT&d=1
154.51.131.141200 OK 145 B URL HTTP/2 tags.h12-media.com/rtb/?pname=hb_result_v3&impdata=5%5FkGj2wxV28KEKBWnZxHhfFK7LJKKoPyW3gYU3OgM4WSsdpfSjHSgbOVhvdSTeFPkBARbRriyRt7JgICZbD%5F1Li3sON7gMrUH%2DOvLZ5TCG1rtBTpwhRZqXwuhwmJfaJwcAKteUgRcOKNjOuP%2DEQ01vCK8jxeWzY3ee1cTRm1EXYkUJMFbcJl9q6w96tkvb68Yajjk93j6liDgQDkWUsd62%5Fxdx0D3uiNkWau4uOqbIkXvdBgeju3sr%2DSR3e4L%5FRA%2DB3V24gRHChVowidbbdj8HIMmQOrtL6rrN9cQzNv8diKMGOponYSxOyN%2DzCRtmYzOBN7DrFCfqCgVP%5F6YbaDTySCPNHz3D0crnOdjsQvrNxQMJcmTQfnVYzuUfndxrQlBOCbj%5FK9qzlju3Doe9f1Z5hQK3%2DimBpzIrIZYCeSuSEmiWrdSz3%2D%5FD0b%2DW4VF4tv420&size=970x90&wp=0%2E013&bd=OBT&d=1
IP 154.51.131.141:0
File type ASCII text, with no line terminators
Hash 7ed96945d942f7b2b6e8e42cdb5d8652
57bc32892c212b7aef47825c70af1e504b0b697b
b77d72cd756d30cb7838af0700cf1e6854df46596bb08c3ed2b60aa49db084a5
GET /rtb/?pname=hb_result_v3&impdata=5%5FkGj2wxV28KEKBWnZxHhfFK7LJKKoPyW3gYU3OgM4WSsdpfSjHSgbOVhvdSTeFPkBARbRriyRt7JgICZbD%5F1Li3sON7gMrUH%2DOvLZ5TCG1rtBTpwhRZqXwuhwmJfaJwcAKteUgRcOKNjOuP%2DEQ01vCK8jxeWzY3ee1cTRm1EXYkUJMFbcJl9q6w96tkvb68Yajjk93j6liDgQDkWUsd62%5Fxdx0D3uiNkWau4uOqbIkXvdBgeju3sr%2DSR3e4L%5FRA%2DB3V24gRHChVowidbbdj8HIMmQOrtL6rrN9cQzNv8diKMGOponYSxOyN%2DzCRtmYzOBN7DrFCfqCgVP%5F6YbaDTySCPNHz3D0crnOdjsQvrNxQMJcmTQfnVYzuUfndxrQlBOCbj%5FK9qzlju3Doe9f1Z5hQK3%2DimBpzIrIZYCeSuSEmiWrdSz3%2D%5FD0b%2DW4VF4tv420&size=970x90&wp=0%2E013&bd=OBT&d=1 HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Cookie: 7thMile=a0b295de%2D1d55%2D48cc%2Da5c2%2D611125c8ded3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-store,no-cache,max-age=0,private
content-type: application/x-javascript; Charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
srg-x: x-.170
x-powered-by: ARR/3.0
date: Mon, 21 Nov 2022 08:34:58 GMT
content-length: 145
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=2&pid=2e567e935d0840a1a3143e1db1b91859&sizes=[[300,250],[200,200],[250,250],[300,100]]&slotid=d2e26db6-2785-4b6b-9c06-ba695637d995&demand=unifiedPb&ts=1669019698356
52.204.242.76200 OK 122 B URL HTTP/2 api.purpleads.io/x/b/?idx=2&pid=2e567e935d0840a1a3143e1db1b91859&sizes=[[300,250],[200,200],[250,250],[300,100]]&slotid=d2e26db6-2785-4b6b-9c06-ba695637d995&demand=unifiedPb&ts=1669019698356
IP 52.204.242.76:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 83086a5a8d7ddec10bd34c0035e65cb6
efac48e285a0628eebca4e5153779ebe517ed5e8
20a60a630f55e50537e8115fbfefede76d3b68ba65f4a420d4f378925338fcff
OPTIONS /x/b/?idx=2&pid=2e567e935d0840a1a3143e1db1b91859&sizes=[[300,250],[200,200],[250,250],[300,100]]&slotid=d2e26db6-2785-4b6b-9c06-ba695637d995&demand=unifiedPb&ts=1669019698356 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:58 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 34da4fab-b332-46cf-9a84-1af75a42200f
X-Firefox-Spdy: h2
widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
23.38.201.81200 OK 43 B URL HTTP/2 widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
IP 23.38.201.81:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /widget/detect/px.gif?ch=1 HTTP/1.1
Host: widget-pixels.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-length: 43
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
cache-control: max-age=2592000
expires: Wed, 21 Dec 2022 08:34:59 GMT
date: Mon, 21 Nov 2022 08:34:59 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
tcheck.outbrainimg.com/tcheck/check/d3d3LmRyYW1hY29vbDkuY28=
23.38.201.176200 OK 16 B URL HTTP/1.1 tcheck.outbrainimg.com/tcheck/check/d3d3LmRyYW1hY29vbDkuY28=
IP 23.38.201.176:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ce08a60aa308225db15c98edf4ae2447
bacf25489bad0312aa2f37fc735fa7e57b2d7306
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
GET /tcheck/check/d3d3LmRyYW1hY29vbDkuY28= HTTP/1.1
Host: tcheck.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 16
X-TraceId: b28912c11baca47625699c0f7a13ba6e
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Cache-Control: max-age=40238
Expires: Mon, 21 Nov 2022 19:45:37 GMT
Date: Mon, 21 Nov 2022 08:34:59 GMT
Connection: keep-alive
Access-Control-Max-Age: 43200
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
tags.h12-media.com/rtb/?pname=hb_result_v3&impdata=5%5FkGj2wxV28KEKBWnZxHhfFK7LJKKoPyW3gYU3OgM4WSsdpfSjHSgbOVhvdSTeFPkBARbRriyRt7JgICZbD%5F1Li3sON7gMrUH%2DOvLZ5TCG1rtBTpwhRZqXwuhwmJfaJwcAKteUgRcOKNjOuP%2DEQ01vCK8jxeWzY3ee1cTRm1EXYkUJMFbcJl9q6w96tkvb68Yajjk93j6liDgQDkWUsd62%5Fxdx0D3uiNkWau4uOqbIkXvdBgeju3sr%2DSR3e4L%5FRA%2DB3V24gRHChVowidbbdj8HIMmQOrtL6rrN9cQzNv8diKMGOponYSxOyN%2DzCRtmYzOBN7DrFCfqCgVP%5F6YbaDTySCPNHz3D0crnOdjsQvrNxQMJcmTQfnVYzuUfndxrQlBOCbj%5FK9qzlju3Doe9f1Z5hQK3%2DimBpzIrIZYCeSuSEmiWrdSz3%2D%5FD0b%2DW4VF4tv420&size=970x90&wp=0%2E013&bd=OBT&d=1
154.51.131.141200 OK 144 B URL HTTP/2 tags.h12-media.com/rtb/?pname=hb_result_v3&impdata=5%5FkGj2wxV28KEKBWnZxHhfFK7LJKKoPyW3gYU3OgM4WSsdpfSjHSgbOVhvdSTeFPkBARbRriyRt7JgICZbD%5F1Li3sON7gMrUH%2DOvLZ5TCG1rtBTpwhRZqXwuhwmJfaJwcAKteUgRcOKNjOuP%2DEQ01vCK8jxeWzY3ee1cTRm1EXYkUJMFbcJl9q6w96tkvb68Yajjk93j6liDgQDkWUsd62%5Fxdx0D3uiNkWau4uOqbIkXvdBgeju3sr%2DSR3e4L%5FRA%2DB3V24gRHChVowidbbdj8HIMmQOrtL6rrN9cQzNv8diKMGOponYSxOyN%2DzCRtmYzOBN7DrFCfqCgVP%5F6YbaDTySCPNHz3D0crnOdjsQvrNxQMJcmTQfnVYzuUfndxrQlBOCbj%5FK9qzlju3Doe9f1Z5hQK3%2DimBpzIrIZYCeSuSEmiWrdSz3%2D%5FD0b%2DW4VF4tv420&size=970x90&wp=0%2E013&bd=OBT&d=1
IP 154.51.131.141:0
File type ASCII text, with no line terminators
Hash d45013d657142c297ef663156e1ef6ff
6f849481151f70f36ed3ce025573945893db0c9d
a754969f42738801be2ef332742b3fea538bba504a263a80faabf7bb75fddb8a
GET /rtb/?pname=hb_result_v3&impdata=5%5FkGj2wxV28KEKBWnZxHhfFK7LJKKoPyW3gYU3OgM4WSsdpfSjHSgbOVhvdSTeFPkBARbRriyRt7JgICZbD%5F1Li3sON7gMrUH%2DOvLZ5TCG1rtBTpwhRZqXwuhwmJfaJwcAKteUgRcOKNjOuP%2DEQ01vCK8jxeWzY3ee1cTRm1EXYkUJMFbcJl9q6w96tkvb68Yajjk93j6liDgQDkWUsd62%5Fxdx0D3uiNkWau4uOqbIkXvdBgeju3sr%2DSR3e4L%5FRA%2DB3V24gRHChVowidbbdj8HIMmQOrtL6rrN9cQzNv8diKMGOponYSxOyN%2DzCRtmYzOBN7DrFCfqCgVP%5F6YbaDTySCPNHz3D0crnOdjsQvrNxQMJcmTQfnVYzuUfndxrQlBOCbj%5FK9qzlju3Doe9f1Z5hQK3%2DimBpzIrIZYCeSuSEmiWrdSz3%2D%5FD0b%2DW4VF4tv420&size=970x90&wp=0%2E013&bd=OBT&d=1 HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Cookie: 7thMile=a0b295de%2D1d55%2D48cc%2Da5c2%2D611125c8ded3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-store,no-cache,max-age=0,private
content-type: application/x-javascript; Charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
srg-x: x-.159
x-powered-by: ARR/3.0
date: Mon, 21 Nov 2022 08:34:58 GMT
content-length: 144
X-Firefox-Spdy: h2
api.purpleads.io/x/v/?demand=unifiedPb&ts=1669019698900
52.204.242.76204 No Content 0 B URL HTTP/2 api.purpleads.io/x/v/?demand=unifiedPb&ts=1669019698900
IP 52.204.242.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/v/?demand=unifiedPb&ts=1669019698900 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Content-Type: application/json
x-purpleads-version: 2.0.16
x-request-url: aHR0cHM6Ly93d3cuZHJhbWFjb29sOS5jby8=
Authorization: Bearer e870d9c685526361f0dfe0dbe722da83:78486cdd6d81b9a12ffc06178d32ba7ebbe9fa8e26f91bcddf2adadd02adf65ae34cdfe77754097fa2c7d26474961f11c0299b6f98c1e66eacc3320c8202d711
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 21 Nov 2022 08:34:59 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id: 1b345f7f-9e0c-4cfa-abad-6091f619ec5b
X-Firefox-Spdy: h2
ib.3lift.com/rev/6be1393e0ee56f63717d253e90fe0e4363b3e6d4/dist/bundle.js
54.230.111.101200 OK 55 kB URL HTTP/2 ib.3lift.com/rev/6be1393e0ee56f63717d253e90fe0e4363b3e6d4/dist/bundle.js
IP 54.230.111.101:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 57cca71df74418801685f137aa4584fc
95ddb04b48c37f82111aa902fc363745b4ca4442
867d8528069f4bb0e042363570de3042da3990b358ac153aaf6d66e10db22985
GET /rev/6be1393e0ee56f63717d253e90fe0e4363b3e6d4/dist/bundle.js HTTP/1.1
Host: ib.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 55196
date: Tue, 08 Nov 2022 17:26:20 GMT
last-modified: Tue, 08 Nov 2022 17:25:46 GMT
etag: "57cca71df74418801685f137aa4584fc"
cache-control: max-age=31536000, immutable
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 0F43iRXrpWqYvD8LQO78aCo-ppq5EWLANEMnD3mlIc1HpblsfivX4g==
age: 1091320
X-Firefox-Spdy: h2
ib.3lift.com/static/buttons/edaa/OBA_UK.png
54.230.111.101200 OK 3.5 kB URL HTTP/2 ib.3lift.com/static/buttons/edaa/OBA_UK.png
IP 54.230.111.101:0
File type PNG image data, 72 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 7ceab27af00fa466072a3c3360041755
c1bc3497b095a637bef430169af3b48fae3a71e2
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
GET /static/buttons/edaa/OBA_UK.png HTTP/1.1
Host: ib.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3518
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 19 Nov 2022 06:38:11 GMT
cache-control: max-age=604800,s-maxage=604800,public
etag: "7ceab27af00fa466072a3c3360041755"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 5NDOC5lnNvRmZ_pcAK-6DSA3dFx5xM89Ltf1zPaPKG5EEH7tNvyI5A==
age: 179809
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash c4c6bbce7eb30adf02212f4a74dae468
f12f8f751e733f78ad389db1425ae3486c3aac30
b0cd99b091ee374d6f98add207d891982de45a60992b89cf1ccb153a6438551f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=148269
Date: Mon, 21 Nov 2022 08:34:59 GMT
Etag: "637ac55a-1d7"
Expires: Wed, 23 Nov 2022 01:46:08 GMT
Last-Modified: Mon, 21 Nov 2022 00:24:58 GMT
Server: ECS (nyb/1D10)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: P8F3eCRSlSGdN9ZLhi7scl2DilsyGsfI2QWvcRLZnoYhr4c5LVzyXw==
Age: 4870
eb2.3lift.com/sync?max=10&cb=17248
13.248.245.213200 OK 37 B URL HTTP/2 eb2.3lift.com/sync?max=10&cb=17248
IP 13.248.245.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /sync?max=10&cb=17248 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:59 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
eb2.3lift.com/dr?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=9480596171993319908480&rev=6be1393&disclosure_render_method=3&disclosure_render_text=Sponsored%20By&cb=14287
13.248.245.213200 OK 37 B URL HTTP/2 eb2.3lift.com/dr?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=9480596171993319908480&rev=6be1393&disclosure_render_method=3&disclosure_render_text=Sponsored%20By&cb=14287
IP 13.248.245.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /dr?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=9480596171993319908480&rev=6be1393&disclosure_render_method=3&disclosure_render_text=Sponsored%20By&cb=14287 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:59 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
eb2.3lift.com/ev1?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=9480596171993319908480&rev=6be1393&pr=0.008&bc=AAABhJlTguD_iS1t71HxjH2faOCt5iOq7rUwNQ%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669019697&bcud=10&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=78120
13.248.245.213200 OK 37 B URL HTTP/2 eb2.3lift.com/ev1?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=9480596171993319908480&rev=6be1393&pr=0.008&bc=AAABhJlTguD_iS1t71HxjH2faOCt5iOq7rUwNQ%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669019697&bcud=10&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=78120
IP 13.248.245.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /ev1?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=9480596171993319908480&rev=6be1393&pr=0.008&bc=AAABhJlTguD_iS1t71HxjH2faOCt5iOq7rUwNQ%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669019697&bcud=10&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=78120 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:59 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
eb2.3lift.com/r?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=9480596171993319908480&rev=6be1393&pr=un&bc=AAABhJlTguD_iS1t71HxjH2faOCt5iOq7rUwNQ%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669019697&bcud=10&ss=12&caid=0&unid=0&domain=www.dramacool9.co&ref=https%253A%252F%252Fwww.dramacool9.co%252F&rr=creative&fid=10&rb=0&g=0&cb=80172
13.248.245.213200 OK 37 B URL HTTP/2 eb2.3lift.com/r?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=9480596171993319908480&rev=6be1393&pr=un&bc=AAABhJlTguD_iS1t71HxjH2faOCt5iOq7rUwNQ%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669019697&bcud=10&ss=12&caid=0&unid=0&domain=www.dramacool9.co&ref=https%253A%252F%252Fwww.dramacool9.co%252F&rr=creative&fid=10&rb=0&g=0&cb=80172
IP 13.248.245.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /r?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=9480596171993319908480&rev=6be1393&pr=un&bc=AAABhJlTguD_iS1t71HxjH2faOCt5iOq7rUwNQ%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669019697&bcud=10&ss=12&caid=0&unid=0&domain=www.dramacool9.co&ref=https%253A%252F%252Fwww.dramacool9.co%252F&rr=creative&fid=10&rb=0&g=0&cb=80172 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:59 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
eb2.3lift.com/ctar?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=9480596171993319908480&rev=6be1393&cta_render_method=1&cta_render_text=&cb=33144
13.248.245.213200 OK 37 B URL HTTP/2 eb2.3lift.com/ctar?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=9480596171993319908480&rev=6be1393&cta_render_method=1&cta_render_text=&cb=33144
IP 13.248.245.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /ctar?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=9480596171993319908480&rev=6be1393&cta_render_method=1&cta_render_text=&cb=33144 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:59 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
eb2.3lift.com/aop?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=9480596171993319908480&rev=6be1393&pr=un&bc=AAABhJlTguD_iS1t71HxjH2faOCt5iOq7rUwNQ%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669019697&bcud=10&ss=12&caid=0&unid=0&domain=www.dramacool9.co&ref=https%253A%252F%252Fwww.dramacool9.co%252F&rr=creative&fid=10&rb=0&g=0&cb=38951
13.248.245.213200 OK 37 B URL HTTP/2 eb2.3lift.com/aop?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=9480596171993319908480&rev=6be1393&pr=un&bc=AAABhJlTguD_iS1t71HxjH2faOCt5iOq7rUwNQ%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669019697&bcud=10&ss=12&caid=0&unid=0&domain=www.dramacool9.co&ref=https%253A%252F%252Fwww.dramacool9.co%252F&rr=creative&fid=10&rb=0&g=0&cb=38951
IP 13.248.245.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /aop?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=9480596171993319908480&rev=6be1393&pr=un&bc=AAABhJlTguD_iS1t71HxjH2faOCt5iOq7rUwNQ%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669019697&bcud=10&ss=12&caid=0&unid=0&domain=www.dramacool9.co&ref=https%253A%252F%252Fwww.dramacool9.co%252F&rr=creative&fid=10&rb=0&g=0&cb=38951 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:59 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
tlx.3lift.com/header/notify?px=1&pr=0.008&ts=1669019697&aid=9480596171993319908480&ec=2711_67911_11235855&n=GoYFaHR0cDovL3J0Yi5mci5ldS5jcml0ZW8uY29tL3RyaXBsZWxpZnRvcnRiYmFubmVyL2F1Y3Rpb24vbm90aWZ5P3Byb2ZpbGU9Mjc4JmltcD1hRlg5d3V4QS1uMmFJNC1kNW1za1lNMVNaUzFsYXQxR25US1N6VXU2cDN5eHJuRVdycS1rTkw3SVdLbDFQX0oyTldyUzF0anhxX2RrY2p4WnZaV0djOW51SGJfZVE5REtJTDNzQlNRT2E4SEwyTU5aZzJlNThna3VOMzRuMG5CeGoxZGgydURfZXUxVXNBdEZoSm9xZUZjUHN6UG1ybFZaT1hkOWFMenFvemZ2VXRvdk9kRXd6dUV0VWM4QlVlanU1cGQ4OW1UWUhKUWpUVlRGamgyQzZvTVMyclc0RDMzRTRmRlp3eFRMWmdLdXE2aVdreWRqWVc2YVNRbVZ3UTJfWXNIdlNqem1ZWGl2ZGNtRmU3WHRLYnV6TnBVNEVqM3BtdlRSZjVLMVBXQm1pWmFURl9VWmxIeXlGczVreVNWRzRHMVgxVTVlYnItZ0V0eWxRRXNnWlZBa2dBOW4yc1ctZExCZW52RExGdzlqSDNxenAtQW1iVTFvb2hnU0NiTkdPem5QRU5KNnRvRGx6a3NkOXBMLWFBUy1OVmVkX256Nk1fTFRJbGx3bTcxNU1hQlA1R2JDemxtZUFROVBDSUw5T0ZmZWFwZkhmVFpSUG5LZTV1M2lrMG5kNjFJcHVGTGZ2QlVDcThQX0lmVVBHU1Z3V21XaHNPNFhIM05yd2s5V1R0UUhxNW5pN3dsZlpNaGtxMjdSQmNBUHFyWS1NWXlNR3RHdG9EaGlPUThkakFMbHNQYWxuQfICvQEIABIWOTQ4MDU5NjE3MTk5MzMxOTkwODQ4MBgAIAEolxUwx5IEQAFIAFABYApoAHCqiR2QAQCYAQCoAQC4AQXAAQjIAQrwAQD4AQqAAgiRAgAAAAAAAPA%2FmQIzMzMzMzPDP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4Av84gAOgAYgD2ASQAwCYAwCgAwC4A4bFAsgDANIDCDExMjM1ODU14AODu4Ep6QMAAAAAAAAAAPADCvkDAAAAAAAAAAD4AgyCA6sBaHR0cHM6Ly9wb3N0LnVwZGF0ZS4zbGlmdC5jb20vMi81OTY5MTgvaW1wcmVzc2lvbj90aT05NDgwNTk2MTcxOTkzMzE5OTA4NDgwJmNiPTE2NjkwMTk2OTcmaXA9OTEuOTAuNDIuMTU0JmR0PTU5NjkxODE1MjA5NTEzNjczNjEwMDAmcHY9OWQyN2E2ZTctNzk4NS00YmM2LWFjNGYtYmUyYTMyOTE4YjFmiAMAkgMEMDEzYpgDAKAD7sERqAMA&b=1
3.67.212.83200 OK 37 B URL HTTP/2 tlx.3lift.com/header/notify?px=1&pr=0.008&ts=1669019697&aid=9480596171993319908480&ec=2711_67911_11235855&n=GoYFaHR0cDovL3J0Yi5mci5ldS5jcml0ZW8uY29tL3RyaXBsZWxpZnRvcnRiYmFubmVyL2F1Y3Rpb24vbm90aWZ5P3Byb2ZpbGU9Mjc4JmltcD1hRlg5d3V4QS1uMmFJNC1kNW1za1lNMVNaUzFsYXQxR25US1N6VXU2cDN5eHJuRVdycS1rTkw3SVdLbDFQX0oyTldyUzF0anhxX2RrY2p4WnZaV0djOW51SGJfZVE5REtJTDNzQlNRT2E4SEwyTU5aZzJlNThna3VOMzRuMG5CeGoxZGgydURfZXUxVXNBdEZoSm9xZUZjUHN6UG1ybFZaT1hkOWFMenFvemZ2VXRvdk9kRXd6dUV0VWM4QlVlanU1cGQ4OW1UWUhKUWpUVlRGamgyQzZvTVMyclc0RDMzRTRmRlp3eFRMWmdLdXE2aVdreWRqWVc2YVNRbVZ3UTJfWXNIdlNqem1ZWGl2ZGNtRmU3WHRLYnV6TnBVNEVqM3BtdlRSZjVLMVBXQm1pWmFURl9VWmxIeXlGczVreVNWRzRHMVgxVTVlYnItZ0V0eWxRRXNnWlZBa2dBOW4yc1ctZExCZW52RExGdzlqSDNxenAtQW1iVTFvb2hnU0NiTkdPem5QRU5KNnRvRGx6a3NkOXBMLWFBUy1OVmVkX256Nk1fTFRJbGx3bTcxNU1hQlA1R2JDemxtZUFROVBDSUw5T0ZmZWFwZkhmVFpSUG5LZTV1M2lrMG5kNjFJcHVGTGZ2QlVDcThQX0lmVVBHU1Z3V21XaHNPNFhIM05yd2s5V1R0UUhxNW5pN3dsZlpNaGtxMjdSQmNBUHFyWS1NWXlNR3RHdG9EaGlPUThkakFMbHNQYWxuQfICvQEIABIWOTQ4MDU5NjE3MTk5MzMxOTkwODQ4MBgAIAEolxUwx5IEQAFIAFABYApoAHCqiR2QAQCYAQCoAQC4AQXAAQjIAQrwAQD4AQqAAgiRAgAAAAAAAPA%2FmQIzMzMzMzPDP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4Av84gAOgAYgD2ASQAwCYAwCgAwC4A4bFAsgDANIDCDExMjM1ODU14AODu4Ep6QMAAAAAAAAAAPADCvkDAAAAAAAAAAD4AgyCA6sBaHR0cHM6Ly9wb3N0LnVwZGF0ZS4zbGlmdC5jb20vMi81OTY5MTgvaW1wcmVzc2lvbj90aT05NDgwNTk2MTcxOTkzMzE5OTA4NDgwJmNiPTE2NjkwMTk2OTcmaXA9OTEuOTAuNDIuMTU0JmR0PTU5NjkxODE1MjA5NTEzNjczNjEwMDAmcHY9OWQyN2E2ZTctNzk4NS00YmM2LWFjNGYtYmUyYTMyOTE4YjFmiAMAkgMEMDEzYpgDAKAD7sERqAMA&b=1
IP 3.67.212.83:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /header/notify?px=1&pr=0.008&ts=1669019697&aid=9480596171993319908480&ec=2711_67911_11235855&n=GoYFaHR0cDovL3J0Yi5mci5ldS5jcml0ZW8uY29tL3RyaXBsZWxpZnRvcnRiYmFubmVyL2F1Y3Rpb24vbm90aWZ5P3Byb2ZpbGU9Mjc4JmltcD1hRlg5d3V4QS1uMmFJNC1kNW1za1lNMVNaUzFsYXQxR25US1N6VXU2cDN5eHJuRVdycS1rTkw3SVdLbDFQX0oyTldyUzF0anhxX2RrY2p4WnZaV0djOW51SGJfZVE5REtJTDNzQlNRT2E4SEwyTU5aZzJlNThna3VOMzRuMG5CeGoxZGgydURfZXUxVXNBdEZoSm9xZUZjUHN6UG1ybFZaT1hkOWFMenFvemZ2VXRvdk9kRXd6dUV0VWM4QlVlanU1cGQ4OW1UWUhKUWpUVlRGamgyQzZvTVMyclc0RDMzRTRmRlp3eFRMWmdLdXE2aVdreWRqWVc2YVNRbVZ3UTJfWXNIdlNqem1ZWGl2ZGNtRmU3WHRLYnV6TnBVNEVqM3BtdlRSZjVLMVBXQm1pWmFURl9VWmxIeXlGczVreVNWRzRHMVgxVTVlYnItZ0V0eWxRRXNnWlZBa2dBOW4yc1ctZExCZW52RExGdzlqSDNxenAtQW1iVTFvb2hnU0NiTkdPem5QRU5KNnRvRGx6a3NkOXBMLWFBUy1OVmVkX256Nk1fTFRJbGx3bTcxNU1hQlA1R2JDemxtZUFROVBDSUw5T0ZmZWFwZkhmVFpSUG5LZTV1M2lrMG5kNjFJcHVGTGZ2QlVDcThQX0lmVVBHU1Z3V21XaHNPNFhIM05yd2s5V1R0UUhxNW5pN3dsZlpNaGtxMjdSQmNBUHFyWS1NWXlNR3RHdG9EaGlPUThkakFMbHNQYWxuQfICvQEIABIWOTQ4MDU5NjE3MTk5MzMxOTkwODQ4MBgAIAEolxUwx5IEQAFIAFABYApoAHCqiR2QAQCYAQCoAQC4AQXAAQjIAQrwAQD4AQqAAgiRAgAAAAAAAPA%2FmQIzMzMzMzPDP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4Av84gAOgAYgD2ASQAwCYAwCgAwC4A4bFAsgDANIDCDExMjM1ODU14AODu4Ep6QMAAAAAAAAAAPADCvkDAAAAAAAAAAD4AgyCA6sBaHR0cHM6Ly9wb3N0LnVwZGF0ZS4zbGlmdC5jb20vMi81OTY5MTgvaW1wcmVzc2lvbj90aT05NDgwNTk2MTcxOTkzMzE5OTA4NDgwJmNiPTE2NjkwMTk2OTcmaXA9OTEuOTAuNDIuMTU0JmR0PTU5NjkxODE1MjA5NTEzNjczNjEwMDAmcHY9OWQyN2E2ZTctNzk4NS00YmM2LWFjNGYtYmUyYTMyOTE4YjFmiAMAkgMEMDEzYpgDAKAD7sERqAMA&b=1 HTTP/1.1
Host: tlx.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:59 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dbe50db03251c5202e89ea4c6a4e0baf
76771f72d2e43fb34b0edf6673f6a105394be37e
f2737c864e6415e2041f4a1317640da5445d9e35cab05fc4a75718cd04c5f181
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F2737C864E6415E2041F4A1317640DA5445D9E35CAB05FC4A75718CD04C5F181"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5092
Expires: Mon, 21 Nov 2022 09:59:51 GMT
Date: Mon, 21 Nov 2022 08:34:59 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 8928d7b746b6566fe12602d1d1e40865
4ba3b035d50a2706b446c90f5b5a3ac03b3c1fdc
0b8d328210f2d02ee22f5aa60c23b0f505bc6422bb9f63c8f3806fbe68dc9841
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5915
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:59 GMT
Last-Modified: Mon, 21 Nov 2022 06:56:24 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 313
s.update.3lift.com/2/596918/analytics.js?pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&to=3&ai=476330&pp=11793&si=8936902&sr=12&pc=286958&di=dramacool9.co&dm=160x600&md=1>=3144096&c1=2711&c2=67911&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000
18.203.213.28200 OK 2.9 kB URL HTTP/1.1 s.update.3lift.com/2/596918/analytics.js?pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&to=3&ai=476330&pp=11793&si=8936902&sr=12&pc=286958&di=dramacool9.co&dm=160x600&md=1>=3144096&c1=2711&c2=67911&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000
IP 18.203.213.28:0
File type ASCII text, with very long lines (5506)
Hash bf2146e9a63a15180ee76b565a150d47
4ef246499fe74bceed358e7e0d276f4fc63518e1
02202f58b5b42c421439375d1251480fb0ce99c9dcc8dd60cb809e47e2a8db01
GET /2/596918/analytics.js?pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&to=3&ai=476330&pp=11793&si=8936902&sr=12&pc=286958&di=dramacool9.co&dm=160x600&md=1>=3144096&c1=2711&c2=67911&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000 HTTP/1.1
Host: s.update.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 08:34:58 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2887
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Vary: *
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Pragma: no-cache
Expires: 0
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Content-Encoding: gzip
mp.4dex.io/prebid
104.18.2.114200 OK 601 B IP 104.18.2.114:0
Hash e84a8ab8f3d66fe5298b6d3ef13fe3da
41b991e72f36ab21da1bf55c2d91eb3f2395c35c
2c181121743895a539beaf190dd72f61f1c3abab5ea2720e4c5b0e03fd95a97a
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1764
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:57 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
x-warn: Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: gpt-passback
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76d816d5c85f0b41-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d9afe0ae0199aff69fefbe5a55490d31
126f648ad266469bf531b5c08f7f71a973d0eeb0
105d272d89fa39de018c77cb85f97c12af739243c6bf8172e2914217bd2efec5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:34:08 GMT
expires: Thu, 16 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 392451
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 18:53:49 GMT
expires: Thu, 16 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 394870
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d9afe0ae0199aff69fefbe5a55490d31
126f648ad266469bf531b5c08f7f71a973d0eeb0
105d272d89fa39de018c77cb85f97c12af739243c6bf8172e2914217bd2efec5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.update.3lift.com/2/2.82.0/main.js
18.203.213.28200 OK 54 kB URL HTTP/1.1 s.update.3lift.com/2/2.82.0/main.js
IP 18.203.213.28:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 86ff86a4a5293380d34c61d8be80b9f3
28e21bfe783999b939bc1ed7e2ac5a435943db88
06a97f9259f519c690ae50661fd5a134aba928867562f142dd69c7d853e49b2f
GET /2/2.82.0/main.js HTTP/1.1
Host: s.update.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 08:34:58 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 54050
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Cache-Control: public, no-transform, immutable, max-age=999999999
Expires: Thu, 30 Jul 2054 08:09:40 GMT
Vary: Origin, Accept-Encoding
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Content-Encoding: br
s.update.3lift.com/2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?oz_pl=1&md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&_x=1
18.203.213.28200 OK 0 B URL HTTP/1.1 s.update.3lift.com/2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?oz_pl=1&md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&_x=1
IP 18.203.213.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?oz_pl=1&md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&_x=1 HTTP/1.1
Host: s.update.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 29
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 08:34:59 GMT
Content-Length: 0
Timing-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Origin: *
odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fwww.dramacool9.co%2F&idx=0&rand=84252&key=H12ME1OGI4M4PLMMGPJ01MHAC&widgetJSId=AR_2&va=true&et=true&format=html&rtbEnabled=true&adblck=false&abwl=false&extid=1612402&pubImpId=1106e96d1ce29908&px=0&py=0&vpd=0&cnsntv2=CPi0DH4Pi0DH4BBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cw=970&activeTab=true&darkMode=false&ab=0&wl=00&settings=true&recs=true&version=2000952&sig=2ZHux8x4&apv=false&false&osLang=en-US&winW=970&winH=90&scrW=1280&scrH=1024&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&ogn=https%3A%2F%2Fwww.dramacool9.co%2F
151.101.86.132200 OK 14 kB URL HTTP/2 odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fwww.dramacool9.co%2F&idx=0&rand=84252&key=H12ME1OGI4M4PLMMGPJ01MHAC&widgetJSId=AR_2&va=true&et=true&format=html&rtbEnabled=true&adblck=false&abwl=false&extid=1612402&pubImpId=1106e96d1ce29908&px=0&py=0&vpd=0&cnsntv2=CPi0DH4Pi0DH4BBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cw=970&activeTab=true&darkMode=false&ab=0&wl=00&settings=true&recs=true&version=2000952&sig=2ZHux8x4&apv=false&false&osLang=en-US&winW=970&winH=90&scrW=1280&scrH=1024&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&ogn=https%3A%2F%2Fwww.dramacool9.co%2F
IP 151.101.86.132:0
File type Unicode text, UTF-8 text, with very long lines (51099), with no line terminators
Hash 2c7d7b039cae04335566c9998184bd37
2d3435797b00879402c2fc7d1241da138a255bca
1b5ed1f65eebe22ad600a194e60ea2142a55ccbcd5491a827ac37ae1c79ed2c5
GET /utils/platforms?contentUrl=https%3A%2F%2Fwww.dramacool9.co%2F&idx=0&rand=84252&key=H12ME1OGI4M4PLMMGPJ01MHAC&widgetJSId=AR_2&va=true&et=true&format=html&rtbEnabled=true&adblck=false&abwl=false&extid=1612402&pubImpId=1106e96d1ce29908&px=0&py=0&vpd=0&cnsntv2=CPi0DH4Pi0DH4BBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cw=970&activeTab=true&darkMode=false&ab=0&wl=00&settings=true&recs=true&version=2000952&sig=2ZHux8x4&apv=false&false&osLang=en-US&winW=970&winH=90&scrW=1280&scrH=1024&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&ogn=https%3A%2F%2Fwww.dramacool9.co%2F HTTP/1.1
Host: odb.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache
pragma: no-cache
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
set-cookie: obsessionid-p178258=2d7205b8-1d7f-c179-0000-01849953890b|0|1; Max-Age=1800; Expires=Mon, 21 Nov 2022 09:04:59 GMT; Path=/; Domain=outbrain.com
recs_bed9fb41b2384a1e2839220c9256b95a=0B4392567789A4392563714ACD1; Max-Age=60; Expires=Mon, 21 Nov 2022 08:35:59 GMT; Path=/; Domain=outbrain.com
obuid=778f6138-fbe3-40b4-bae0-c55bd14a6859; Max-Age=7776000; Expires=Sun, 19 Feb 2023 08:34:59 GMT; Path=/; Domain=outbrain.com
x-traceid: f0575e40877924f095911a1531f78f94
content-encoding: gzip
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Mon, 21 Nov 2022 08:34:59 GMT
x-served-by: cache-lga21950-LGA, cache-bma1679-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669019699.411292,VS0,VE204
vary: Accept-Encoding, User-Agent
traffic-path: NYDC1, LGA, BMA, Europe1
content-length: 13650
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash f4e57292c9b38ede9d08b20ca03d0bd3
b84c41868f0fdf296def771a4b8a1b115327e424
3f38896ac21c8346289ceefc56036f925908946a23faeb5e895ac2589a397c6b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4167
Cache-Control: max-age=108687
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:59 GMT
Etag: "637a2d7b-138"
Expires: Tue, 22 Nov 2022 14:46:26 GMT
Last-Modified: Sun, 20 Nov 2022 13:36:59 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 312
s.update.3lift.com/2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?oz_pl=1&md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&_x=1
18.203.213.28200 OK 0 B URL HTTP/1.1 s.update.3lift.com/2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?oz_pl=1&md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&_x=1
IP 18.203.213.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?oz_pl=1&md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&_x=1 HTTP/1.1
Host: s.update.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 23
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 08:34:59 GMT
Content-Length: 0
Timing-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Origin: *
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 2da0656fb619926aa09cc73016995538
c74fb0c53a1fad3cb6a9a2fa70279108b4efe550
b2eac8fdd7a2495879ba96c73f4ed14dff3774090defd2d2847258d1335c36e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2358
Cache-Control: max-age=136056
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:59 GMT
Etag: "637a9f75-139"
Expires: Tue, 22 Nov 2022 22:22:35 GMT
Last-Modified: Sun, 20 Nov 2022 21:43:17 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 2da0656fb619926aa09cc73016995538
c74fb0c53a1fad3cb6a9a2fa70279108b4efe550
b2eac8fdd7a2495879ba96c73f4ed14dff3774090defd2d2847258d1335c36e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2299
Cache-Control: max-age=135997
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:59 GMT
Etag: "637a9f75-139"
Expires: Tue, 22 Nov 2022 22:21:36 GMT
Last-Modified: Sun, 20 Nov 2022 21:43:17 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 2da0656fb619926aa09cc73016995538
c74fb0c53a1fad3cb6a9a2fa70279108b4efe550
b2eac8fdd7a2495879ba96c73f4ed14dff3774090defd2d2847258d1335c36e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2292
Cache-Control: max-age=135990
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:59 GMT
Etag: "637a9f75-139"
Expires: Tue, 22 Nov 2022 22:21:29 GMT
Last-Modified: Sun, 20 Nov 2022 21:43:17 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 2da0656fb619926aa09cc73016995538
c74fb0c53a1fad3cb6a9a2fa70279108b4efe550
b2eac8fdd7a2495879ba96c73f4ed14dff3774090defd2d2847258d1335c36e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2358
Cache-Control: max-age=136056
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:59 GMT
Etag: "637a9f75-139"
Expires: Tue, 22 Nov 2022 22:22:35 GMT
Last-Modified: Sun, 20 Nov 2022 21:43:17 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 2da0656fb619926aa09cc73016995538
c74fb0c53a1fad3cb6a9a2fa70279108b4efe550
b2eac8fdd7a2495879ba96c73f4ed14dff3774090defd2d2847258d1335c36e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2299
Cache-Control: max-age=135997
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:34:59 GMT
Etag: "637a9f75-139"
Expires: Tue, 22 Nov 2022 22:21:36 GMT
Last-Modified: Sun, 20 Nov 2022 21:43:17 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 313
ads.eu.criteo.com/delivery/r/afr.php?z=AAABhJlTguD_iS1t71HxjH2faOCt5iOq7rUwNQ==&u=%7CtvThQWG3ZKJ4%2Bq6j%2B4Ol513I%2FhM5vnqlmSJQBYJX7YA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHfou0vvtO-sxHTOMJWEDwUnlbfwVqL4ZscpMbenZwTYMrH5aTh-_ZH0iTlkP7aM046hVRG5tQLo_DsHFIY6wbJJAo-oz3veFSxjda4SgNpeFpdDwR1NUFLWlI6nQXz7jX3K6ky7WiLm6nAFMTxGMEvDM2MeBS4mMGv39gWrd_cEXxet5SvB_LWiqt_501A9oZGDzxkN-nxCyi7diZvrmLYvM1UpFXJMhF6lmvKdWXoXb0OG2nzBKK4IIaWaRlao9dg2AJ82HlXwHmXhNkZu2KLZibG8QSV9bF4YVEyiXGpUBpnmxvkFb-Pr2KUdR-6xUD0WhNBSB5gaDg7JoihNWyHgRvc0cRLINx1oSoYEiKAccb_g_s25TmGIsX6hAHZtMoU4Z5yfZ62A1xTYXSWear1dgS97mZhNGjpHRVCCu2AMaoKwBS8PiYN2xKxX3pFlEoivbzYWzSFk33c07QQgqPUVewqvyBltuh9jt9NMh3LMFCvOsz9KHaTB1SKl9B216-vkojy6-4ucjvsDMZFFa3ToUyH4JBJyp_UZ1jliw525_s_jjIHqjFAutYFwBPXwcBcYtrfcj-EeGsM3Nh2GmbIUjdTuNfM_YAg&ct0=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3DPurpleads_RON_Banner_HDX_Prebid%26aid%3D9480596171993319908480%26rev%3D6be1393%26pr%3D0.008%26bc%3DAAABhJlTguD_iS1t71HxjH2faOCt5iOq7rUwNQ%253D%253D%26bmid%3D2711%26biid%3D7295%26sid%3D67911%26brid%3D476330%26adid%3D11235855%26crid%3D86007171%26ts%3D1669019697%26bcud%3D10%26ss%3D12%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D21019%26rdir%3D
178.250.2.65200 OK 60 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=AAABhJlTguD_iS1t71HxjH2faOCt5iOq7rUwNQ==&u=%7CtvThQWG3ZKJ4%2Bq6j%2B4Ol513I%2FhM5vnqlmSJQBYJX7YA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHfou0vvtO-sxHTOMJWEDwUnlbfwVqL4ZscpMbenZwTYMrH5aTh-_ZH0iTlkP7aM046hVRG5tQLo_DsHFIY6wbJJAo-oz3veFSxjda4SgNpeFpdDwR1NUFLWlI6nQXz7jX3K6ky7WiLm6nAFMTxGMEvDM2MeBS4mMGv39gWrd_cEXxet5SvB_LWiqt_501A9oZGDzxkN-nxCyi7diZvrmLYvM1UpFXJMhF6lmvKdWXoXb0OG2nzBKK4IIaWaRlao9dg2AJ82HlXwHmXhNkZu2KLZibG8QSV9bF4YVEyiXGpUBpnmxvkFb-Pr2KUdR-6xUD0WhNBSB5gaDg7JoihNWyHgRvc0cRLINx1oSoYEiKAccb_g_s25TmGIsX6hAHZtMoU4Z5yfZ62A1xTYXSWear1dgS97mZhNGjpHRVCCu2AMaoKwBS8PiYN2xKxX3pFlEoivbzYWzSFk33c07QQgqPUVewqvyBltuh9jt9NMh3LMFCvOsz9KHaTB1SKl9B216-vkojy6-4ucjvsDMZFFa3ToUyH4JBJyp_UZ1jliw525_s_jjIHqjFAutYFwBPXwcBcYtrfcj-EeGsM3Nh2GmbIUjdTuNfM_YAg&ct0=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3DPurpleads_RON_Banner_HDX_Prebid%26aid%3D9480596171993319908480%26rev%3D6be1393%26pr%3D0.008%26bc%3DAAABhJlTguD_iS1t71HxjH2faOCt5iOq7rUwNQ%253D%253D%26bmid%3D2711%26biid%3D7295%26sid%3D67911%26brid%3D476330%26adid%3D11235855%26crid%3D86007171%26ts%3D1669019697%26bcud%3D10%26ss%3D12%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D21019%26rdir%3D
IP 178.250.2.65:0
Hash 5ae2c169d8dc8c446f069dae021a1ae0
ff43f47adadeb80c9eb205227de30fef39284ff4
2c774a1551bb2630b5ece5d30e4d3c1eac1a2765eb7795451a9c60e4bfdcecdb
GET /delivery/r/afr.php?z=AAABhJlTguD_iS1t71HxjH2faOCt5iOq7rUwNQ==&u=%7CtvThQWG3ZKJ4%2Bq6j%2B4Ol513I%2FhM5vnqlmSJQBYJX7YA%3D%7C&c1=JrbohDAzizBCiLKN5O6jHfou0vvtO-sxHTOMJWEDwUnlbfwVqL4ZscpMbenZwTYMrH5aTh-_ZH0iTlkP7aM046hVRG5tQLo_DsHFIY6wbJJAo-oz3veFSxjda4SgNpeFpdDwR1NUFLWlI6nQXz7jX3K6ky7WiLm6nAFMTxGMEvDM2MeBS4mMGv39gWrd_cEXxet5SvB_LWiqt_501A9oZGDzxkN-nxCyi7diZvrmLYvM1UpFXJMhF6lmvKdWXoXb0OG2nzBKK4IIaWaRlao9dg2AJ82HlXwHmXhNkZu2KLZibG8QSV9bF4YVEyiXGpUBpnmxvkFb-Pr2KUdR-6xUD0WhNBSB5gaDg7JoihNWyHgRvc0cRLINx1oSoYEiKAccb_g_s25TmGIsX6hAHZtMoU4Z5yfZ62A1xTYXSWear1dgS97mZhNGjpHRVCCu2AMaoKwBS8PiYN2xKxX3pFlEoivbzYWzSFk33c07QQgqPUVewqvyBltuh9jt9NMh3LMFCvOsz9KHaTB1SKl9B216-vkojy6-4ucjvsDMZFFa3ToUyH4JBJyp_UZ1jliw525_s_jjIHqjFAutYFwBPXwcBcYtrfcj-EeGsM3Nh2GmbIUjdTuNfM_YAg&ct0=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3DPurpleads_RON_Banner_HDX_Prebid%26aid%3D9480596171993319908480%26rev%3D6be1393%26pr%3D0.008%26bc%3DAAABhJlTguD_iS1t71HxjH2faOCt5iOq7rUwNQ%253D%253D%26bmid%3D2711%26biid%3D7295%26sid%3D67911%26brid%3D476330%26adid%3D11235855%26crid%3D86007171%26ts%3D1669019697%26bcud%3D10%26ss%3D12%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D21019%26rdir%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:59 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=thBdGB7jCZs5r2TrCIcObT0dy3sGs_VQeV7JBRun6SGvhWdnbr5O22-AD88G106OigUQdjUaWwPqcWR1YjLRH2oowXvsDTu3zNxzeRaGtWUy4rtQj0HiraeNzTMyrPzYONnLIdEEGgD_38jAyXEcp4KP5MOosz63tfqTDuY9qEXKocDdC7PAeQGi-BhDaKWEVrhywkb95pnw84Aqx6pv1nUjul21WTTwplAE-TZw3WTyS41tLYUYmrPeIL484IH7j9vW2gcjxYMt9C8o"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 94114571
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
widgets.outbrain.com/nanoWidget/externals/cookie/put.html
23.38.201.81200 OK 416 B URL HTTP/2 widgets.outbrain.com/nanoWidget/externals/cookie/put.html
IP 23.38.201.81:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c0311cf15c21ddda054005e92fad3f9e
5276eceeb0576cbee82010f611dfd6fd305991f9
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
GET /nanoWidget/externals/cookie/put.html HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1668678545.516071"
last-modified: Thu, 17 Nov 2022 09:15:33 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=604800
expires: Mon, 28 Nov 2022 08:34:59 GMT
date: Mon, 21 Nov 2022 08:34:59 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=778f6138-fbe3-40b4-bae0-c55bd14a6859
23.38.201.81200 OK 686 B URL HTTP/2 widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=778f6138-fbe3-40b4-bae0-c55bd14a6859
IP 23.38.201.81:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5b97ec90c55f5357b412825e5e67525a
7dd2ad14245380a730735d18b06346dcbb7aa254
ee4237548288e67df37898219464bc7bd57bf2eb4238a627dcbbb15815090037
GET /nanoWidget/externals/obUserFrame/test.html?lsd=778f6138-fbe3-40b4-bae0-c55bd14a6859 HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "1e015194a0e596827cb8971f884eb43c:1668678549.274809"
last-modified: Thu, 17 Nov 2022 09:15:33 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800
expires: Mon, 28 Nov 2022 08:34:59 GMT
date: Mon, 21 Nov 2022 08:34:59 GMT
content-length: 686
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/back_button2.svg
178.250.2.130200 OK 293 B URL HTTP/2 static.criteo.net/flash/icon/back_button2.svg
IP 178.250.2.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash d9f776bdc698e1bc9c6a1977218019cd
5763cfb5ac79adf0fa7f03a82bad04eea2dca243
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
GET /flash/icon/back_button2.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 08:34:59 GMT
content-type: image/svg+xml
content-length: 293
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
etag: "626a59dc-125"
expires: Thu, 16 Nov 2023 08:34:59 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
widgets.outbrain.com/widgetOBUserSync/obUserSync.html
23.38.201.81200 OK 5.9 kB URL HTTP/2 widgets.outbrain.com/widgetOBUserSync/obUserSync.html
IP 23.38.201.81:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (18153)
Hash 5928244ce30d46c9711e45d93accee88
d3c363e73a369ea78cdbfbc1e083560dcceeefa9
80794a13d3bee288d87c8a52a9d1d946d237068ecd2bbf28e855a6abb4bbeeb2
GET /widgetOBUserSync/obUserSync.html HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "eb6f12a90369cd1799e9dcdcbd9865cc:1668326737.095418"
last-modified: Sun, 13 Nov 2022 07:59:33 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800
expires: Mon, 28 Nov 2022 08:34:59 GMT
date: Mon, 21 Nov 2022 08:34:59 GMT
content-length: 5873
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/nanoWidget/2000952/module/userZapping.js?e=1
23.38.201.81200 OK 7.0 kB URL HTTP/2 widgets.outbrain.com/nanoWidget/2000952/module/userZapping.js?e=1
IP 23.38.201.81:0
File type ASCII text, with very long lines (13900)
Hash 048bc52cc9ce848925fcf702c23eea7c
85d1758445671cbf5d052b46ceb8cd645de9d4cb
ee1c2e2fea306e9cab6498b64bb53936c5d551c8e7293c78a4676a330fbcebcb
GET /nanoWidget/2000952/module/userZapping.js?e=1 HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "0abf1860b83caed7948295363d7ab2fe:1668678454.324625"
last-modified: Thu, 17 Nov 2022 09:17:44 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800
expires: Mon, 28 Nov 2022 08:34:59 GMT
date: Mon, 21 Nov 2022 08:34:59 GMT
content-length: 6997
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/Close.svg
23.38.201.81200 OK 765 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/Close.svg
IP 23.38.201.81:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (635)
Hash f740f788e2e26736856f7a3a12457a63
d0ec57a47f6a40f23011dd93219873a5eaee96e2
c2c92cde33538b1187bedea3d0b6d5141e4222eba8092476339aa080cee759ac
GET /images/widgetIcons/Close.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "f740f788e2e26736856f7a3a12457a63:1662969029.343348"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 765
cache-control: max-age=2592000
expires: Wed, 21 Dec 2022 08:34:59 GMT
date: Mon, 21 Nov 2022 08:34:59 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/achoice.svg
23.38.201.81200 OK 2.7 kB URL HTTP/2 widgets.outbrain.com/images/widgetIcons/achoice.svg
IP 23.38.201.81:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2290)
Hash 9d26fa4e7238ed94f1d0d92afb453b3e
ae18efe7d09337bf2f580b3f5bc912284aad7821
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
GET /images/widgetIcons/achoice.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 2735
cache-control: max-age=2592000
expires: Wed, 21 Dec 2022 08:34:59 GMT
date: Mon, 21 Nov 2022 08:34:59 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
s.update.3lift.com/2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&sid=AaX0yBUMEAQw6D8v&oz_sc=a39eb670640f612e51409a30&oz_df=1669019699770&oz_l=131&cv=3
18.203.213.28200 OK 0 B URL HTTP/1.1 s.update.3lift.com/2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&sid=AaX0yBUMEAQw6D8v&oz_sc=a39eb670640f612e51409a30&oz_df=1669019699770&oz_l=131&cv=3
IP 18.203.213.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&sid=AaX0yBUMEAQw6D8v&oz_sc=a39eb670640f612e51409a30&oz_df=1669019699770&oz_l=131&cv=3 HTTP/1.1
Host: s.update.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 135
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 08:34:59 GMT
Content-Length: 0
Timing-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Origin: *
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:26:57 GMT
expires: Thu, 16 Nov 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 392882
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widgets.outbrain.com/nanoWidget/externals/cookie/test.html
23.38.201.81200 OK 610 B URL HTTP/2 widgets.outbrain.com/nanoWidget/externals/cookie/test.html
IP 23.38.201.81:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 48053d50141031b1511dbd30f9a31288
06966364d22a02a4ed89c18c38d6ddfc6de254c6
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
GET /nanoWidget/externals/cookie/test.html HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "48053d50141031b1511dbd30f9a31288:1668678546.302743"
last-modified: Thu, 17 Nov 2022 09:15:33 GMT
server: AkamaiNetStorage
content-length: 610
cache-control: max-age=604800
expires: Mon, 28 Nov 2022 08:34:59 GMT
date: Mon, 21 Nov 2022 08:34:59 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
s.update.3lift.com/2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&sid=AaX0yBUMEAQw6D8v&oz_sc=a39eb670640f612e51409a30&oz_df=1669019700024&oz_l=3684&cv=3
18.203.213.28200 OK 0 B URL HTTP/1.1 s.update.3lift.com/2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&sid=AaX0yBUMEAQw6D8v&oz_sc=a39eb670640f612e51409a30&oz_df=1669019700024&oz_l=3684&cv=3
IP 18.203.213.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&sid=AaX0yBUMEAQw6D8v&oz_sc=a39eb670640f612e51409a30&oz_df=1669019700024&oz_l=3684&cv=3 HTTP/1.1
Host: s.update.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3688
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 08:34:59 GMT
Content-Length: 0
Timing-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Origin: *
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
IP 142.250.74.10:0
Hash 6e3c739bd2d245642e2c061b224ca49b
15e610e2230e34dda0b5f03868b17e226b4b92a7
230406ea9c69f5ad343d902dfe7b7a390f111bcfa188c4d854a5b09adc471a3c
GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 21 Nov 2022 08:34:59 GMT
date: Mon, 21 Nov 2022 08:34:59 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 953f498cb8b8c5d21cfc9c20a4e8a384
964339e0dcf806016b4f389355a96a55453fce73
30d7ffa18d3ad875aea78531ac717f54d83e2624e764ce071130ed58640d5fff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4793
Cache-Control: max-age=102140
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:35:00 GMT
Etag: "637a1177-139"
Expires: Tue, 22 Nov 2022 12:57:20 GMT
Last-Modified: Sun, 20 Nov 2022 11:37:27 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 953f498cb8b8c5d21cfc9c20a4e8a384
964339e0dcf806016b4f389355a96a55453fce73
30d7ffa18d3ad875aea78531ac717f54d83e2624e764ce071130ed58640d5fff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4859
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:35:00 GMT
Last-Modified: Mon, 21 Nov 2022 07:14:01 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313
images.outbrainimg.com/transform/v3/eyJpdSI6ImZkOTY3OTZiM2M5MjdlMjBiZDFlMDExZWYzYmY2YzhlZGNlNjFjYTJmNDAwZWQwNDQ5MmE2YWQ2YTFkNmZhMzEiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg
23.38.201.176200 OK 8.6 kB URL HTTP/2 images.outbrainimg.com/transform/v3/eyJpdSI6ImZkOTY3OTZiM2M5MjdlMjBiZDFlMDExZWYzYmY2YzhlZGNlNjFjYTJmNDAwZWQwNDQ5MmE2YWQ2YTFkNmZhMzEiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg
IP 23.38.201.176:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x150, components 3\012- data
Hash 9c0761ad0c64c75e41fbbc1e1a1330aa
dd4f5197f6e6169d630058187606de9b96f3639e
07abf95ca510771fa34a5483d08ecb6868807a3940488b62e6cba40e8db7197a
GET /transform/v3/eyJpdSI6ImZkOTY3OTZiM2M5MjdlMjBiZDFlMDExZWYzYmY2YzhlZGNlNjFjYTJmNDAwZWQwNDQ5MmE2YWQ2YTFkNmZhMzEiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg HTTP/1.1
Host: images.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 8616
last-modified: Fri, 07 Oct 2022 17:37:23 GMT
x-traceid: 298a9d4b60f4e7d9301fe088e2491059
cache-control: max-age=2192890
date: Mon, 21 Nov 2022 08:35:00 GMT
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 953f498cb8b8c5d21cfc9c20a4e8a384
964339e0dcf806016b4f389355a96a55453fce73
30d7ffa18d3ad875aea78531ac717f54d83e2624e764ce071130ed58640d5fff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4859
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:35:00 GMT
Last-Modified: Mon, 21 Nov 2022 07:14:01 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 953f498cb8b8c5d21cfc9c20a4e8a384
964339e0dcf806016b4f389355a96a55453fce73
30d7ffa18d3ad875aea78531ac717f54d83e2624e764ce071130ed58640d5fff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4793
Cache-Control: max-age=102140
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:35:00 GMT
Etag: "637a1177-139"
Expires: Tue, 22 Nov 2022 12:57:20 GMT
Last-Modified: Sun, 20 Nov 2022 11:37:27 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 313
images.outbrainimg.com/transform/v3/eyJpdSI6ImE5MWJjMTVkZmE0N2I3NDI4NmQ3YzA5MmVhNGNkZmZmZDY4MjdlZjc0NWViNzY3NzYzMjNiOGEyOTZmNjM4NzQiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg
23.38.201.176200 OK 12 kB URL HTTP/2 images.outbrainimg.com/transform/v3/eyJpdSI6ImE5MWJjMTVkZmE0N2I3NDI4NmQ3YzA5MmVhNGNkZmZmZDY4MjdlZjc0NWViNzY3NzYzMjNiOGEyOTZmNjM4NzQiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg
IP 23.38.201.176:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x150, components 3\012- data
Hash 3f24b7d260b197b4494142f58bc0f5fb
5d179eda2ee53333d67ee8105aac71253564c52e
9ec448011b2031be865cd4655a43d949071b21db8d0ea6e8951e4a3131062558
GET /transform/v3/eyJpdSI6ImE5MWJjMTVkZmE0N2I3NDI4NmQ3YzA5MmVhNGNkZmZmZDY4MjdlZjc0NWViNzY3NzYzMjNiOGEyOTZmNjM4NzQiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg HTTP/1.1
Host: images.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 11577
last-modified: Sat, 01 Oct 2022 13:34:09 GMT
x-traceid: 48eaccb78428aa04a32c9c292a8ef718
cache-control: max-age=1753240
date: Mon, 21 Nov 2022 08:35:00 GMT
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
timing-allow-origin: *, *
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ffarah%2F1300x1700%2Fahf4wf60d8_cnavy.jpg&v=3&w=400&s=VemFyXx8jmqlPYQmRviKbM3C&b=400
178.250.0.139200 OK 5.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ffarah%2F1300x1700%2Fahf4wf60d8_cnavy.jpg&v=3&w=400&s=VemFyXx8jmqlPYQmRviKbM3C&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 331x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 405e3f637aecd30e31fd9be9339eb0a9
36b901d8b8ac7046ef61e6ebc0c51dd439fc5371
bd7d4cf716eb9e8bee3d6afae5c2338506066e9667c588a19d17b604d45c1271
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ffarah%2F1300x1700%2Fahf4wf60d8_cnavy.jpg&v=3&w=400&s=VemFyXx8jmqlPYQmRviKbM3C&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31188578
expires: Fri, 17 Nov 2023 08:04:38 GMT
date: Mon, 21 Nov 2022 08:34:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4956
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftretorn%2F1300x1700%2Ftre473379_c014blackblack_v014.jpg&v=3&w=400&s=DlSPlIjQNtCx7o7YfxSi-Lct&b=400
178.250.0.139200 OK 7.1 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftretorn%2F1300x1700%2Ftre473379_c014blackblack_v014.jpg&v=3&w=400&s=DlSPlIjQNtCx7o7YfxSi-Lct&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 395x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b9c81c2c7b20b7946e8ca6fdf2582e18
be0bfe0cf3f3a56b62b660f0cf538e73cba30252
09f51698f3f045a5ea09186d1304c3035c2e1db33bbdc833d805a5155126ffa7
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftretorn%2F1300x1700%2Ftre473379_c014blackblack_v014.jpg&v=3&w=400&s=DlSPlIjQNtCx7o7YfxSi-Lct&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29378763
expires: Fri, 27 Oct 2023 09:21:03 GMT
date: Mon, 21 Nov 2022 08:34:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7092
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/icon-vi.svg
23.38.201.81200 OK 182 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/icon-vi.svg
IP 23.38.201.81:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash c065312fdb5e02c1399f2622776530df
785d98e9025f7b5cd7e2bd4f80098e44cda01ebf
b9e07d8e5143b4764aeebb012b1b020f60eb1cdca44ed1bc22ba9bc85f3af5eb
GET /images/widgetIcons/icon-vi.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "91990280dce13a095a0da3a6b2fc6816:1662969041.773759"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 182
cache-control: max-age=2592000
expires: Wed, 21 Dec 2022 08:35:00 GMT
date: Mon, 21 Nov 2022 08:35:00 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/BlockBlue.svg
23.38.201.81200 OK 566 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/BlockBlue.svg
IP 23.38.201.81:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (462)
Hash 67fffe0e5c5262bfb3fb57a8d8d69fbf
2731fbd0437ec9e215e9e3847908ce93f866ed6c
e72f0926b3418896301bda925b636ad884f5bf18f54308383ae77522ca5cd9a2
GET /images/widgetIcons/BlockBlue.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "67fffe0e5c5262bfb3fb57a8d8d69fbf:1662969027.986981"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 566
cache-control: max-age=2592000
expires: Wed, 21 Dec 2022 08:35:00 GMT
date: Mon, 21 Nov 2022 08:35:00 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/ChevronRight.svg
23.38.201.81200 OK 524 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/ChevronRight.svg
IP 23.38.201.81:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (422)
Hash c1dc41410784b37a37e29a21baf9aa1f
9b1a4b46b77322f217c3395e32bbb177199c327c
f8d6148b07b2251c53a2605a003b1d29babb8154c5abd0bde0f7e8a800f2dfd9
GET /images/widgetIcons/ChevronRight.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "c1dc41410784b37a37e29a21baf9aa1f:1662969028.698646"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 524
cache-control: max-age=2592000
expires: Wed, 21 Dec 2022 08:35:00 GMT
date: Mon, 21 Nov 2022 08:35:00 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/icon-x-white.svg
23.38.201.81200 OK 559 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/icon-x-white.svg
IP 23.38.201.81:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (363)
Hash 854eb39a3d94a8ec9977261db0c8acc8
ef852997961f946b34e996504912b0606e4c6593
06ffd9e17bd41822b9a7b982a8ff486fafa54f7781baacb6ef3507ae7f9b36b5
GET /images/widgetIcons/icon-x-white.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "854eb39a3d94a8ec9977261db0c8acc8:1662969042.351779"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 559
cache-control: max-age=2592000
expires: Wed, 21 Dec 2022 08:35:00 GMT
date: Mon, 21 Nov 2022 08:35:00 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf1942517201_cblack.jpg&v=3&w=400&s=fLIVTdbVj-JiDiA_bXmPvdIb&b=400
178.250.0.139200 OK 5.3 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf1942517201_cblack.jpg&v=3&w=400&s=fLIVTdbVj-JiDiA_bXmPvdIb&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x197, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2f0573fc61495c2033049638848c0399
d3b41e2fad899d7350d41de49e95f9d659f6e456
ab719ca97942999c4665269a6d9008d1941bd018cd097508ee42f0ef3d1d7ea9
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf1942517201_cblack.jpg&v=3&w=400&s=fLIVTdbVj-JiDiA_bXmPvdIb&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30491340
expires: Thu, 09 Nov 2023 06:24:00 GMT
date: Mon, 21 Nov 2022 08:34:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5272
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e9505ac07d6f84f9bed85845cf5e3881
6b17485dd010d4685f844dab4f7340688fb8554f
9c033911bc57c94de8fb99695aa047149dc39ecdf1bde16421ab726aae3661d7
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5396
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:35:00 GMT
Last-Modified: Mon, 21 Nov 2022 07:05:04 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221028%2Fe3cac302924a4ba6ac387055db345425_img_vertical_1.jpg&v=3&w=1200&s=Y36D1szgDdBeW8cyMta5BE-j
178.250.0.139200 OK 69 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221028%2Fe3cac302924a4ba6ac387055db345425_img_vertical_1.jpg&v=3&w=1200&s=Y36D1szgDdBeW8cyMta5BE-j
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x1200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 30b910487228d56c46bde31d9a655254
eff48608d1c1e8b7e3dc9c54078690845b7954a9
500eacb34e20b6106834de1031c88f4c3a0461754849f4933d4a1a647f82c2cf
GET /img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221028%2Fe3cac302924a4ba6ac387055db345425_img_vertical_1.jpg&v=3&w=1200&s=Y36D1szgDdBeW8cyMta5BE-j HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29351665
expires: Fri, 27 Oct 2023 01:49:25 GMT
date: Mon, 21 Nov 2022 08:34:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 69402
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flyle-scott%2F1300x1700%2Fylekn1455v_cgalaredmarl_vz824.jpg&v=3&w=400&s=uaOPxzlGp26AhrEbmcZGod_-&b=400
178.250.0.139200 OK 6.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flyle-scott%2F1300x1700%2Fylekn1455v_cgalaredmarl_vz824.jpg&v=3&w=400&s=uaOPxzlGp26AhrEbmcZGod_-&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 331x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6239dd59d62a37e420287115098f6576
fc37ddf1a9e6739c21f8bb7f8ba2ca2432fe5a32
9e51f6f09ed65a28d13c9c48bc3f7018f16bd76ddd979c1f55c469f834c9a507
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flyle-scott%2F1300x1700%2Fylekn1455v_cgalaredmarl_vz824.jpg&v=3&w=400&s=uaOPxzlGp26AhrEbmcZGod_-&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30849785
expires: Mon, 13 Nov 2023 09:58:05 GMT
date: Mon, 21 Nov 2022 08:34:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6686
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2F8848-altitude%2F1300x1700%2F8ae2304_cfallenrock_v009.jpg&v=3&w=400&s=cg6ik1dy5ocQJI0fq66wBNz7&b=400
178.250.0.139200 OK 8.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2F8848-altitude%2F1300x1700%2F8ae2304_cfallenrock_v009.jpg&v=3&w=400&s=cg6ik1dy5ocQJI0fq66wBNz7&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 215x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b7dda551e4c70b44d2aeb3f4cc28a3ae
560b5e0a8988a3e10ed6e04b64486661261f4f20
8f3697a749a368d8fc72507ecc29ff00312367b9a2015395c9a4b6d012b75136
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2F8848-altitude%2F1300x1700%2F8ae2304_cfallenrock_v009.jpg&v=3&w=400&s=cg6ik1dy5ocQJI0fq66wBNz7&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31023533
expires: Wed, 15 Nov 2023 10:13:53 GMT
date: Mon, 21 Nov 2022 08:34:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7964
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fadidas-originals%2F1300x1700%2Fadihd2047_cvivredwhite.jpg&v=3&w=400&s=0R5JfT3N_O0F6j0c4a5WD27C&b=400
178.250.0.139200 OK 4.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fadidas-originals%2F1300x1700%2Fadihd2047_cvivredwhite.jpg&v=3&w=400&s=0R5JfT3N_O0F6j0c4a5WD27C&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 180x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2b26ec161174be06a47bbf54f41b36fd
ddc5e380f78dbb4ef073e41d9a32769cf2905330
7c734f71b85bf70d89c2ab957d5e175ff6cbd3d528f599085d35ac2f71ee2ae3
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fadidas-originals%2F1300x1700%2Fadihd2047_cvivredwhite.jpg&v=3&w=400&s=0R5JfT3N_O0F6j0c4a5WD27C&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31264330
expires: Sat, 18 Nov 2023 05:07:11 GMT
date: Mon, 21 Nov 2022 08:34:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4686
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fselected-homme%2F1300x1700%2Fsel16053768_cblack_v179099.jpg&v=3&w=400&s=ron_lXEGc2MP8mbmq8BGQvVT&b=400
178.250.0.139200 OK 7.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fselected-homme%2F1300x1700%2Fsel16053768_cblack_v179099.jpg&v=3&w=400&s=ron_lXEGc2MP8mbmq8BGQvVT&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x241, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5f3d70ccdbb5c970b8c207bbff97d916
7cd2bf6378f32bf2fb4859632105c58d48cce2dc
51902510ceda682e284e45d13f651ef782ee9b11024edce8ae3d184dfae6a463
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fselected-homme%2F1300x1700%2Fsel16053768_cblack_v179099.jpg&v=3&w=400&s=ron_lXEGc2MP8mbmq8BGQvVT&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29760160
expires: Tue, 31 Oct 2023 19:17:40 GMT
date: Mon, 21 Nov 2022 08:34:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7690
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flindbergh%2F1300x1700%2Flin530705098t_cmidbrown.jpg&v=3&w=400&s=l46YaWkG4gA7WmjYM4Smm2Eg&b=400
178.250.0.139200 OK 4.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flindbergh%2F1300x1700%2Flin530705098t_cmidbrown.jpg&v=3&w=400&s=l46YaWkG4gA7WmjYM4Smm2Eg&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 341x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b944f08ae6feab3c66924485dfc89682
de9f4131f0884a326b89df54a37c2a7d219a4016
b4830ec7f133f87537d570616df4494466da2d5ce7295b03ac9dbe552c4eebff
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flindbergh%2F1300x1700%2Flin530705098t_cmidbrown.jpg&v=3&w=400&s=l46YaWkG4gA7WmjYM4Smm2Eg&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29278658
expires: Thu, 26 Oct 2023 05:32:38 GMT
date: Mon, 21 Nov 2022 08:34:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4930
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ffransa%2F1300x1700%2Ffra600238_casphaltmelange_v200123.jpg&v=3&w=400&s=nx6PCBBzN8kyBJlKmeM6ymkx&b=400
178.250.0.139200 OK 3.1 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ffransa%2F1300x1700%2Ffra600238_casphaltmelange_v200123.jpg&v=3&w=400&s=nx6PCBBzN8kyBJlKmeM6ymkx&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 155x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c52bd89b0eac5f3ef827bc754d540636
0bbd794455ca3638f9ba96afaa69f36a8295fe39
8e96178eef18a9c3d44282f48611757ba4be898ba264411632eb3a9633c49e55
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ffransa%2F1300x1700%2Ffra600238_casphaltmelange_v200123.jpg&v=3&w=400&s=nx6PCBBzN8kyBJlKmeM6ymkx&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31338319
expires: Sun, 19 Nov 2023 01:40:19 GMT
date: Mon, 21 Nov 2022 08:34:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 3116
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fabercrombie-kids%2F1300x1700%2Fakski2441502_cbrown_v40.jpg&v=3&w=400&s=tZulqflKsFl1Nh2LcBKLNGWX&b=400
178.250.0.139200 OK 8.8 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fabercrombie-kids%2F1300x1700%2Fakski2441502_cbrown_v40.jpg&v=3&w=400&s=tZulqflKsFl1Nh2LcBKLNGWX&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 298x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8e7000e3f653200825c48b7c8d2c204e
90074b915935b9c9cdb0ada605f7c48ad4b57428
31272432db61244c7b6b85fcb60f0e2878391a2b7c55ac1318af64c6d96de308
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fabercrombie-kids%2F1300x1700%2Fakski2441502_cbrown_v40.jpg&v=3&w=400&s=tZulqflKsFl1Nh2LcBKLNGWX&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31105425
expires: Thu, 16 Nov 2023 08:58:45 GMT
date: Mon, 21 Nov 2022 08:34:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8806
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flyle-scott%2F1300x1700%2Fylejk1354v_cjetblackmidgreymarl_vw149.jpg&v=3&w=400&s=9bCyuBJWRKpsefUqq1Fo6oVO&b=400
178.250.0.139200 OK 12 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flyle-scott%2F1300x1700%2Fylejk1354v_cjetblackmidgreymarl_vw149.jpg&v=3&w=400&s=9bCyuBJWRKpsefUqq1Fo6oVO&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 321x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7e583ffaef8ee556cd15c034fa0e81c9
9d44fba62b8b9eeb4cf481f910198189f9ed67b7
8d0fbd57edd1ee68a2b4ba81fe611cb55bc223dc17fa882ab709692c1c4f3e6a
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flyle-scott%2F1300x1700%2Fylejk1354v_cjetblackmidgreymarl_vw149.jpg&v=3&w=400&s=9bCyuBJWRKpsefUqq1Fo6oVO&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31196207
expires: Fri, 17 Nov 2023 10:11:47 GMT
date: Mon, 21 Nov 2022 08:34:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 12120
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf1642296804_cdarkbrown.jpg&v=3&w=400&s=c-zuvOpqQefLGkIHralWsGPA&b=400
178.250.0.139200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf1642296804_cdarkbrown.jpg&v=3&w=400&s=c-zuvOpqQefLGkIHralWsGPA&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x364, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e862c031475639aefb7830d71d6f2648
69fc727654c8dbe2de945307f1e062a2ab4b3d9b
e9eae91217e2a332d40ba194c41a12747e3766dcd40c22bd3e2ba6b2c1f3beac
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf1642296804_cdarkbrown.jpg&v=3&w=400&s=c-zuvOpqQefLGkIHralWsGPA&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30405502
expires: Wed, 08 Nov 2023 06:33:22 GMT
date: Mon, 21 Nov 2022 08:34:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10774
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgestuz%2F1300x1700%2Fges10903048_cburro.jpg&v=3&w=400&s=6mq_6HEIF97Swo4LtnjAeru_&b=400
178.250.0.139200 OK 7.4 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgestuz%2F1300x1700%2Fges10903048_cburro.jpg&v=3&w=400&s=6mq_6HEIF97Swo4LtnjAeru_&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 211x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 47a148a57b152534d8a16651c97bfec0
38b48fc2526bfba16fb5aaf657ce44d3a2cc83c9
44bf8da36bfd1baada768437a5c08f59232759d49e3590cec8fe343de135aef6
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgestuz%2F1300x1700%2Fges10903048_cburro.jpg&v=3&w=400&s=6mq_6HEIF97Swo4LtnjAeru_&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30176546
expires: Sun, 05 Nov 2023 14:57:26 GMT
date: Mon, 21 Nov 2022 08:34:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7392
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ffilippa-k%2F1300x1700%2Ffk26442_cblack_v1433.jpg&v=3&w=400&s=mv1GXNIifPeLMeupzn3VK8GT&b=400
178.250.0.139200 OK 3.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ffilippa-k%2F1300x1700%2Ffk26442_cblack_v1433.jpg&v=3&w=400&s=mv1GXNIifPeLMeupzn3VK8GT&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 193x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2c315dd189eede70cec218692117e1b3
1fec77c30c0f12a1747dc1c3fc00b6fa0d7bdff9
f17a5d2cc39e5bf2ca9e115f7e2ab11a0d08dcdab4523c15f69df99f3d428d4d
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ffilippa-k%2F1300x1700%2Ffk26442_cblack_v1433.jpg&v=3&w=400&s=mv1GXNIifPeLMeupzn3VK8GT&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30114006
expires: Sat, 04 Nov 2023 21:35:06 GMT
date: Mon, 21 Nov 2022 08:34:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 3002
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fpart-two%2F1300x1700%2Fptw30305663_cmoonlitocean_v194122.jpg&v=3&w=400&s=Rcs5Og49_ir0dh21pW2JEnjy&b=400
178.250.0.139200 OK 9.6 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fpart-two%2F1300x1700%2Fptw30305663_cmoonlitocean_v194122.jpg&v=3&w=400&s=Rcs5Og49_ir0dh21pW2JEnjy&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 252x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f83230d6ca9c3c80990edb698e0f7bf8
aafc95cd9f6649aa081d2aa9398000b0ccae93c4
1dccecbd37f6e7aeac97aec6c4c5cc3cad772e8cb803f8251e21458be0f5a66c
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fpart-two%2F1300x1700%2Fptw30305663_cmoonlitocean_v194122.jpg&v=3&w=400&s=Rcs5Og49_ir0dh21pW2JEnjy&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=28941240
expires: Sun, 22 Oct 2023 07:49:00 GMT
date: Mon, 21 Nov 2022 08:34:59 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9612
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
s.update.3lift.com/2/2.82.0/596918/1.gif
18.203.213.28200 OK 49 B URL HTTP/1.1 s.update.3lift.com/2/2.82.0/596918/1.gif
IP 18.203.213.28:0
File type GIF image data, version 89a, 2 x 1\012- data
Hash 703fe6e5eb1f8fb75c83ebb5ddf00873
4baf8feae7e0bb6e1b88829d41c5c3ed0fcfa31e
d8eb0eea39a37b88dc5af05c475212e7a86814b77e9f9814e88ab458e3b7111a
GET /2/2.82.0/596918/1.gif HTTP/1.1
Host: s.update.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 08:34:59 GMT
Content-Type: image/gif
Content-Length: 49
Timing-Allow-Origin: *
Vary: *
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Pragma: no-cache
Expires: 0
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
s.update.3lift.com/2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&sid=AaX0yBUMEAQw6D8v&oz_sc=a39eb670640f612e51409a30&oz_df=1669019700194&oz_l=101&cv=3
18.203.213.28200 OK 0 B URL HTTP/1.1 s.update.3lift.com/2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&sid=AaX0yBUMEAQw6D8v&oz_sc=a39eb670640f612e51409a30&oz_df=1669019700194&oz_l=101&cv=3
IP 18.203.213.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&sid=AaX0yBUMEAQw6D8v&oz_sc=a39eb670640f612e51409a30&oz_df=1669019700194&oz_l=101&cv=3 HTTP/1.1
Host: s.update.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 105
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 08:34:59 GMT
Content-Length: 0
Timing-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Origin: *
eb2.3lift.com/ev?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=9480596171993319908480&rev=6be1393&pr=0.008&bc=AAABhJlTguD_iS1t71HxjH2faOCt5iOq7rUwNQ%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669019697&bcud=10&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=86966
13.248.245.213200 OK 37 B URL HTTP/2 eb2.3lift.com/ev?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=9480596171993319908480&rev=6be1393&pr=0.008&bc=AAABhJlTguD_iS1t71HxjH2faOCt5iOq7rUwNQ%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669019697&bcud=10&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=86966
IP 13.248.245.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /ev?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=9480596171993319908480&rev=6be1393&pr=0.008&bc=AAABhJlTguD_iS1t71HxjH2faOCt5iOq7rUwNQ%3D%3D&bmid=2711&biid=7295&sid=67911&brid=476330&adid=11235855&crid=86007171&ts=1669019697&bcud=10&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=86966 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:35:00 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
mcdp-nydc1.outbrain.com/l?token=149bdbe60ae1ad2eee0a3e9536b84d59_178258_1669019699561&tm=820&eT=0&widgetWidth=970&widgetHeight=90&widgetX=0&widgetY=0&wRV=2000952&pVis=1&lsd=778f6138-fbe3-40b4-bae0-c55bd14a6859&eIdx=&cnsntV2=CPi0DH4Pi0DH4BBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cheq=0&rtt=473&oo=false&ab=0&wl=0
70.42.32.223200 OK 28 B URL HTTP/1.1 mcdp-nydc1.outbrain.com/l?token=149bdbe60ae1ad2eee0a3e9536b84d59_178258_1669019699561&tm=820&eT=0&widgetWidth=970&widgetHeight=90&widgetX=0&widgetY=0&wRV=2000952&pVis=1&lsd=778f6138-fbe3-40b4-bae0-c55bd14a6859&eIdx=&cnsntV2=CPi0DH4Pi0DH4BBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cheq=0&rtt=473&oo=false&ab=0&wl=0
IP 70.42.32.223:0
File type ASCII text, with no line terminators
Hash 377f144d3bb0cf9cf32318e02c9a0a27
cca7d87df98ec713fcb21cdaf937116d3cc00b1f
e11e6d8b2de0c0b8de968c82c7d56316e4ea02e1e8ad112e2a53e078b4f36e01
GET /l?token=149bdbe60ae1ad2eee0a3e9536b84d59_178258_1669019699561&tm=820&eT=0&widgetWidth=970&widgetHeight=90&widgetX=0&widgetY=0&wRV=2000952&pVis=1&lsd=778f6138-fbe3-40b4-bae0-c55bd14a6859&eIdx=&cnsntV2=CPi0DH4Pi0DH4BBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cheq=0&rtt=473&oo=false&ab=0&wl=0 HTTP/1.1
Host: mcdp-nydc1.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 08:35:00 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
X-TraceId: 52188d636afac47b52bef3ef1bcb8b40
access-control-allow-origin: *
access-control-expose-headers: content-range
content-encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 16ad4f67e356ad80bd634ce90491909b
2c2ed81085c1a0a5fbbd1dc9690dec0ea3945fd4
897810f7920c6054216ada92d91be3396e64a3820f539079afb7e5743592ef62
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5015
Cache-Control: max-age=157026
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 08:35:00 GMT
Etag: "637ae6ff-1d7"
Expires: Wed, 23 Nov 2022 04:12:06 GMT
Last-Modified: Mon, 21 Nov 2022 02:48:31 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
s.update.3lift.com/2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&sid=AaX0yBUMEAQw6D8v&oz_sc=a39eb670640f612e51409a30&oz_df=1669019700369&oz_l=576&cv=3
18.203.213.28200 OK 0 B URL HTTP/1.1 s.update.3lift.com/2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&sid=AaX0yBUMEAQw6D8v&oz_sc=a39eb670640f612e51409a30&oz_df=1669019700369&oz_l=576&cv=3
IP 18.203.213.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&sid=AaX0yBUMEAQw6D8v&oz_sc=a39eb670640f612e51409a30&oz_df=1669019700369&oz_l=576&cv=3 HTTP/1.1
Host: s.update.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 580
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 08:34:59 GMT
Content-Length: 0
Timing-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Origin: *
log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=149bdbe60ae1ad2eee0a3e9536b84d59&pvId=149bdbe60ae1ad2eee0a3e9536b84d59&sid=9270331&pid=178258&idx=0&wId=101&pad=2&org=0&tm=877&eT=3&cnsnt=CPi0DH4Pi0DH4BBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&wRV=2000952&pVis=1&lsd=778f6138-fbe3-40b4-bae0-c55bd14a6859&eIdx=0&oo=false&ab=0&wl=0
70.42.32.223200 OK 4 B URL HTTP/1.1 log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=149bdbe60ae1ad2eee0a3e9536b84d59&pvId=149bdbe60ae1ad2eee0a3e9536b84d59&sid=9270331&pid=178258&idx=0&wId=101&pad=2&org=0&tm=877&eT=3&cnsnt=CPi0DH4Pi0DH4BBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&wRV=2000952&pVis=1&lsd=778f6138-fbe3-40b4-bae0-c55bd14a6859&eIdx=0&oo=false&ab=0&wl=0
IP 70.42.32.223:0
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
GET /loggerServices/widgetGlobalEvent?rId=149bdbe60ae1ad2eee0a3e9536b84d59&pvId=149bdbe60ae1ad2eee0a3e9536b84d59&sid=9270331&pid=178258&idx=0&wId=101&pad=2&org=0&tm=877&eT=3&cnsnt=CPi0DH4Pi0DH4BBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&wRV=2000952&pVis=1&lsd=778f6138-fbe3-40b4-bae0-c55bd14a6859&eIdx=0&oo=false&ab=0&wl=0 HTTP/1.1
Host: log.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 08:35:00 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 4
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
X-TraceId: b4b953d798a48a14e8090aff57e9f3da
s.update.3lift.com/2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&sid=AaX0yBUMEAQw6D8v&oz_sc=a39eb670640f612e51409a30&oz_df=1669019700521&oz_l=1061&cv=3
18.203.213.28200 OK 0 B URL HTTP/1.1 s.update.3lift.com/2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&sid=AaX0yBUMEAQw6D8v&oz_sc=a39eb670640f612e51409a30&oz_df=1669019700521&oz_l=1061&cv=3
IP 18.203.213.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&sid=AaX0yBUMEAQw6D8v&oz_sc=a39eb670640f612e51409a30&oz_df=1669019700521&oz_l=1061&cv=3 HTTP/1.1
Host: s.update.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1065
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 08:34:59 GMT
Content-Length: 0
Timing-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Origin: *
csm.eu.criteo.net/all?cppv=3&cpp=thBdGB7jCZs5r2TrCIcObT0dy3sGs_VQeV7JBRun6SGvhWdnbr5O22-AD88G106OigUQdjUaWwPqcWR1YjLRH2oowXvsDTu3zNxzeRaGtWUy4rtQj0HiraeNzTMyrPzYONnLIdEEGgD_38jAyXEcp4KP5MOosz63tfqTDuY9qEXKocDdC7PAeQGi-BhDaKWEVrhywkb95pnw84Aqx6pv1nUjul21WTTwplAE-TZw3WTyS41tLYUYmrPeIL484IH7j9vW2gcjxYMt9C8o&sds=2&rev=83599&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=thBdGB7jCZs5r2TrCIcObT0dy3sGs_VQeV7JBRun6SGvhWdnbr5O22-AD88G106OigUQdjUaWwPqcWR1YjLRH2oowXvsDTu3zNxzeRaGtWUy4rtQj0HiraeNzTMyrPzYONnLIdEEGgD_38jAyXEcp4KP5MOosz63tfqTDuY9qEXKocDdC7PAeQGi-BhDaKWEVrhywkb95pnw84Aqx6pv1nUjul21WTTwplAE-TZw3WTyS41tLYUYmrPeIL484IH7j9vW2gcjxYMt9C8o&sds=2&rev=83599&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=thBdGB7jCZs5r2TrCIcObT0dy3sGs_VQeV7JBRun6SGvhWdnbr5O22-AD88G106OigUQdjUaWwPqcWR1YjLRH2oowXvsDTu3zNxzeRaGtWUy4rtQj0HiraeNzTMyrPzYONnLIdEEGgD_38jAyXEcp4KP5MOosz63tfqTDuY9qEXKocDdC7PAeQGi-BhDaKWEVrhywkb95pnw84Aqx6pv1nUjul21WTTwplAE-TZw3WTyS41tLYUYmrPeIL484IH7j9vW2gcjxYMt9C8o&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:35:00 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
s.update.3lift.com/2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&sid=AaX0yBUMEAQw6D8v&oz_sc=a39eb670640f612e51409a30&oz_df=1669019700703&oz_l=64&cv=3
18.203.213.28200 OK 0 B URL HTTP/1.1 s.update.3lift.com/2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&sid=AaX0yBUMEAQw6D8v&oz_sc=a39eb670640f612e51409a30&oz_df=1669019700703&oz_l=64&cv=3
IP 18.203.213.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&sid=AaX0yBUMEAQw6D8v&oz_sc=a39eb670640f612e51409a30&oz_df=1669019700703&oz_l=64&cv=3 HTTP/1.1
Host: s.update.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 68
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 08:35:00 GMT
Content-Length: 0
Timing-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Origin: *
s.update.3lift.com/2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&sid=AaX0yBUMEAQw6D8v&oz_sc=a39eb670640f612e51409a30&oz_df=1669019700881&oz_l=427&cv=3
18.203.213.28200 OK 0 B URL HTTP/1.1 s.update.3lift.com/2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&sid=AaX0yBUMEAQw6D8v&oz_sc=a39eb670640f612e51409a30&oz_df=1669019700881&oz_l=427&cv=3
IP 18.203.213.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&sid=AaX0yBUMEAQw6D8v&oz_sc=a39eb670640f612e51409a30&oz_df=1669019700881&oz_l=427&cv=3 HTTP/1.1
Host: s.update.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 431
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 08:35:00 GMT
Content-Length: 0
Timing-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Origin: *
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1efbc1792d49725863ed03bbbda2df2d
bc9dee4b03162fcb6d7ac73d3dce701397d3f9a8
ed0ee357284f4705872139724fdacd81d2b5cb368b7d848bbbdd326e72cdea5d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED0EE357284F4705872139724FDACD81D2B5CB368B7D848BBBDD326E72CDEA5D"
Last-Modified: Sun, 20 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15378
Expires: Mon, 21 Nov 2022 12:51:18 GMT
Date: Mon, 21 Nov 2022 08:35:00 GMT
Connection: keep-alive
s.update.3lift.com/2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&sid=AaX0yBUMEAQw6D8v&oz_sc=a39eb670640f612e51409a30&oz_df=1669019701047&oz_l=7327&cv=3
18.203.213.28200 OK 0 B URL HTTP/1.1 s.update.3lift.com/2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&sid=AaX0yBUMEAQw6D8v&oz_sc=a39eb670640f612e51409a30&oz_df=1669019701047&oz_l=7327&cv=3
IP 18.203.213.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&sid=AaX0yBUMEAQw6D8v&oz_sc=a39eb670640f612e51409a30&oz_df=1669019701047&oz_l=7327&cv=3 HTTP/1.1
Host: s.update.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 7331
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 08:35:00 GMT
Content-Length: 0
Timing-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Origin: *
9781dc9098.7a57cafe3d.com/health/
159.69.163.6200 OK 0 B URL HTTP/2 9781dc9098.7a57cafe3d.com/health/
IP 159.69.163.6:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /health/ HTTP/1.1
Host: 9781dc9098.7a57cafe3d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 21 Nov 2022 08:35:01 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
9781dc9098.7a57cafe3d.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImQiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkRyYW1hY29vbCUyQ0FzaWFuJTJDRHJhbWElMkNNb3ZpZXMlMkNhbmQlMkNLU2hvdyUyQ0VuZ2xpc2glMkNTdWIlMkNpbiUyQ0hEJTJDKDIwMjIpJTJDV2F0Y2glMkNhbmQlMkNkb3dubG9hZCUyQ0tvcmVhbiUyQ2RyYW1hJTJDbW92aWVzJTJDS3Nob3clMkNhbmQlMkNvdGhlciUyQ0FzaWFuJTJDZHJhbWFzJTJDd2l0aCUyQ2VuZ2xpc2glMkNzdWJ0aXRsZXMlMkNvbmxpbmUlMkNmcmVlJTJDRHJhbWFjb29sJTJDZm9yJTJDZXZlcnlvbmUhJTIwIiwibGFiZWxzIjoiNCw1LDYsNyw4LDksNDYsNDcsNTQsNTUsNjEsMTA5IiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTUyNDQ4NDQ5IiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MzMxOTIsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjAsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozOTcyLCJidHlwZSI6MH0sImJhbm5lciI6eyJ3IjoxLCJoIjoxfX1dLCJzaXRlIjp7ImlkIjoiMzMxOTIiLCJjYXQiOlsiSUFCMSJdLCJwYWdlIjoiaHR0cHM6Ly93d3cuZHJhbWFjb29sOS5jby8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgiLCJmcCI6bnVsbH0sImV4dCI6eyJkdCI6MTY2OTAxOTcwMTE1N319
159.69.163.6302 Found 0 B URL HTTP/2 9781dc9098.7a57cafe3d.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImQiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkRyYW1hY29vbCUyQ0FzaWFuJTJDRHJhbWElMkNNb3ZpZXMlMkNhbmQlMkNLU2hvdyUyQ0VuZ2xpc2glMkNTdWIlMkNpbiUyQ0hEJTJDKDIwMjIpJTJDV2F0Y2glMkNhbmQlMkNkb3dubG9hZCUyQ0tvcmVhbiUyQ2RyYW1hJTJDbW92aWVzJTJDS3Nob3clMkNhbmQlMkNvdGhlciUyQ0FzaWFuJTJDZHJhbWFzJTJDd2l0aCUyQ2VuZ2xpc2glMkNzdWJ0aXRsZXMlMkNvbmxpbmUlMkNmcmVlJTJDRHJhbWFjb29sJTJDZm9yJTJDZXZlcnlvbmUhJTIwIiwibGFiZWxzIjoiNCw1LDYsNyw4LDksNDYsNDcsNTQsNTUsNjEsMTA5IiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTUyNDQ4NDQ5IiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MzMxOTIsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjAsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozOTcyLCJidHlwZSI6MH0sImJhbm5lciI6eyJ3IjoxLCJoIjoxfX1dLCJzaXRlIjp7ImlkIjoiMzMxOTIiLCJjYXQiOlsiSUFCMSJdLCJwYWdlIjoiaHR0cHM6Ly93d3cuZHJhbWFjb29sOS5jby8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgiLCJmcCI6bnVsbH0sImV4dCI6eyJkdCI6MTY2OTAxOTcwMTE1N319
IP 159.69.163.6:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImQiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkRyYW1hY29vbCUyQ0FzaWFuJTJDRHJhbWElMkNNb3ZpZXMlMkNhbmQlMkNLU2hvdyUyQ0VuZ2xpc2glMkNTdWIlMkNpbiUyQ0hEJTJDKDIwMjIpJTJDV2F0Y2glMkNhbmQlMkNkb3dubG9hZCUyQ0tvcmVhbiUyQ2RyYW1hJTJDbW92aWVzJTJDS3Nob3clMkNhbmQlMkNvdGhlciUyQ0FzaWFuJTJDZHJhbWFzJTJDd2l0aCUyQ2VuZ2xpc2glMkNzdWJ0aXRsZXMlMkNvbmxpbmUlMkNmcmVlJTJDRHJhbWFjb29sJTJDZm9yJTJDZXZlcnlvbmUhJTIwIiwibGFiZWxzIjoiNCw1LDYsNyw4LDksNDYsNDcsNTQsNTUsNjEsMTA5IiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTUyNDQ4NDQ5IiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MzMxOTIsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjAsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozOTcyLCJidHlwZSI6MH0sImJhbm5lciI6eyJ3IjoxLCJoIjoxfX1dLCJzaXRlIjp7ImlkIjoiMzMxOTIiLCJjYXQiOlsiSUFCMSJdLCJwYWdlIjoiaHR0cHM6Ly93d3cuZHJhbWFjb29sOS5jby8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgiLCJmcCI6bnVsbH0sImV4dCI6eyJkdCI6MTY2OTAxOTcwMTE1N319 HTTP/1.1
Host: 9781dc9098.7a57cafe3d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.18.0
date: Mon, 21 Nov 2022 08:35:01 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://rtbrennab.com/banner/in/show/?mid=4966286363367356375&pid=0&site=33192&sc=NO&usage_type=DCH&subid=152448449&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=www.dramacool9.co&hostname=auc-banner-hz-7&site_id=0&spot_id=33192&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=100&ml=&tag_ab=d&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D33192%26source%3D152448449%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D33192%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DDramacool%252CAsian%252CDrama%252CMovies%252Cand%252CKShow%252CEnglish%252CSub%252Cin%252CHD%252C%282022%29%252CWatch%252Cand%252Cdownload%252CKorean%252Cdrama%252Cmovies%252CKshow%252Cand%252Cother%252CAsian%252Cdramas%252Cwith%252Cenglish%252Csubtitles%252Conline%252Cfree%252CDramacool%252Cfor%252Ceveryone%21%2520%26spot_id%3D33192%26p%3Dhttps%253A%252F%252Fwww.dramacool9.co%252F%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26btype%3D0%26score%3D100%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Dramacool%2CAsian%2CDrama%2CMovies%2Cand%2CKShow%2CEnglish%2CSub%2Cin%2CHD%2C(2022)%2CWatch%2Cand%2Cdownload%2CKorean%2Cdrama%2Cmovies%2CKshow%2Cand%2Cother%2CAsian%2Cdramas%2Cwith%2Cenglish%2Csubtitles%2Conline%2Cfree%2CDramacool%2Cfor%2Ceveryone!%20&stratagem=&ssp=3972
X-Firefox-Spdy: h2
s.update.3lift.com/2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&sid=AaX0yBUMEAQw6D8v&oz_sc=a39eb670640f612e51409a30&oz_df=1669019701200&oz_l=137&cv=3
18.203.213.28200 OK 0 B URL HTTP/1.1 s.update.3lift.com/2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&sid=AaX0yBUMEAQw6D8v&oz_sc=a39eb670640f612e51409a30&oz_df=1669019701200&oz_l=137&cv=3
IP 18.203.213.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2/2.82.0/596918/AaX0yBUMEAQw6D8v/postback?md=1&c1=2711&ti=9480596171993319908480&cb=1669019697&dt=5969181520951367361000&pv=9d27a6e7-7985-4bc6-ac4f-be2a32918b1f&pc=286958&di=dramacool9.co&dm=160x600&c2=67911&to=3&pp=11793&ci=596918&sr=12>=3144096&ai=476330&si=8936902&sid=AaX0yBUMEAQw6D8v&oz_sc=a39eb670640f612e51409a30&oz_df=1669019701200&oz_l=137&cv=3 HTTP/1.1
Host: s.update.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 141
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 08:35:00 GMT
Content-Length: 0
Timing-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Origin: *
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 71923a4a6b715ab23135a656745ad499
ecaac912b1868f4226422b41bee2fd04337b619c
29c5c1933d20ba1c8a73816f9767d66459eb35e3d32d865aecbdd92c67076479
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "29C5C1933D20BA1C8A73816F9767D66459EB35E3D32D865AECBDD92C67076479"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6677
Expires: Mon, 21 Nov 2022 10:26:18 GMT
Date: Mon, 21 Nov 2022 08:35:01 GMT
Connection: keep-alive
eb2.3lift.com/sync?
13.248.245.213200 OK 37 B IP 13.248.245.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /sync? HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:35:01 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
23.38.200.189200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 23.38.200.189:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: "623de86a-cf34"
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Tue, 22 Nov 2022 08:35:03 GMT
Date: Mon, 21 Nov 2022 08:35:01 GMT
Connection: keep-alive
Vary: Accept-Encoding
b1h-euc1.zemanta.com/usersync/prebid
213.227.153.221200 OK 26 B URL HTTP/1.1 b1h-euc1.zemanta.com/usersync/prebid
IP 213.227.153.221:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /usersync/prebid HTTP/1.1
Host: b1h-euc1.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 26
Connection: keep-alive
Date: Mon, 21 Nov 2022 08:35:01 GMT
acdn.adnxs.com/dmp/async_usersync.html
23.38.200.189200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 23.38.200.189:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: "623de86a-cf34"
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Tue, 22 Nov 2022 08:35:03 GMT
Date: Mon, 21 Nov 2022 08:35:01 GMT
Connection: keep-alive
Vary: Accept-Encoding
rtbrennab.com/banner/in/show/?mid=4966286363367356375&pid=0&site=33192&sc=NO&usage_type=DCH&subid=152448449&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=www.dramacool9.co&hostname=auc-banner-hz-7&site_id=0&spot_id=33192&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=100&ml=&tag_ab=d&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D33192%26source%3D152448449%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D33192%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DDramacool%252CAsian%252CDrama%252CMovies%252Cand%252CKShow%252CEnglish%252CSub%252Cin%252CHD%252C%282022%29%252CWatch%252Cand%252Cdownload%252CKorean%252Cdrama%252Cmovies%252CKshow%252Cand%252Cother%252CAsian%252Cdramas%252Cwith%252Cenglish%252Csubtitles%252Conline%252Cfree%252CDramacool%252Cfor%252Ceveryone%21%2520%26spot_id%3D33192%26p%3Dhttps%253A%252F%252Fwww.dramacool9.co%252F%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26btype%3D0%26score%3D100%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Dramacool%2CAsian%2CDrama%2CMovies%2Cand%2CKShow%2CEnglish%2CSub%2Cin%2CHD%2C(2022)%2CWatch%2Cand%2Cdownload%2CKorean%2Cdrama%2Cmovies%2CKshow%2Cand%2Cother%2CAsian%2Cdramas%2Cwith%2Cenglish%2Csubtitles%2Conline%2Cfree%2CDramacool%2Cfor%2Ceveryone!%20&stratagem=&ssp=3972
116.202.60.158302 Found 0 B URL HTTP/2 rtbrennab.com/banner/in/show/?mid=4966286363367356375&pid=0&site=33192&sc=NO&usage_type=DCH&subid=152448449&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=www.dramacool9.co&hostname=auc-banner-hz-7&site_id=0&spot_id=33192&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=100&ml=&tag_ab=d&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D33192%26source%3D152448449%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D33192%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DDramacool%252CAsian%252CDrama%252CMovies%252Cand%252CKShow%252CEnglish%252CSub%252Cin%252CHD%252C%282022%29%252CWatch%252Cand%252Cdownload%252CKorean%252Cdrama%252Cmovies%252CKshow%252Cand%252Cother%252CAsian%252Cdramas%252Cwith%252Cenglish%252Csubtitles%252Conline%252Cfree%252CDramacool%252Cfor%252Ceveryone%21%2520%26spot_id%3D33192%26p%3Dhttps%253A%252F%252Fwww.dramacool9.co%252F%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26btype%3D0%26score%3D100%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Dramacool%2CAsian%2CDrama%2CMovies%2Cand%2CKShow%2CEnglish%2CSub%2Cin%2CHD%2C(2022)%2CWatch%2Cand%2Cdownload%2CKorean%2Cdrama%2Cmovies%2CKshow%2Cand%2Cother%2CAsian%2Cdramas%2Cwith%2Cenglish%2Csubtitles%2Conline%2Cfree%2CDramacool%2Cfor%2Ceveryone!%20&stratagem=&ssp=3972
IP 116.202.60.158:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner/in/show/?mid=4966286363367356375&pid=0&site=33192&sc=NO&usage_type=DCH&subid=152448449&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=www.dramacool9.co&hostname=auc-banner-hz-7&site_id=0&spot_id=33192&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=100&ml=&tag_ab=d&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D33192%26source%3D152448449%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D33192%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DDramacool%252CAsian%252CDrama%252CMovies%252Cand%252CKShow%252CEnglish%252CSub%252Cin%252CHD%252C%282022%29%252CWatch%252Cand%252Cdownload%252CKorean%252Cdrama%252Cmovies%252CKshow%252Cand%252Cother%252CAsian%252Cdramas%252Cwith%252Cenglish%252Csubtitles%252Conline%252Cfree%252CDramacool%252Cfor%252Ceveryone%21%2520%26spot_id%3D33192%26p%3Dhttps%253A%252F%252Fwww.dramacool9.co%252F%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26btype%3D0%26score%3D100%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Dramacool%2CAsian%2CDrama%2CMovies%2Cand%2CKShow%2CEnglish%2CSub%2Cin%2CHD%2C(2022)%2CWatch%2Cand%2Cdownload%2CKorean%2Cdrama%2Cmovies%2CKshow%2Cand%2Cother%2CAsian%2Cdramas%2Cwith%2Cenglish%2Csubtitles%2Conline%2Cfree%2CDramacool%2Cfor%2Ceveryone!%20&stratagem=&ssp=3972 HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.18.0
date: Mon, 21 Nov 2022 08:35:01 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://btds.zog.link/in/912/?sid=33192&source=152448449&idzone=0&w=1&h=1&mo=&ve=&site_id=33192&utm1=&utm2=&utm3=&utm4=&ad_tags=Dramacool%2CAsian%2CDrama%2CMovies%2Cand%2CKShow%2CEnglish%2CSub%2Cin%2CHD%2C(2022)%2CWatch%2Cand%2Cdownload%2CKorean%2Cdrama%2Cmovies%2CKshow%2Cand%2Cother%2CAsian%2Cdramas%2Cwith%2Cenglish%2Csubtitles%2Conline%2Cfree%2CDramacool%2Cfor%2Ceveryone!%20&spot_id=33192&p=https%3A%2F%2Fwww.dramacool9.co%2F&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&btype=0&score=100&bf=0.0001
X-Firefox-Spdy: h2
eb2.3lift.com/sync?
13.248.245.213200 OK 37 B IP 13.248.245.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /sync? HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:35:01 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.171.85307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.171.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 21 Nov 2022 08:35:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 46ecab3a-2e72-4a43-8c36-db3a7091b3fd
Set-Cookie: uuid2=797065506500996643; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 19-Feb-2023 08:35:01 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.171.85200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.171.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 21 Nov 2022 08:35:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 84acf181-246a-4b42-a7a5-06d01b6ddeff
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ad57bb49fd0a0c51f775f8333c8f95eb
d03e1d15330f9766d1cc213e094bc435d820ce19
634779e6e6297d3e57bd60235f64d0b6aed60a39c81fd152cd3b69cf6225edd7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "634779E6E6297D3E57BD60235F64D0B6AED60A39C81FD152CD3B69CF6225EDD7"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8350
Expires: Mon, 21 Nov 2022 10:54:11 GMT
Date: Mon, 21 Nov 2022 08:35:01 GMT
Connection: keep-alive
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.171.85307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.171.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 21 Nov 2022 08:35:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 3c93a4b0-eda3-409d-b85c-ac1214075861
Set-Cookie: uuid2=7307749492378856643; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 19-Feb-2023 08:35:01 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
btds.zog.link/in/912/?sid=33192&source=152448449&idzone=0&w=1&h=1&mo=&ve=&site_id=33192&utm1=&utm2=&utm3=&utm4=&ad_tags=Dramacool%2CAsian%2CDrama%2CMovies%2Cand%2CKShow%2CEnglish%2CSub%2Cin%2CHD%2C(2022)%2CWatch%2Cand%2Cdownload%2CKorean%2Cdrama%2Cmovies%2CKshow%2Cand%2Cother%2CAsian%2Cdramas%2Cwith%2Cenglish%2Csubtitles%2Conline%2Cfree%2CDramacool%2Cfor%2Ceveryone!%20&spot_id=33192&p=https%3A%2F%2Fwww.dramacool9.co%2F&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&btype=0&score=100&bf=0.0001
109.206.181.2302 Found 0 B URL HTTP/2 btds.zog.link/in/912/?sid=33192&source=152448449&idzone=0&w=1&h=1&mo=&ve=&site_id=33192&utm1=&utm2=&utm3=&utm4=&ad_tags=Dramacool%2CAsian%2CDrama%2CMovies%2Cand%2CKShow%2CEnglish%2CSub%2Cin%2CHD%2C(2022)%2CWatch%2Cand%2Cdownload%2CKorean%2Cdrama%2Cmovies%2CKshow%2Cand%2Cother%2CAsian%2Cdramas%2Cwith%2Cenglish%2Csubtitles%2Conline%2Cfree%2CDramacool%2Cfor%2Ceveryone!%20&spot_id=33192&p=https%3A%2F%2Fwww.dramacool9.co%2F&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&btype=0&score=100&bf=0.0001
IP 109.206.181.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/912/?sid=33192&source=152448449&idzone=0&w=1&h=1&mo=&ve=&site_id=33192&utm1=&utm2=&utm3=&utm4=&ad_tags=Dramacool%2CAsian%2CDrama%2CMovies%2Cand%2CKShow%2CEnglish%2CSub%2Cin%2CHD%2C(2022)%2CWatch%2Cand%2Cdownload%2CKorean%2Cdrama%2Cmovies%2CKshow%2Cand%2Cother%2CAsian%2Cdramas%2Cwith%2Cenglish%2Csubtitles%2Conline%2Cfree%2CDramacool%2Cfor%2Ceveryone!%20&spot_id=33192&p=https%3A%2F%2Fwww.dramacool9.co%2F&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&btype=0&score=100&bf=0.0001 HTTP/1.1
Host: btds.zog.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.20.1
date: Mon, 21 Nov 2022 08:35:01 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://cdn.1vag.com/1x1.png
pragma: no-cache
vary: *
cache-control: no-cache, no-store, must-revalidate
set-cookie: 912.0=1; expires=Tue, 22 Nov 2022 08:35:01 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.171.85200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.171.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 21 Nov 2022 08:35:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: e4bea352-35b1-42b1-9545-cdfa3bfaf891
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
csm.eu.criteo.net/all?cppv=3&cpp=thBdGB7jCZs5r2TrCIcObT0dy3sGs_VQeV7JBRun6SGvhWdnbr5O22-AD88G106OigUQdjUaWwPqcWR1YjLRH2oowXvsDTu3zNxzeRaGtWUy4rtQj0HiraeNzTMyrPzYONnLIdEEGgD_38jAyXEcp4KP5MOosz63tfqTDuY9qEXKocDdC7PAeQGi-BhDaKWEVrhywkb95pnw84Aqx6pv1nUjul21WTTwplAE-TZw3WTyS41tLYUYmrPeIL484IH7j9vW2gcjxYMt9C8o&sds=2&rev=83599&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=thBdGB7jCZs5r2TrCIcObT0dy3sGs_VQeV7JBRun6SGvhWdnbr5O22-AD88G106OigUQdjUaWwPqcWR1YjLRH2oowXvsDTu3zNxzeRaGtWUy4rtQj0HiraeNzTMyrPzYONnLIdEEGgD_38jAyXEcp4KP5MOosz63tfqTDuY9qEXKocDdC7PAeQGi-BhDaKWEVrhywkb95pnw84Aqx6pv1nUjul21WTTwplAE-TZw3WTyS41tLYUYmrPeIL484IH7j9vW2gcjxYMt9C8o&sds=2&rev=83599&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=thBdGB7jCZs5r2TrCIcObT0dy3sGs_VQeV7JBRun6SGvhWdnbr5O22-AD88G106OigUQdjUaWwPqcWR1YjLRH2oowXvsDTu3zNxzeRaGtWUy4rtQj0HiraeNzTMyrPzYONnLIdEEGgD_38jAyXEcp4KP5MOosz63tfqTDuY9qEXKocDdC7PAeQGi-BhDaKWEVrhywkb95pnw84Aqx6pv1nUjul21WTTwplAE-TZw3WTyS41tLYUYmrPeIL484IH7j9vW2gcjxYMt9C8o&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:35:00 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6933f572b3f58d47021a9e378ceffc5e
c3a0de056265f5f63da14bb55ec9378dda3ef5f3
97e9993ebf223fdd3df98b4b1e319be0bc407d7ad487fada45df5d6910eca0db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "97E9993EBF223FDD3DF98B4B1E319BE0BC407D7AD487FADA45DF5D6910ECA0DB"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4303
Expires: Mon, 21 Nov 2022 09:46:44 GMT
Date: Mon, 21 Nov 2022 08:35:01 GMT
Connection: keep-alive
cdn.1vag.com/1x1.png
45.133.44.25200 OK 68 B IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /1x1.png HTTP/1.1
Host: cdn.1vag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:35:01 GMT
content-type: image/png
content-length: 68
server: nginx/1.20.1
last-modified: Wed, 15 Apr 2020 13:30:15 GMT
etag: "5e970c67-44"
cache-control: max-age=3600
x-request-id: 28eea0836f6cd5562d41ccabe8fa4a5b
expires: Mon, 21 Nov 2022 09:35:01 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.171.85307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.171.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 21 Nov 2022 08:35:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 095e604a-4378-4a48-92b8-977160fee179
Set-Cookie: uuid2=1617308060709459423; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 19-Feb-2023 08:35:01 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.171.85200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.171.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 21 Nov 2022 08:35:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 0ee9b9e1-502a-4412-9d35-6189c5edb95d
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.171.85307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.171.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 21 Nov 2022 08:35:02 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 28166ed8-db1e-4a0b-8104-6dcc34dd2892
Set-Cookie: uuid2=4844983844292827826; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 19-Feb-2023 08:35:02 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.171.85307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.171.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 21 Nov 2022 08:35:02 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: cb295d8b-8fda-4980-8a6e-9412140f6d92
Set-Cookie: uuid2=8706686334605875577; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 19-Feb-2023 08:35:02 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.171.85200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.171.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 21 Nov 2022 08:35:02 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: be3923dd-55d8-4e4d-84fc-a45b60ecabf8
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.171.85200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.171.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 21 Nov 2022 08:35:02 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: e5d53b51-35c4-48cc-a904-0f78565f975f
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
log.outbrainimg.com/api/loggerBatch/log-viewability
70.42.32.223200 OK 4 B URL HTTP/1.1 log.outbrainimg.com/api/loggerBatch/log-viewability
IP 70.42.32.223:0
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
POST /api/loggerBatch/log-viewability HTTP/1.1
Host: log.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 351
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 08:35:02 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 4
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
X-TraceId: b530e8c0af588eec271499082739addd
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.171.85307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.171.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 21 Nov 2022 08:35:02 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 04a8976b-fb1b-4d56-8e23-afb8bb8420bb
Set-Cookie: uuid2=5144682283061183452; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 19-Feb-2023 08:35:02 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.171.85200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.171.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 21 Nov 2022 08:35:02 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 9bf8ec1a-cf90-40f9-a1d7-d3f92c498aa3
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
mp.4dex.io/prebid
104.18.2.114200 OK 0 B IP 104.18.2.114:0
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1726
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:57 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://www.dramacool9.co
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76d816d6089f0b41-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
c.statcounter.com/t.php?sc_project=11857087&u1=53992E810DC74FA5590A4598C8EFAF58&java=1&security=513b4a2c&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//www.dramacool9.co/&t=Dramacool%3A%20Asian%20Drama%2C%20Movies%20and%20KShow%20English%20Sub%20in%20HD%20(2022)&invisible=1&sc_rum_e_s=3145&sc_rum_e_e=3149&sc_rum_f_s=0&sc_rum_f_e=3104&get_config=true
104.20.228.67200 OK 0 B URL HTTP/2 c.statcounter.com/t.php?sc_project=11857087&u1=53992E810DC74FA5590A4598C8EFAF58&java=1&security=513b4a2c&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//www.dramacool9.co/&t=Dramacool%3A%20Asian%20Drama%2C%20Movies%20and%20KShow%20English%20Sub%20in%20HD%20(2022)&invisible=1&sc_rum_e_s=3145&sc_rum_e_e=3149&sc_rum_f_s=0&sc_rum_f_e=3104&get_config=true
IP 104.20.228.67:0
GET /t.php?sc_project=11857087&u1=53992E810DC74FA5590A4598C8EFAF58&java=1&security=513b4a2c&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//www.dramacool9.co/&t=Dramacool%3A%20Asian%20Drama%2C%20Movies%20and%20KShow%20English%20Sub%20in%20HD%20(2022)&invisible=1&sc_rum_e_s=3145&sc_rum_e_e=3149&sc_rum_f_s=0&sc_rum_f_e=3104&get_config=true HTTP/1.1
Host: c.statcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:58 GMT
content-type: application/json
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
expires: Mon, 26 Jul 1997 05:00:00 GMT
set-cookie: is_unique=sc11857087.1669019697.0; SameSite=None; Secure; Expires=Saturday, 20-Nov-2027 16:34:57 CST; Path=/; Domain=.statcounter.com
is_visitor_unique=1669019697366923266; SameSite=None; Secure; Expires=Wednesday, 20-Nov-2024 16:34:57 CST; Path=/; Domain=.statcounter.com
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76d816d79995b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=m1KldFPwIPgxZ9g1CiVJ-eHJ0KU4y1cc439iX3PHHaP8mqVGu1yAqEW0epTKubW6x6Q1TIqgfGIvySuS1waxdF1m4EQNt5ACHnouPEXnCNNxWHHAs7380dEdKjIoT1NXVtk2Lilxipo7IcJqGQBwhdhjJIyKfE0hPWq4TDOZzbT5GmTf8u2AWnfbuzFyTRzFrLQ-BCG6ZEzw2fWy1mJD3fRJPSK-nH1WQznfkUQrUf0lrIF4fm1Qkq8m1OiPwCaE7NFUPhx0c1vRhYTOXhITYALOUCa89hwujqD-ZDbp-MeTo_2lYBkwhpxciMdPHBQn3NZsZsO6h5oA6TVMnWzXl6aX97gNtDw04ecjbuonXj0S_ZwklRDH9_E6m9Lr6AeuLbVp_EDiCwH7NuqkHxQsBNuxNg3D0T_mvZROmzf4IHzat6WwNm72nJlOiGiYchwyw5-YQg
178.250.2.148200 OK 0 B URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=m1KldFPwIPgxZ9g1CiVJ-eHJ0KU4y1cc439iX3PHHaP8mqVGu1yAqEW0epTKubW6x6Q1TIqgfGIvySuS1waxdF1m4EQNt5ACHnouPEXnCNNxWHHAs7380dEdKjIoT1NXVtk2Lilxipo7IcJqGQBwhdhjJIyKfE0hPWq4TDOZzbT5GmTf8u2AWnfbuzFyTRzFrLQ-BCG6ZEzw2fWy1mJD3fRJPSK-nH1WQznfkUQrUf0lrIF4fm1Qkq8m1OiPwCaE7NFUPhx0c1vRhYTOXhITYALOUCa89hwujqD-ZDbp-MeTo_2lYBkwhpxciMdPHBQn3NZsZsO6h5oA6TVMnWzXl6aX97gNtDw04ecjbuonXj0S_ZwklRDH9_E6m9Lr6AeuLbVp_EDiCwH7NuqkHxQsBNuxNg3D0T_mvZROmzf4IHzat6WwNm72nJlOiGiYchwyw5-YQg
IP 178.250.2.148:0
GET /delivery/lg.php?cppv=3&cpp=m1KldFPwIPgxZ9g1CiVJ-eHJ0KU4y1cc439iX3PHHaP8mqVGu1yAqEW0epTKubW6x6Q1TIqgfGIvySuS1waxdF1m4EQNt5ACHnouPEXnCNNxWHHAs7380dEdKjIoT1NXVtk2Lilxipo7IcJqGQBwhdhjJIyKfE0hPWq4TDOZzbT5GmTf8u2AWnfbuzFyTRzFrLQ-BCG6ZEzw2fWy1mJD3fRJPSK-nH1WQznfkUQrUf0lrIF4fm1Qkq8m1OiPwCaE7NFUPhx0c1vRhYTOXhITYALOUCa89hwujqD-ZDbp-MeTo_2lYBkwhpxciMdPHBQn3NZsZsO6h5oA6TVMnWzXl6aX97gNtDw04ecjbuonXj0S_ZwklRDH9_E6m9Lr6AeuLbVp_EDiCwH7NuqkHxQsBNuxNg3D0T_mvZROmzf4IHzat6WwNm72nJlOiGiYchwyw5-YQg HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:59 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3180750
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=0&pid=2e567e935d0840a1a3143e1db1b91859&sizes=[[300,250],[200,200],[250,250],[300,100]]&slotid=d2e26db6-2785-4b6b-9c06-ba695637d995&ts=1669019696351
52.204.242.76200 OK 0 B URL HTTP/2 api.purpleads.io/x/b/?idx=0&pid=2e567e935d0840a1a3143e1db1b91859&sizes=[[300,250],[200,200],[250,250],[300,100]]&slotid=d2e26db6-2785-4b6b-9c06-ba695637d995&ts=1669019696351
IP 52.204.242.76:0
GET /x/b/?idx=0&pid=2e567e935d0840a1a3143e1db1b91859&sizes=[[300,250],[200,200],[250,250],[300,100]]&slotid=d2e26db6-2785-4b6b-9c06-ba695637d995&ts=1669019696351 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Content-Type: application/json
x-purpleads-version: 2.2.12
x-request-url: aHR0cHM6Ly93d3cuZHJhbWFjb29sOS5jby8=
Authorization: Bearer b2ceb012c83b9a7144bd1478208f267a:9ab0b065d3810b2fd9aeb6065b8ee85871db6fe4c4ad32f49fd0fc672f69e09f3081599e2f6e24b5210a9db2e188856bcf18a03638f2ecaa4014d5b7915c430d
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:56 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id: db00a005-56f3-451e-b5be-4fb5be6e04ec
etag: W/"d36-RAvMZmeO5OhoIAtusZq63hbhG4E"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.uponelectabuzzor.club/27/baf66709eec2c7c7c82fd8256942b812
139.45.197.239200 OK 0 B URL HTTP/2 cdn.uponelectabuzzor.club/27/baf66709eec2c7c7c82fd8256942b812
IP 139.45.197.239:0
GET /27/baf66709eec2c7c7c82fd8256942b812 HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Cookie: scm=1; OAID=7d113af33fa043e8962bd03ee94b0cde; oaidts=1669019697
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 08:34:57 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Fri, 18 Nov 2022 05:30:07 GMT
expires: Fri, 18 Dec 2082 05:30:07 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
f.h12-media.com/?init=1&rnd=0.1533127272406256
172.64.160.23200 OK 0 B URL HTTP/2 f.h12-media.com/?init=1&rnd=0.1533127272406256
IP 172.64.160.23:0
GET /?init=1&rnd=0.1533127272406256 HTTP/1.1
Host: f.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:57 GMT
content-type: application/json; Charset=UTF-8
cache-control: max-age=3600,private
vary: Accept-Encoding
access-control-allow-origin: *
x-powered-by: ASP.NET, ARR/3.0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IaAXXoWhQDo7nkz20yK4KcoWOq9Zjxt1erN6mbGfWJw4zJjXQajC1GCtfMa6rMB%2FSf2LlVnHwlAYqYjrN%2FIFjliwDypyi63LuHzheaVRzB%2FEZrv45sgUbmMJeZhTomUyB8E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d816d39890e684-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/criteo_logo_2021.svg
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/criteo_logo_2021.svg
IP 178.250.2.130:0
GET /flash/icon/criteo_logo_2021.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 08:34:59 GMT
content-type: image/svg+xml
last-modified: Thu, 27 May 2021 13:21:59 GMT
etag: W/"60af9cf7-891"
expires: Thu, 16 Nov 2023 08:34:59 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy_small.svg
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy_small.svg
IP 178.250.2.130:0
GET /flash/icon/privacy_small.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 08:34:59 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
etag: W/"5e42ba84-6aa"
expires: Thu, 16 Nov 2023 08:34:59 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/animejs/animejs.js
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/animejs/animejs.js
IP 178.250.2.130:0
GET /animejs/animejs.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 08:34:59 GMT
content-type: text/javascript
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
etag: W/"5c9a64eb-3181"
expires: Thu, 16 Nov 2023 08:34:59 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
dramacool9.co/
172.67.190.162301 Moved Permanently 0 B IP 172.67.190.162:0
GET / HTTP/1.1
Host: dramacool9.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Mon, 21 Nov 2022 08:34:55 GMT
content-type: text/html
location: http://www.dramacool9.co/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vn4vaRlkDMQZ4y0SJLBweXlzVdXJgkuEUyszcAGX8gLGJ5NSKpxUs%2FgYpl%2FOgr1Li6O1fdFEW7X%2FM5u4qZnxCoo3%2FioAX3PwHghzKs3ZpkVITDSbNLBVkg20saGQtM8e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d816c62dccb4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
demand.bidgear.com/tag?z=1366&k=63033dbf298c0
104.26.3.107200 OK 0 B URL HTTP/2 demand.bidgear.com/tag?z=1366&k=63033dbf298c0
IP 104.26.3.107:0
GET /tag?z=1366&k=63033dbf298c0 HTTP/1.1
Host: demand.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:56 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _dsp_8_bg=U1c6c965d42194c85be2b7aadda0a3c53; Domain=bidgear.com; Expires=Tue, 21 Nov 2023 08:34:55 GMT; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z6GPuVl1C%2Bx1GVQmxDpTb5F6nUHQvyu1Yi%2FZLkgbbIGC9H2our%2BGLu75rDl3HKQ1%2FcXVJuc4MMo%2BhtPz80E7MNprLghGx0nnmdk88JRio36%2BxeWT%2FwGBHdKsR7IojMGxfjhmvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d816cb5a37b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.4dex.io/adagio.js
172.67.75.241200 OK 0 B IP 172.67.75.241:0
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:57 GMT
content-type: application/javascript
access-control-allow-headers: Authorization
access-control-max-age: 3000
x-amz-id-2: tx78dfa5b3d7f6402288d27-006352b9ec
access-control-allow-credentials: true
x-amz-request-id: tx78dfa5b3d7f6402288d27-006352b9ec
last-modified: Fri, 21 Oct 2022 15:24:42 GMT
etag: W/"c56b6332dacf72f135afcd153ae22448"
cache-control: public, max-age=1800
x-amz-version-id: 1666365881812584
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: HIT
age: 2269615
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aDeTP3Is50tIrP8YyKd1a8rYHr5JGZ6kqNyCxCHV8pQNXi79ORGQBaOga5MvhdczQF1pHyvFPWAhfrREsLlifDubwVPXCdnvTFVQ%2BZHmzVr9NmD12eFihqj8hkrHCLX7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76d816d60d130b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
js.wpadmngr.com/static/adManager.m.js
45.133.44.24200 OK 0 B URL HTTP/2 js.wpadmngr.com/static/adManager.m.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:55 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 15 Nov 2022 13:38:16 GMT
etag: W/"63739648-17810"
content-encoding: gzip
expires: Mon, 21 Nov 2022 08:39:55 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
source.bidgear.com/3199/2022-07-21/xxxBG61cbc826ab4d6.gif
104.26.3.107200 OK 0 B URL HTTP/2 source.bidgear.com/3199/2022-07-21/xxxBG61cbc826ab4d6.gif
IP 104.26.3.107:0
GET /3199/2022-07-21/xxxBG61cbc826ab4d6.gif HTTP/1.1
Host: source.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:56 GMT
content-type: image/gif
last-modified: Thu, 21 Jul 2022 04:25:34 GMT
vary: Accept-Encoding
etag: W/"62d8d53e-44abc"
cf-cache-status: HIT
age: 5132
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bkcCiQtR3KD84%2FbBqFgicjIYEDVA54rhv9JZjFLgc1jZ%2BqQ0IElrcQAg4SLuEzrEQ1Pn6el1Ge8J2l1zPVCg59nurW09D30Hlnzd2Jvf2UgP3jSfb4qgb%2BPnai2e%2FOxPhGXrGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d816cc8c0cb51d-OSL
X-Firefox-Spdy: h2
widget.nl.eu.criteo.com/dis/dis.aspx?pu=184677&cb=637b38321202b802ba56b883aeaa7b8b
178.250.2.151200 OK 0 B URL HTTP/2 widget.nl.eu.criteo.com/dis/dis.aspx?pu=184677&cb=637b38321202b802ba56b883aeaa7b8b
IP 178.250.2.151:0
GET /dis/dis.aspx?pu=184677&cb=637b38321202b802ba56b883aeaa7b8b HTTP/1.1
Host: widget.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:59 GMT
content-type: text/html
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
timing-allow-origin: *
server-processing-duration-in-ticks: 718654
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
prebid.media.net/rtb/prebid?cid=8CUT3342T
34.107.148.139200 OK 0 B URL HTTP/2 prebid.media.net/rtb/prebid?cid=8CUT3342T
IP 34.107.148.139:0
POST /rtb/prebid?cid=8CUT3342T HTTP/1.1
Host: prebid.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 4589
Origin: https://www.dramacool9.co
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 08:34:58 GMT
content-type: application/json;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
expires: Mon, 21 Nov 2022 08:34:58 GMT
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/adchoices_en.svg
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/adchoices_en.svg
IP 178.250.2.130:0
GET /flash/icon/adchoices_en.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 08:34:59 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
etag: W/"5e42b9ee-759"
expires: Thu, 16 Nov 2023 08:34:59 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
platform.bidgear.com/ads.php?domainid=2175&sizeid=3&zoneid=5787
104.26.3.107200 OK 0 B URL HTTP/2 platform.bidgear.com/ads.php?domainid=2175&sizeid=3&zoneid=5787
IP 104.26.3.107:0
GET /ads.php?domainid=2175&sizeid=3&zoneid=5787 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:55 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsfhfFzw42xtvxV%2BHyQY3hgAXQhuMPLuPx9oZTvoVvks8WxaSA98Od%2BgjZaCqiSBCMxPf2ZVuZaQ6RS3Do7ssc0r1NrQVcv9XzY%2BlVZIejuFqAH55WUPNYDypF6cbM3elJFDb14T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d816ca591eb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
platform.bidgear.com/ads.php?domainid=2175&sizeid=2&zoneid=6833
104.26.3.107200 OK 0 B URL HTTP/2 platform.bidgear.com/ads.php?domainid=2175&sizeid=2&zoneid=6833
IP 104.26.3.107:0
GET /ads.php?domainid=2175&sizeid=2&zoneid=6833 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:55 GMT
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AOcvtbLbfR35BdP0Z12kLa5eBXBhnEIRvYTGSJgniH3a5vkLn2lqgIKGKPbuXq6H2MktNNzdfk18ui1GClMgASJR2IlHJBK5%2B8SpG%2BY5x1T1gkAKXZfLJ8SDEUNd8rZ5ZFjA3xo1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d816ca6928b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
platform.bidgear.com/ads.php?domainid=2175&sizeid=2&zoneid=3133
104.26.3.107200 OK 0 B URL HTTP/2 platform.bidgear.com/ads.php?domainid=2175&sizeid=2&zoneid=3133
IP 104.26.3.107:0
GET /ads.php?domainid=2175&sizeid=2&zoneid=3133 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:55 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7GwFJT8shyvbUYS7yzAd1S35UCcy4KzAzzTOgQhk0oGONXJSnzRYjFxrsv2wj2Re%2BY0CDaYOQrWFiAOQf9Z%2BNYB4MHExXYv2PaiHf5A7n7TzRQJh7UHWZYoBgtAQtXjfjVaMe7k%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d816ca794eb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=1&pid=2e567e935d0840a1a3143e1db1b91859&sizes=[[160,600],[120,600]]&slotid=b7ba32ba-58bc-4d2a-9326-2a3156cd00b4&ts=1669019696353
52.204.242.76200 OK 0 B URL HTTP/2 api.purpleads.io/x/b/?idx=1&pid=2e567e935d0840a1a3143e1db1b91859&sizes=[[160,600],[120,600]]&slotid=b7ba32ba-58bc-4d2a-9326-2a3156cd00b4&ts=1669019696353
IP 52.204.242.76:0
GET /x/b/?idx=1&pid=2e567e935d0840a1a3143e1db1b91859&sizes=[[160,600],[120,600]]&slotid=b7ba32ba-58bc-4d2a-9326-2a3156cd00b4&ts=1669019696353 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dramacool9.co/
Content-Type: application/json
x-purpleads-version: 2.2.12
x-request-url: aHR0cHM6Ly93d3cuZHJhbWFjb29sOS5jby8=
Authorization: Bearer b2ceb012c83b9a7144bd1478208f267a:9ab0b065d3810b2fd9aeb6065b8ee85871db6fe4c4ad32f49fd0fc672f69e09f3081599e2f6e24b5210a9db2e188856bcf18a03638f2ecaa4014d5b7915c430d
Origin: https://www.dramacool9.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:56 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.dramacool9.co
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id: 11554cc0-f277-4ba7-85e4-cfe5c099eb56
etag: W/"d22-8Z0Q9A+AGKiCRayoIBbpVvh9FYY"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
104.21.84.149200 OK 0 B IP 104.21.84.149:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dramacool9.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 08:34:56 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 14:05:58 GMT
etag: W/"634eb2c6-32d9"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3444
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwvQ8Lhc4NYH2naMXT2bTgOuafezNKnz49b1G6qbbegOEXbMqc4zxinIfQ4pP39HWl6Oo22UvkVCTkk0GfxBCGcGuRn4uT229ni%2FoFp9x%2F0kFajkzFLA79%2FXlVvr5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76d816d1dea8b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy.svg
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy.svg
IP 178.250.2.130:0
GET /flash/icon/privacy.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 08:34:59 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
etag: W/"5e4d1491-646"
expires: Thu, 16 Nov 2023 08:34:59 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2