urlscan.io logo urlscan.io
SecurityTrails logo

dramathen.com Open in urlscan Pro
2606:4700:3032::ac43:d2aa  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rfdjuitgfokl.ajalo.com//t/wlx65x0qr/r0f656325x4611x84579x13325392x9044625x1256970252x4520258
Effective URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Submission: On May 20 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 11 domains to perform 64 HTTP transactions. The main IP is 2606:4700:3032::ac43:d2aa, located in United States and belongs to CLOUDFLARENET, US. The main domain is dramathen.com.
TLS certificate: Issued by E1 on April 17th 2022. Valid for: 3 months.
This is the only time dramathen.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Lion's Den Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 178.255.47.116 200088 (ARTNET2)
1 45.12.115.151 35913 (DEDIPATH-LLC)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
42 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 13.225.64.251 16509 (AMAZON-02)
2 104.19.135.78 13335 (CLOUDFLAR...)
1 7 35.186.226.184 15169 (GOOGLE)
3 2a03:2880:f11... 32934 (FACEBOOK)
2 2 107.178.246.49 15169 (GOOGLE)
4 2606:4700:303... 13335 (CLOUDFLAR...)
64 10
1    178.255.47.116 (Poland)

ASN200088 (ARTNET2, PL)
PTR: v47116.artnet.gda.pl
rfdjuitgfokl.ajalo.com
1    45.12.115.151 (Los Angeles, United States)

ASN35913 (DEDIPATH-LLC, US)
derbyholder.com
1    2606:4700:3036::ac43:a62d (United States)

ASN13335 (CLOUDFLARENET, US)
sieradistinct.com
42    2606:4700:3032::ac43:d2aa (United States)

ASN13335 (CLOUDFLARENET, US)
dramathen.com
1    2606:4700:3034::6815:22dd (United States)

ASN13335 (CLOUDFLARENET, US)
trk-tempore.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    13.225.64.251 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-64-251.ewr53.r.cloudfront.net
sc-static.net
2    104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)
a.mgid.com
7    35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com
tr.snapchat.com
3    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
4    2606:4700:3030::ac43:d1bf (United States)

ASN13335 (CLOUDFLARENET, US)
event.trk-tempore.com
Apex Domain
Subdomains		 Transfer
42 dramathen.com
dramathen.com
3 MB
7 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 1033
2 KB
5 trk-tempore.com
trk-tempore.com — Cisco Umbrella Rank: 79968
event.trk-tempore.com — Cisco Umbrella Rank: 181119
3 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
715 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 437
558 B
2 mgid.com
a.mgid.com — Cisco Umbrella Rank: 18545
6 KB
2 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1193
15 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
114 KB
1 sieradistinct.com
sieradistinct.com
788 B
1 derbyholder.com
derbyholder.com
446 B
1 ajalo.com
rfdjuitgfokl.ajalo.com — Cisco Umbrella Rank: 729482
297 B
64 11
Domain Requested by
42 dramathen.com derbyholder.com
dramathen.com
7 tr.snapchat.com 1 redirects sc-static.net
dramathen.com
4 event.trk-tempore.com trk-tempore.com
3 www.facebook.com dramathen.com
2 pixel.tapad.com 2 redirects
2 a.mgid.com dramathen.com
2 sc-static.net dramathen.com
tr.snapchat.com
2 connect.facebook.net dramathen.com
connect.facebook.net
1 trk-tempore.com dramathen.com
1 sieradistinct.com 1 redirects
1 derbyholder.com
1 rfdjuitgfokl.ajalo.com 1 redirects
64 12

This site contains no links.

Subject Issuer Validity Valid
derbyholder.com
R3		 2022-05-09 -
2022-08-07		 3 months crt.sh
*.dramathen.com
E1		 2022-04-17 -
2022-07-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-02-08 -
2023-02-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-02-27 -
2022-05-28		 3 months crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-01-27		 a year crt.sh
tr.snapchat.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-13 -
2023-01-13		 a year crt.sh

This page contains 5 frames:

Primary Page: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Frame ID: 3008F0E930D64A73F755A1EA4ACB8BB6
Requests: 57 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=cc25c7df-1e44-4f51-8ff1-8c175d6334c1
Frame ID: B4F452D61E9679756372771D9EF56EB3
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 16B9F4E346F2BB66D55C207C15785BD6
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 0ABDB3F1B583077C4B2CA6639380F01B
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1652888787603&pnid=140&pcid=7202aa7e-4b13-414f-8e79-1b87a5d29e7b
Frame ID: 8BCEC14CDCAC34C4414D7623DD15096E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GQ

Page URL History Show full URLs

  1. http://rfdjuitgfokl.ajalo.com//t/wlx65x0qr/r0f656325x4611x84579x13325392x9044625x1256970252x4520258 HTTP 302
    https://derbyholder.com/0/0/0/2d837fa7fea61968f8d928134a1270fb/605_5236_97548_1164/8520254_5264409/4... Page URL
  2. https://sieradistinct.com/en-3-1-1/index_2.php?id=23&s1=350314&s2=720682419&s3=991&s4=169 HTTP 302
    https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

64
Requests

98 %
HTTPS

50 %
IPv6

11
Domains

12
Subdomains

10
IPs

3
Countries

3458 kB
Transfer

3931 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rfdjuitgfokl.ajalo.com//t/wlx65x0qr/r0f656325x4611x84579x13325392x9044625x1256970252x4520258 HTTP 302
    https://derbyholder.com/0/0/0/2d837fa7fea61968f8d928134a1270fb/605_5236_97548_1164/8520254_5264409/42673711 Page URL
  2. https://sieradistinct.com/en-3-1-1/index_2.php?id=23&s1=350314&s2=720682419&s3=991&s4=169 HTTP 302
    https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://rfdjuitgfokl.ajalo.com//t/wlx65x0qr/r0f656325x4611x84579x13325392x9044625x1256970252x4520258 HTTP 302
  • https://derbyholder.com/0/0/0/2d837fa7fea61968f8d928134a1270fb/605_5236_97548_1164/8520254_5264409/42673711
Request Chain 57
  • https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1653089568143 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1652888787603%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1652888787603%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://tr.snapchat.com/cm/p?rand=1652888787603&pnid=140&pcid=7202aa7e-4b13-414f-8e79-1b87a5d29e7b

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
42673711
derbyholder.com/0/0/0/2d837fa7fea61968f8d928134a1270fb/605_5236_97548_1164/8520254_5264409/
Redirect Chain
  • http://rfdjuitgfokl.ajalo.com//t/wlx65x0qr/r0f656325x4611x84579x13325392x9044625x1256970252x4520258
  • https://derbyholder.com/0/0/0/2d837fa7fea61968f8d928134a1270fb/605_5236_97548_1164/8520254_5264409/42673711
152 B
446 B 		Document
General
Check archive.org
Download Go to
Full URL
https://derbyholder.com/0/0/0/2d837fa7fea61968f8d928134a1270fb/605_5236_97548_1164/8520254_5264409/42673711
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.12.115.151 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
152
content-type
text/html; charset=UTF-8
date
Fri, 20 May 2022 23:32:47 GMT
server
Apache

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Fri, 20 May 2022 23:32:43 GMT
Location
https://derbyholder.com/0/0/0/2d837fa7fea61968f8d928134a1270fb/605_5236_97548_1164/8520254_5264409/42673711
Server
Apache
X-Powered-By
PHP/5.3.3
Primary Request /
dramathen.com/en-3-1-1/
Redirect Chain
  • https://sieradistinct.com/en-3-1-1/index_2.php?id=23&s1=350314&s2=720682419&s3=991&s4=169
  • https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
28 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Requested by
Host: derbyholder.com
URL: https://derbyholder.com/0/0/0/2d837fa7fea61968f8d928134a1270fb/605_5236_97548_1164/8520254_5264409/42673711
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb6ca30f6041e4ae9925e5c27b92b1c3483339ba91f02d4399ee8cb16120f8af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://derbyholder.com/0/0/0/2d837fa7fea61968f8d928134a1270fb/605_5236_97548_1164/8520254_5264409/42673711
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
70e8dfa57d6b7154-YUL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 20 May 2022 23:32:47 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UjLCdLNdqKc57UpM0OFeH%2BxRQRuAAyoPx2tlA4ZVKT0BxBqncvPIXqppi3Ic4ILpZULTsPteqvxKlAJxsYL0MLmHhu1GW0EKZmR5954iADdOoMRe2V7mSmCO6M1APkwTeb%2B%2F0FsC6g37s4cm"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
70e8dfa448a9ca53-YUL
content-type
text/html; charset=UTF-8
date
Fri, 20 May 2022 23:32:47 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDx3poM6s9h4Dd2xJ%2FMvUV0vCGkA2uCgsoPE9f6nWZ2Dr5LfNIN7JJ7YIMAozFwHOhoMxxg7WyLEaIntP2EUKe7ZO5vccy9VFhpa534VYIGmyflHnD1fRzJMjK2TVdyjrnx5cH30GjFn9IHgFvugfA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block
stylehome.css
dramathen.com/en-3-1-1/assets/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dramathen.com/en-3-1-1/assets/stylehome.css
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d58d2b845f7f0acbfc1e66fd06334ab955c78e20a2b98fe526941db84d4e2ecf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413815
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 03 Mar 2020 18:25:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FznoF5%2B11EGkEm%2FexPZOI9sfHwKzWdDoTtm%2BdeW%2FEt2CC8gsKD6%2BLaZDEp1PbeUyHj%2Ft3hL6kiC39yj6opgw0Eies5aQAnRMAMXcgRIFgLm2%2BLrMYLVtEguNR%2Bh84h5tIUO3WHqth5rxuGJa"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
70e8dfa68f217154-YUL
expires
Mon, 23 May 2022 04:35:52 GMT
media.styles.home.css
dramathen.com/en-3-1-1/assets/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dramathen.com/en-3-1-1/assets/media.styles.home.css
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d32b089876a1b30ec52f286900c7311601c0868416123630b4c308f1c1f61d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413815
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:15:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FGLD5TMWiPEVUhyk5vg88BysHJJGWjVbXqYwiUHbACqz%2F9beh63Gha7lDPAHgyIv2eBIB2dt%2FhYiuGIYHdk4HvfHLJ527VTqNhcKIWxcg%2BNUqKXyNAU17zdE5j7ADSsPZVYx0W7o4pHO34DJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
70e8dfa68f247154-YUL
expires
Mon, 23 May 2022 04:35:52 GMT
normalize.css
dramathen.com/en-3-1-1/assets/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dramathen.com/en-3-1-1/assets/normalize.css
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a10844d60cd0fd12d194780a7d5521ac07b4dc525b40b9938d8e6780424f85d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413815
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:15:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ZipO3gnfCTwT4NVXBkAhS7TkiZNfyxUWXtknqPLCs4BFcwH8Dkzoz7uPpQRp%2BhAd0RYx%2BnPi50XWBwFWaYrwNCxieTkpgnDdVMfv6bcoTtd4j4ZvWsc%2Fjv9YuOAID%2Fl3N3MeMbhSP50N7da"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
70e8dfa68f287154-YUL
expires
Mon, 23 May 2022 04:35:52 GMT
css.css
dramathen.com/en-3-1-1/assets/ 		0
0
css(1)2.css
dramathen.com/en-3-1-1/assets/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dramathen.com/en-3-1-1/assets/css(1)2.css
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33e97e4cdd1c76bfaac07700268328f23c99b16f9f25938068432987327f42b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413815
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 03 Mar 2020 18:14:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=337nbJNsWorBrG1OpchKpfY5yVLzdSJ9w5DazzLPENCj94UF%2BB00IJ6QaHqUBa0tuLcxlvMOzL7gCz1TsHJllfKkn6w%2BiD%2BrveM2laqiAVjzXIihxHuOk47WUic5b2mQsiq08COF1Mfg9sxC"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
70e8dfa69f2a7154-YUL
expires
Mon, 23 May 2022 04:35:52 GMT
all.css
dramathen.com/en-3-1-1/assets/ 		68 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dramathen.com/en-3-1-1/assets/all.css
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15488250d587b1a0bd0c5da73cad740221972996546a199fb3dcc4c7a0693089
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Origin
https://dramathen.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413815
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 03 Mar 2020 18:27:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLzxug7g8YTxngmv%2F0x0w2kJilHfFJ8t8oQh1Xd7MGOOkyz%2FrnlToY4QgEZdXH53iImzAPmLPyNXSMIGI0x3KkNRMiJh0tMnijJ8Tzbk4LGGBMTh6aVkbv85MzKFS2xDRWdlqMGfFBpBEsCS"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
70e8dfa69f2e7154-YUL
expires
Mon, 23 May 2022 04:35:52 GMT
jquery-3.3.1.min.js
dramathen.com/en-3-1-1/assets/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dramathen.com/en-3-1-1/assets/jquery-3.3.1.min.js
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413815
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:15:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7X8qIYJ8r9q2eCdNbt1iyRhRAzLjGU0bhQ%2B95BthkWSmpovzVNQTUG7NUz9lwN0bl1ueYlBFDteQb2rYrhkvnDLvuklNVC0xomiBp6Zco6AF1OVihd60yiXrDRqV4%2BtRrk%2FFd9bEd%2BIivcB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
70e8dfa69f327154-YUL
expires
Mon, 23 May 2022 04:35:52 GMT
msg.js
dramathen.com/inc/ 		941 B
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dramathen.com/inc/msg.js
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfb6708f8e8d5277007f904e261d1e4c7dc1c9240b04bbaccf4ddf472b3cc95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413815
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 10 Feb 2022 13:35:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtCOQ3ZAPusM0SfN3j1xgQTNdlkgPajl0cgEH0SU1njMWYgzhFZh4SVp97a78Tm6VTrJtNCtpha5fVlBjQsgDj6FeK%2FERsPp1yD2poL3SjqIVyKzucOlsHCi2HwZHqscP%2BjT%2BOux5NR6Qr1f"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding,User-Agent,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
70e8dfa69f367154-YUL
expires
Mon, 23 May 2022 04:35:52 GMT
fbcode1.js
dramathen.com/inc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dramathen.com/inc/fbcode1.js
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43fccd349655df7497727c1c95d4fd97033f8aaf649067cbafb2b6d2751cf340
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413815
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 07 Oct 2020 23:35:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2roAg9Sm%2FdZuvfY%2B13h6Ex6ihFc1hZXpsXi1KoVa9euLqPtIoQZdZQJfYCjUDimXP7EM5g%2B4Z6%2FrGNjGWknxhL2xSfDvXg8jFVUFpFEFxLQJfVdJyysYsms2FPoF1aCi%2BY4jLePiFs38fbU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding,User-Agent,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
70e8dfa69f377154-YUL
expires
Mon, 23 May 2022 04:35:52 GMT
menu_icon.png
dramathen.com/en-3-1-1/assets/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/menu_icon.png
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3adb041090c177f537a9fe8eaba68f263c2db05093fceeb81402600ea987e362
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413815
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15503
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:19:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRsIyxH%2Bft3SKp7p8gWSSqBXpEpe2JqmeTz79nkZOZIxMxx%2FMICJF2YLig%2F0m0WXknTZRwduK1Xi0E2fe5fIkuQr87fUQP8TMShhpTo3KO5fVFtbXBfroWDklxGVFNDDUu0w2Sx82RI7Yt0F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa6cf7d7154-YUL
expires
Mon, 23 May 2022 04:35:52 GMT
gq_logo.png
dramathen.com/en-3-1-1/assets/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/gq_logo.png
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acfb20c4e45023943289876b0509f910c1f09e536a46af718538441c6c8f7d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413814
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26829
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:19:36 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6ZmgofIiIXg%2BqfbyTRRcJ6adPgvRsixn9URz9pe1%2Ft4aQOld5DjW9QxfgDSNhhQ%2Br1iOOJLIx7wRhD3Ok%2FuzYfzaL5NId%2FSfAb1Og36NyP2TAFJrOD5WGBCro20oUhyibudFTqDC9IYeUCt"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa6ebbb714b-YUL
expires
Mon, 23 May 2022 04:35:53 GMT
pic1.jpg
dramathen.com/en-3-1-1/assets/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/pic1.jpg
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51fbcded2ea45ee24f4910b6d4721e01b7799cf20a833c5fbeb667bb9a806c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413814
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21398
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:19:32 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mEsuTG%2B5NfEDfYwSBiyIFLkbxY62hQpX8vWj6oXHPRknZLtn8n3ahdmGRGHg%2B%2B%2FzvFfqq8fmrSMzYYXVXG4BlqPhsRtDjHxwVXp3NowU6samWT1kWshQQvRReYJdHzl0cW3SzLa6476sXDXg"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa6fbbc714b-YUL
expires
Mon, 23 May 2022 04:35:53 GMT
pic2.jpg
dramathen.com/en-3-1-1/assets/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/pic2.jpg
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83bc8dcab86bd2d534f9879f40766e5215b888d3e5f80296c0584664d3d4c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413814
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21004
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:19:22 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oW%2Ft4hDY7VnIvJqnf8YCYMa%2FfIJK6bXsX2aVfMgnMmc4w5nRLaJhgZjI28tAqchvU2MjoG2JZXZNTS1Cy5%2BEWOlqzVdGxb4l2Ozmzfut6Ccl48zuOY%2FdKhOxfWJoyJ65koUplEKNRUuW80yc"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa70bd1714b-YUL
expires
Mon, 23 May 2022 04:35:53 GMT
pic3.jpg
dramathen.com/en-3-1-1/assets/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/pic3.jpg
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a436f6e9fac6f797912fbcd4d4f16ee6015a7d0ae99d0aba11280f1b65562853
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413814
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23577
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:19:20 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6SwJZuyhk3meqHfeUVCiXOSac%2BTf96crq4dl5pEuN52WAo%2F979kD7e4LeisoHdK30jRtlZCTjvJo2el7sUyTHIwIhuS9ZhnkIIDiyBVbsT83BeU6gxf8d0sLkoEJec60S0Nyq4Oy6w04LUH"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa70bd2714b-YUL
expires
Mon, 23 May 2022 04:35:53 GMT
pic4.jpg
dramathen.com/en-3-1-1/assets/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/pic4.jpg
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13822ffed601ca9c7ab190faca42ee4c4552923f750349063dddc0847c5e3b4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38531
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19666
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:19:16 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhWSkBXKYjt4Lt%2Fl%2FWeZ%2BX6bCzLJnVOJgfhNNBsuvYQSw1tIRuQ31bF5AGloroGILRshjmkqi%2F79LP%2BAjpKEsMUWz8JQwdErtghLwo5UPwoQVXik0bcDdVqDmhYX1ZEc%2BmJYNC9njjhGZhY%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa70bda714b-YUL
expires
Fri, 27 May 2022 12:50:35 GMT
pic5.jpg
dramathen.com/en-3-1-1/assets/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/pic5.jpg
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d526fad070c76f88e2da30db5c682735e9688ae53c70a8f3a891cb7621dbed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38531
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22272
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:19:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHofy4tvgmOQ52XxHw%2BjjiGPDBfFR2lSi0jprarbrrLfBLuIbbKhM3ofz9GfTisZG3v6ofqmDOzklgvop8L7MkZsU9v5ufDZ58Q8WtNHrcJHkDpRfSjvVCYQV%2FlFwPtZvaaq2OFqEmEvXwZo"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa70bdb714b-YUL
expires
Fri, 27 May 2022 12:50:35 GMT
pic6.jpg
dramathen.com/en-3-1-1/assets/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/pic6.jpg
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0a5607c5dc1515f3d370b114f2ce55f3979d9e5677821f14b854c47f71f09b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38531
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26888
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:18:30 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBLWFxa0qrkTsAKmiV6W4ZaDXJL8p0hAi2az1zMwcW6jAyVVixUEkMLzxIENKkpuppVVjZVJsglT0fuVfr2GPNKg%2B2zU1QwwQs7%2Bj94PX4dl7hvjn5jHsm4ufSq5ijtg1FXIvfKux%2BNRABES"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa70bdf714b-YUL
expires
Fri, 27 May 2022 12:50:36 GMT
pic7.jpg
dramathen.com/en-3-1-1/assets/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/pic7.jpg
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a63adf7b7e9675b57340e7346b44bfa102244d7706f3dcfc93167e6ca6f448c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413814
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21211
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:18:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r51iYjqhGi77K3saApWwicdP6mTWgMW4PBlL6HaFE%2Fiy6nvJQzQgsFiqLuNGcQ5cXOUZvG7%2BIdCldN3SfmEdJwVIcxV4N%2B575xNh7o2VX68so2mIC14F8ju3tknid9VCufOieoWv0reo%2Byky"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa70be1714b-YUL
expires
Mon, 23 May 2022 04:35:53 GMT
pic8.jpg
dramathen.com/en-3-1-1/assets/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/pic8.jpg
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d3481d538ff6f39043c79c2d6ba3e0b75e3e646ba7307c874a9d9bdf91a24dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413814
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18635
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:18:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shraddgSbMgNz%2FDLLIe3xiaxCH66ks%2Bm9oeCcXH0DkrKnhgkU%2Fpw1%2Fgl3lTykNbP7KD%2FmC3hFhQ%2FdV4Rxzuq532ojTMOzcwcdqVATHpGIW2TbGTbSlxF2UZ4HRP6KWsaQ9DTz4Qk58IWO76V"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa70be2714b-YUL
expires
Mon, 23 May 2022 04:35:53 GMT
pic9.jpg
dramathen.com/en-3-1-1/assets/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/pic9.jpg
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
232e8bfeb616bbf7b18a25712882c00c1a1d546ce3873c055c49cb35ef648054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38531
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23697
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:18:22 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5yfIhjWATgXSXMS0GdGBV97dcNM%2BsWf%2FpWacOQER9OQ9ccP0xLSPb54sEEh8%2Fwpblksgjl5q9R91NLtcTZLHFD0K44UWf%2BtFZ2NpuDBd00fHVOLKWAAaEdKafoxHSm%2BZri25bKtsSVtP1Wr"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa71be4714b-YUL
expires
Fri, 27 May 2022 12:50:36 GMT
pic10.jpg
dramathen.com/en-3-1-1/assets/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/pic10.jpg
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abc9583e8d949ef66df3245119bd80a865ea464de96f5c381cbbeaa12f2a497f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413814
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20053
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:19:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3bVFGu5Yohbo6g30osJRf0gVkJnemT6EJRL9HCsGZK694h5%2FmLn3uXQ1%2BCxvzKJcgNyDbZRfqUWSmWjm4CLI0moV3boneFQkokSTD11TODEoiCO4McFwDAYZpqdGbJym4cpYvsz%2FpB0DVE4v"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa71be5714b-YUL
expires
Mon, 23 May 2022 04:35:53 GMT
pic11.jpg
dramathen.com/en-3-1-1/assets/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/pic11.jpg
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9d07e8444ee37797a824fbf89f0a0d3553e01289185be0400ff7ef13afa9950
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413814
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20009
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:19:26 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZoEhIDPAqFaVYHJb%2BD2votZalZcgY%2B6ATvJ%2FyacPepQFdG78%2FLHasVme9rerB3y9nn2rzEQ9riMDxBdXnoknRQLB0TEPsnSmui%2FIzda9JwqGzYhusuU3bYM57mn2HKyNP4ZY0wbUK87PB5f"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa71be6714b-YUL
expires
Mon, 23 May 2022 04:35:53 GMT
vi_top.jpg
dramathen.com/en-3-1-1/assets/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/vi_top.jpg
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
217ae52225102032da93065a804628b20e0e4ddd283a34338ab8c9c867e20b2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413814
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
93603
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:18:16 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utMwOkx3uzbFp0qjl2bmcwFEq3%2Fa9PpAPCQNR%2FKhT6UkakUQYNZzBP8YqhlvyoaQxzrO4AssAbvs7h8qtlRdJEtFcSMyPspeqyo8fM8p0OdoF8pBoq4TI55pOTebI94U13ia5umJKrYCcbr0"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa71be7714b-YUL
expires
Mon, 23 May 2022 04:35:53 GMT
461777879.jpg
dramathen.com/en-3-1-1/assets/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/461777879.jpg
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f58ea7dfe34f0f6c590e3bad2f46e132b8d114e8cfd64b4ce5e71c65524af2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413814
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
53241
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:19:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kPrmbns8BC%2Fe%2FlDwiqHTeICuYSqoqu9XSgPR5HKVIibMsRjzFS4D5aem1J21RfIX%2F4sjeXDBHGmIYl26Ar4bmwAYfuYmHgj7h8hyWhk5mbjuS0ODeEKAnRqyTMt%2Fiu9A%2B%2FzfY0rviAXw90L"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa71bea714b-YUL
expires
Mon, 23 May 2022 04:35:53 GMT
2444.jpg
dramathen.com/en-3-1-1/assets/ 		377 KB
378 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/2444.jpg
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d39273233cc7cef9386b2926077b1c556ac2fb39b84104dc1d8663310f612694
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413814
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
385955
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:19:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLTFk4H1U3OIbTncxHRM%2F2YQVMp90XqPEpLQ9Loxu8DuiUtpZ7fVcMPlr5pdhWd5x2AU39GY5%2FuS1GqpTQ1NdaYLoRCcl%2BPkGycelW7VKyXPpouWLkiK%2Bk8kqmGPzkkCihwP2LKSdyt5hlon"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa71bee714b-YUL
expires
Mon, 23 May 2022 04:35:53 GMT
sensual.jpg
dramathen.com/en-3-1-1/assets/ 		593 KB
594 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/sensual.jpg
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e46f6b4f26b01c07c007271ba3fa7f9ace95641478d0d5c5fc256cdda4351ded
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413814
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
607317
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:18:20 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2Bl49Ij%2FF73iQeERkeRa0x5k5F9dwRdE%2FLIsPrK4LMjgeYefyH%2FU8vv4TrdyNu%2BdrF2WLDOwUVDdTIg%2F3l%2Bm89S%2FlYw7vxLMw2QDxEaJWjA3GhCwyqS2b%2BFhP9LuapmT1kxGCQx7yS9rIPuQ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa71bf2714b-YUL
expires
Mon, 23 May 2022 04:35:53 GMT
image.php
dramathen.com/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/image.php?img=productimages/1629839443.png
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9de746af69a7bfc61859836df6cc3807ad68a611c14e44ac853b69750158cae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:48 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUisFLQKmNagwotkHYlwyzU%2BV9DJ6buWKr7hu3n%2BrwKl%2FU5TArCXoJ15XbO5UsCkb%2F4HnzeWbXFa8Zmtgxn5OpZmBlBeSsoV0lickDPjOYNmojQNJ4DqWXI4gfOWBl0H%2BR4f4XlCiWrDTNaD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
70e8dfa71bf3714b-YUL
expires
Fri, 27 May 2022 23:32:47 GMT
button.png
dramathen.com/en-3-1-1/assets/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/button.png
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
437e8ee2f95b83ac2b42df78ecdcc8478721d69df1c560e95a5a93378621a7a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413814
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24112
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:19:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Zdumd%2FMzfot%2F%2FKSPcAgZ%2B%2FwhLIdW6HGtmYrg5MeyaEB46a669I%2BpzmNcH3gOM7i2hajEdIoJGCuAz23BlLlIv5k%2BmV2RYI%2FTdEJYVpwyRnAozBrMeh5jFGh5G8mAs6cDpFZ%2Fa4kjONpH9ac"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa71bf4714b-YUL
expires
Mon, 23 May 2022 04:35:53 GMT
16.jpg
dramathen.com/en-3-1-1/assets/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/16.jpg
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6894acedc5915b51c9f1857f0da8ea062475edaff3b391b7cd7ffdf7115ad91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413814
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2197
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:20:18 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gv5VT79XMtoI5R%2BcWlc6Sf1gFLyyzHTQtrJaQ6D3WTpOk52LjRUpIBWewLkFH%2F6UzpiRwGS3if6W1uXCgoc3JjBhzgvbCHc6NDHTOQLarjQO1zNwu9Yji04CrZLCcBXpGXYzEY31RqIey%2Bio"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa71bf7714b-YUL
expires
Mon, 23 May 2022 04:35:53 GMT
17.jpg
dramathen.com/en-3-1-1/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/17.jpg
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
225e625140a6dc5b7ea7ea7cdb1790f9a5f97b88660c35a80744c4002cf97a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413814
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1721
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:20:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28fv15POJiGHaSiUtcZpu6hkcCgris5hHwa2417r96xDrBe8WRdSy8FlC1YZEzKbxf%2FyV2BTEtEdJQZWJtogfbe5aBORz7VSqycn0bHwyoQXFJK1cJVEuZawzJGLiGRyNlXT54KaLHO8fsR4"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa71bf8714b-YUL
expires
Mon, 23 May 2022 04:35:53 GMT
18.jpg
dramathen.com/en-3-1-1/assets/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/18.jpg
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5653349d4d9eade79c3484fc521672332ffba22afbf1022e80ecb56973814c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413814
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2208
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:20:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FFwMonEgoeZFH7%2Fnx8miGY11rhwl03ZlntzkgPnm5jRELbSi0YZuoVHo6cYakOP1lx7vA3hqDpl9e86J%2BJaQvaVjQ6NFdoK4lSf2rw7QwCtw5qd6lnoI3m9EB6tE0esv6FqSFhNd%2FaU7WGa%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa71bfa714b-YUL
expires
Mon, 23 May 2022 04:35:53 GMT
19.jpg
dramathen.com/en-3-1-1/assets/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/19.jpg
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8967e92030ed0a00a387102752bf579de79417622c50475757e360990096e5c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
104909
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2201
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:20:08 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGO%2B0Wkw1VGSZafLYIePlm9Kw3FPXTHOn9v6J623V7KXunCpJq2DxEi89OC9WLqStafWqlXx3lSW4a2eoCBwxo9ENutOc1%2Fdhzw21o%2BSrV7PXMUloB1rZcnMxZySFt%2FsLautUK%2BFTYVsGTEw"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa71bfe714b-YUL
expires
Thu, 26 May 2022 18:24:18 GMT
20.jpg
dramathen.com/en-3-1-1/assets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/20.jpg
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eef632303bbe9319d81a3eba67c232f73377b49fbe412fed44a69fff918c702a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413814
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1498
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:20:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBaURn9CG8YtQUC55FOLJgA9%2FH8%2F0bfCRMSKahCRdcpHuaMDXS37igqVCJgIstL865FE0woRoKK%2BA5f5AyrK06DZwrJV6Vgth%2BIyBE%2Ff2mDAxP3eBdsnR57p7IzzEyoJydkB8V5%2FezaZCe%2FU"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
User-Agent, Accept-Encoding
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa71c00714b-YUL
expires
Mon, 23 May 2022 04:35:53 GMT
21.jpg
dramathen.com/en-3-1-1/assets/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/21.jpg
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a62a7b5ff4b5b98dd53c4fa08d66f2491b00e392716a92ab180e775931d6e0ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413814
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2512
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:20:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZyEF%2FQ%2FkxYFbSi6bxrTwBy23%2B4DMJliYYYdWrOJatSAm3TQtbCBNNiLtdba%2BM%2FKPO01%2FGc5wzaa9oqv5ysUHFhwEcqiDDXgQk49mBon47Al9D%2Bcw1WRz%2FfoXENuT4FHV%2B3C5cPnmqMTQGVoA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa71c01714b-YUL
expires
Mon, 23 May 2022 04:35:53 GMT
22.jpg
dramathen.com/en-3-1-1/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/22.jpg
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e4a39e9f9298e25b326bd92f08b9cca6b15f0d617677c8ef2a6a3c037a8a0a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38531
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1597
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:19:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6hjGOIbAenOWSKxxNxEb5kAvaID1Musin%2BaP1bZjTgimM3AQM36GGVz5%2FTBL9hiD68yJUZPK5Osng8WyVItEpYRi%2Fpu%2BEtZWryVGxKmvF5xScDIxRhOH3T4iV97ZiiBpLhp2NUm3M5Q9%2Fhk"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
User-Agent, Accept-Encoding
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa71c04714b-YUL
expires
Fri, 27 May 2022 12:50:36 GMT
24.jpg
dramathen.com/en-3-1-1/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/24.jpg
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
883c2959ff08798d569125c363c9fdce1f90788941b8ad9bd4c8ee9b87db31c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38531
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1619
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:19:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IyfhUjYaGQrRjl2kanoztZZxygCPaw%2B7ieAgPsbP0GHJdhdF%2B7MnMSiv4ij4kiH%2By4KFEDwPnhKHFsqRuRkYWzZFbVZb0J%2BKEfUr8yJRFzjK77yyvCF%2FkFPcGxGuWUls8IXuFH%2BofFnK7AFG"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa71c05714b-YUL
expires
Fri, 27 May 2022 12:50:36 GMT
1.jpg
dramathen.com/en-3-1-1/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/1.jpg
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1707346b93ea4f91be70ba1d144c800813af2ef6d7bf2a9785665d2e9764b4c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413814
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2833
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:20:20 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PxAmFmpgmfAi3CdB%2Bec3NXH5xozeSw2N1IYSMgaN6SONskZSk5xlfd%2FukJYXTcgl2Kpr1zwDAiK5L2vt10nQu1pLvyiP%2FhRennXTKBtOt8v6Aa9TJ%2FMibXKl5saMtRpX1db3Fb7oet83e9b0"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa71c06714b-YUL
expires
Mon, 23 May 2022 04:35:53 GMT
2.jpg
dramathen.com/en-3-1-1/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/2.jpg
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c78bb71257b58cd8897f2d79533e404e9505d39273341be31f34449e79d8e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413814
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1845
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:20:06 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lICK41E9V79%2BzYJ5ODw%2F9idno7xzR%2BkHPkFL2g2CvMDm9pxlj20Q0Tw1sqrs7orvxjSSzUgWZ5yEHuNpK5gYdCj%2BNSNNI%2BvfK7chkHVzjQBD9UHJyj4%2F%2BF1%2FXa0TmbcSCw9DWA3sGiDoAfs%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa71c07714b-YUL
expires
Mon, 23 May 2022 04:35:53 GMT
3.jpg
dramathen.com/en-3-1-1/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/3.jpg
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
382865cf929932d15c75700d49484eb5a72ecf1763a1a4277c32f097561ccf57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413814
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1834
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:19:50 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdOj%2BhY03GG7T6sSkjYCmk2HnT7JCqWB3K%2FDtLm1vZZCfbwCe8nj1pFIIKEdrPka585hFXdNtfq2W7Y%2F1QDynK6d%2BZPOEqsRkKaGgxwQLliyP9yVAVia7FGT0PqUnePa%2FuC6KeoHUJyhwU%2FJ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70e8dfa71c08714b-YUL
expires
Mon, 23 May 2022 04:35:53 GMT
conde.svg
dramathen.com/en-3-1-1/assets/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dramathen.com/en-3-1-1/assets/conde.svg
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bfe03fab7e26dff2a26572faae22abd7071446ad2543fce8b32c74d7993c456
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38531
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 03:19:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwXKe8oUWghviTLos%2F7fXyweQ14yR%2FuMc1pehauBfVcw5XpeaN0qde4TONT%2FbxXoKYmbEkOjFYBCaXYsnH3%2FTma3CpO84LVuUQrJkGnTO47Zv3G636EXmz919pwAJetZ%2FOg3%2FlOyXQKfoz30"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
70e8dfa71c09714b-YUL
expires
Fri, 27 May 2022 12:50:36 GMT
v9e118mez8
trk-tempore.com/scripts/push/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-tempore.com/scripts/push/v9e118mez8
Requested by
Host: dramathen.com
URL: https://dramathen.com/inc/msg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:22dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa4b74cc94b96ff49ac4462f2a335fcaf85777e2a8857b805d08da763d8647ff
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y27ORke0a7U%2F5bIWakPjHadoH1o2QFnDxfuJVsHvW7RQ398s1aHJ795FQZzl59n7NM6QL77f0hkUHPGmGUoCjvAul61DA%2FOT%2BMLdRTryNksHJJhDZPZ%2FuJj2sMQfFxnDAQzJBsbHHsMScsJt9So%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
cf-ray
70e8dfa76a00ece2-YUL
expires
0
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: dramathen.com
URL: https://dramathen.com/inc/fbcode1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26310
x-xss-protection
0
pragma
public
x-fb-debug
U1AFl0Q7+Y6IoQpBZO3i9zfi8LRDKIFEMxJ5IXLXh+P8E934RJQjIXdE7JIPk71hVyrLiuzlNYU6JfWFOwtyfg==
x-fb-trip-id
1512268381
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 20 May 2022 23:32:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
scevent.min.js
sc-static.net/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: dramathen.com
URL: https://dramathen.com/inc/fbcode1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.64.251 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-64-251.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
73d373ed5f48efd137d015e250ac11d368fd987b41d6dba88e81578b43e219a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
EWR53-C1
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
7166
via
1.1 ab3cd7cfdd9d5cf21e29b3ffd33aa170.cloudfront.net (CloudFront)
x-amz-cf-id
N3yML0wSxaarJ17Ed5cxYVEaFi6fadYB8X1YCpEQGts8v-gXT1nweg==
mgsensor.js
a.mgid.com/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mgid.com/mgsensor.js?d=1653089567836
Requested by
Host: dramathen.com
URL: https://dramathen.com/inc/fbcode1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8098c6938d10947bf06e59e59b684daf1ef70c1e520bd7e6d4d85e28ee94f00

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
4858ec28-b9d0-4c2d-9179-9f4ef36d5954
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
70e8dfa77b2df999-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
buE4poGnedXvwjX7fmRD8iI_.woff2
dramathen.com/en-3-1-1/assets/assets/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://dramathen.com/en-3-1-1/assets/assets/fonts/buE4poGnedXvwjX7fmRD8iI_.woff2
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/assets/css(1)2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dramathen.com/en-3-1-1/assets/css(1)2.css
Origin
https://dramathen.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DybSGdRYfU%2B06CHpfeBGROQLn0g4UDtTN4DTg4droT2GgDO867pV3OcFgSXiBe6HLylJUchPuSHb543ugslFDaBi4KbS2asAL6fhbe%2BPYBYlVfmiZTBNbKly3SNK6uIOWB%2FuCBEvndkZkBXE"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
cf-ray
70e8dfa73c20714b-YUL
buE1poGnedXvwj1AW3Fu0C8V-txK.woff2
dramathen.com/en-3-1-1/assets/assets/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://dramathen.com/en-3-1-1/assets/assets/fonts/buE1poGnedXvwj1AW3Fu0C8V-txK.woff2
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/assets/css(1)2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d2aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dramathen.com/en-3-1-1/assets/css(1)2.css
Origin
https://dramathen.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rH9Rnmh6d1wMEA%2FwgJVp1ERiv76qRVs9pe0lIaWu7r7UvoCHZEvIYiIVlve5wdOiJ%2Bbr36W85uaNX4Z2cIaZQI5%2BSeHpTt3Yn0CB89jGctFj9fj9HYpvAzIFLuxrlL1loAqou2fctqdnR8Ny"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
cf-ray
70e8dfa73c24714b-YUL
399694290689525
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/399694290689525?v=2.9.60&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
21e64d024aa24a971eaa07a66b05c6c6634cb6f777fe584168136923cffb45df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88882
x-xss-protection
0
pragma
public
x-fb-debug
n+HFQ8EF4mfAsPSSCcuJCPYWX9/EWQyBa2FSBfvD8gYFlChHhq4jQFfiT7d6l+eL/ocwk3sbi7TkFieiB3y8hQ==
x-frame-options
DENY
date
Fri, 20 May 2022 23:32:48 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
init
tr.snapchat.com/ 		126 B
393 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/init?pids=cc25c7df-1e44-4f51-8ff1-8c175d6334c1
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.19.6 /
Resource Hash
d4d2c5c9d0208261f7c2b111958538a938334cef0081ecc6660fc28a9cae2c33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:48 GMT
via
1.1 google
server
nginx/1.19.6
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126
is_enabled
tr.snapchat.com/collector/ 		63 B
126 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/collector/is_enabled?pids=cc25c7df-1e44-4f51-8ff1-8c175d6334c1&tld=com
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.19.6 /
Resource Hash
78ab8776c8f68316d19152a9ca8954b8abb84868d60a268d5db5fdeba3d68eb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:48 GMT
via
1.1 google
server
nginx/1.19.6
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
i
tr.snapchat.com/cm/ Frame B4F4 		672 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=cc25c7df-1e44-4f51-8ff1-8c175d6334c1
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.19.6 /
Resource Hash
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
672
content-type
text/html
date
Fri, 20 May 2022 23:32:48 GMT
server
nginx/1.19.6
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
1x1.gif
a.mgid.com/ 		43 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=507061&type=c&tg=&r=https%3A%2F%2Fdramathen.com%2Fen-3-1-1%2F%3F5c316d47b4f0bef9d9e14fdcf3835ef9&utmc=0&utmt=0&nv=1&utms=&utmcp=&utmm=&clid=&cmgid=0&cmtid=0&cmtuid=0&d=1653089568013
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cf-ray
70e8dfa85af3a244-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
p
tr.snapchat.com/ Frame 16B9 		0
187 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.19.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
null
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-transform
content-length
0
content-type
text/html
date
Fri, 20 May 2022 23:32:48 GMT
server
nginx/1.19.6
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
p
tr.snapchat.com/ Frame 0ABD 		0
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.19.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
null
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-transform
content-length
0
content-type
text/html
date
Fri, 20 May 2022 23:32:48 GMT
server
nginx/1.19.6
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
/
www.facebook.com/tr/ 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=399694290689525&ev=PageView&dl=https%3A%2F%2Fdramathen.com%2Fen-3-1-1%2F%3F5c316d47b4f0bef9d9e14fdcf3835ef9&rl=https%3A%2F%2Fderbyholder.com%2F&if=false&ts=1653089568090&sw=1600&sh=1200&v=2.9.60&r=stable&ec=0&o=30&fbp=fb.1.1653089568088.1797390402&it=1653089567985&coo=false&exp=p1&rqm=GET
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:48 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 20 May 2022 23:32:48 GMT
/
www.facebook.com/tr/ 		44 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=399694290689525&ev=ViewContent&dl=https%3A%2F%2Fdramathen.com%2Fen-3-1-1%2F%3F5c316d47b4f0bef9d9e14fdcf3835ef9&rl=https%3A%2F%2Fderbyholder.com%2F&if=false&ts=1653089568093&sw=1600&sh=1200&v=2.9.60&r=stable&ec=1&o=30&fbp=fb.1.1653089568088.1797390402&it=1653089567985&coo=false&exp=p1&rqm=GET
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:48 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 20 May 2022 23:32:48 GMT
scevent.min.js
sc-static.net/ Frame B4F4 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=cc25c7df-1e44-4f51-8ff1-8c175d6334c1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.64.251 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-64-251.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
73d373ed5f48efd137d015e250ac11d368fd987b41d6dba88e81578b43e219a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tr.snapchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 20:32:46 GMT
content-encoding
gzip
server
CloudFront
age
10802
etag
0d6e407936704bd380072f5891d28b0e
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=86400, max-age=600
x-amz-cf-pop
EWR53-C1
access-control-allow-headers
Content-Type
content-length
7166
via
1.1 ab3cd7cfdd9d5cf21e29b3ffd33aa170.cloudfront.net (CloudFront)
x-amz-cf-id
5R1e_kYs-PHMMV23vCO-EnzuFPOPLK8OydPj7ATRt6QPqXiPPx0tOg==
p
tr.snapchat.com/cm/ Frame 8BCE
Redirect Chain
  • https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1653089568143
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1652888787603%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1652888787603%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
  • https://tr.snapchat.com/cm/p?rand=1652888787603&pnid=140&pcid=7202aa7e-4b13-414f-8e79-1b87a5d29e7b
0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/p?rand=1652888787603&pnid=140&pcid=7202aa7e-4b13-414f-8e79-1b87a5d29e7b
Requested by
Host: dramathen.com
URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.19.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://tr.snapchat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-transform
content-length
0
content-type
text/html
date
Fri, 20 May 2022 23:32:48 GMT
server
nginx/1.19.6
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 20 May 2022 23:32:48 GMT
location
https://tr.snapchat.com/cm/p?rand=1652888787603&pnid=140&pcid=7202aa7e-4b13-414f-8e79-1b87a5d29e7b
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
strict-transport-security
max-age=31536000
via
1.1 google
v9e118mez8
event.trk-tempore.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-tempore.com/register/event_log/v9e118mez8
Requested by
Host: trk-tempore.com
URL: https://trk-tempore.com/scripts/push/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d1bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-type
application/json

Response headers

date
Fri, 20 May 2022 23:32:48 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
expires
0
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66r%2BwN5WoqbPFGUl50XP94JgQB3xlSQFFPNyve%2BRa%2BHZl%2B7tB13vp1QLqeEvAfaqu2gDe%2BPP8cyOo5JI6POibd01NTfv61aj1%2BGCGCktsNQk8XKnlPORZN5j%2FlIADb9pjQNNOkiGMap5II%2B8mY%2FSf%2BBwZcg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://dramathen.com
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials
true
cf-ray
70e8dfa9ac4a4bcb-YUL
x-pushplatformapp-params
v9e118mez8
event.trk-tempore.com/register/event_log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-tempore.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d1bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dramathen.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://dramathen.com
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
70e8dfa95aa67136-YUL
content-length
0
date
Fri, 20 May 2022 23:32:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3t7%2BPclrb5ahSjKzhe0Iqy8wtfmqbiCdxuaxGABuoq0atNLYSK37wwdxmTkAPwI03LPH1ZXY2p0bcb2QfOwtR%2FPP79tHBPeIynQDi76NFlGCpeDxuLM%2BFpvBa%2FhWz0tvvKGqNZsL9Lq6jHsHhkdv4BepuU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
v9e118mez8
event.trk-tempore.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-tempore.com/register/event_log/v9e118mez8
Requested by
Host: trk-tempore.com
URL: https://trk-tempore.com/scripts/push/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d1bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-type
application/json

Response headers

date
Fri, 20 May 2022 23:32:48 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
expires
0
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29NyEcu0JEIFClIDU7tIO%2FCJynM%2FP3%2FqnjyVbNy1KDr0v0A%2BD8CFI5h9cNyHD7tkSaTO7xTpsbdIZhOCtG9%2BLI6j%2Bh5MYDK4FmKfOWa1QyTKtWEU7hCDcIq%2Bin%2FNrc8sl6tDz984yWGe6kdMdaLLAG9ZbhQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://dramathen.com
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials
true
cf-ray
70e8dfa9ac484bcb-YUL
x-pushplatformapp-params
v9e118mez8
event.trk-tempore.com/register/event_log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-tempore.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d1bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dramathen.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://dramathen.com
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
70e8dfa95aa87136-YUL
content-length
0
date
Fri, 20 May 2022 23:32:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8SzeGVw018DHTEMwhrjIOvHfnUbmQQqPE71BHBBc8BhcoeO44PIMlvbO1LrmgzwpCpzI9IW5kOGV6lf%2BLIYscaceM7%2Blv%2FrJr1RQoqK7jUDGf40oQvc8qYDKmffZHmZSPacWlU3MZYfgimmkxlTBlyiCpo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=399694290689525&ev=Microdata&dl=https%3A%2F%2Fdramathen.com%2Fen-3-1-1%2F%3F5c316d47b4f0bef9d9e14fdcf3835ef9&rl=https%3A%2F%2Fderbyholder.com%2F&if=false&ts=1653089569596&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22GQ%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.60&r=stable&ec=2&o=30&fbp=fb.1.1653089568088.1797390402&it=1653089567985&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:32:49 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Fri, 20 May 2022 23:32:49 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dramathen.com
URL
https://dramathen.com/en-3-1-1/assets/css.css

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Lion's Den Scam (Online)

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| $ function| jQuery function| change object| MYCALL string| s1 string| s2 string| esource string| pshpub string| pshdomain function| fbq function| _fbq function| snaptr object| r object| MgSensorData object| butns object| menucont object| snaptrContext boolean| triedToSendCookieToNative object| WebJSBridge function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore object| MgSensor function| MgSensorInvoke function| MgSensorInvoke0 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgr object| _mghl

15 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
derbyholder.com/ Name: uid991
Value: 720682419-20220520193247-34e0bd73817d2f41c8899a02a34fe968-169
sieradistinct.com/ Name: PHPSESSID
Value: b19ab911b6c85e4095ee73b3dce5b5c4
dramathen.com/ Name: PHPSESSID
Value: be2ca36467e8ad8c866d3eeed7296515
.mgid.com/ Name: __cf_bm
Value: KdofoyG_1gvQe7hwp5z1l8ZTF5Q2RZdzz6IdlJnb0HI-1653089567-0-AUIUR/jIeL9+ql0EKFB8MxZ8MwLwmqudx7pIJ9mR+XknQumauYti6SjYLwtYRkVBc3ipfcxGVejTB0rs+D4a5f8=
dramathen.com/ Name: MgidSensorNVis
Value: 1
dramathen.com/ Name: MgidSensorHref
Value: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
.dramathen.com/ Name: _scid
Value: 49d33ecd-a0bd-4e6d-b129-a4ef2e76a6f1
.dramathen.com/ Name: _fbp
Value: fb.1.1653089568088.1797390402
.mgid.com/ Name: muidn
Value: m4kM-O74ZHwg
.facebook.com/ Name: fr
Value: 0QFlBNf3pnl9BeHTk..BiiCUg...1.0.BiiCUg.
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAE3GwREAMQQAwIrMIAjphgxVpPj73r5WrjLzHtjDDYKhUIkNUe6Tt5KsHwkeMl3ooebvV/wAREYG+EAAAAA=
.tapad.com/ Name: TapAd_TS
Value: 1653089568266
.tapad.com/ Name: TapAd_DID
Value: 7202aa7e-4b13-414f-8e79-1b87a5d29e7b
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:

4 Console Messages

Source Level URL
Text
security error URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Message:
Refused to apply style from 'https://dramathen.com/en-3-1-1/assets/css.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network error URL: https://dramathen.com/en-3-1-1/assets/assets/fonts/buE1poGnedXvwj1AW3Fu0C8V-txK.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://dramathen.com/en-3-1-1/assets/assets/fonts/buE4poGnedXvwjX7fmRD8iI_.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: https://dramathen.com/en-3-1-1/?5c316d47b4f0bef9d9e14fdcf3835ef9
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
connect.facebook.net
derbyholder.com
dramathen.com
event.trk-tempore.com
pixel.tapad.com
rfdjuitgfokl.ajalo.com
sc-static.net
sieradistinct.com
tr.snapchat.com
trk-tempore.com
www.facebook.com
dramathen.com
104.19.135.78
107.178.246.49
13.225.64.251
178.255.47.116
2606:4700:3030::ac43:d1bf
2606:4700:3032::ac43:d2aa
2606:4700:3034::6815:22dd
2606:4700:3036::ac43:a62d
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
35.186.226.184
45.12.115.151
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13822ffed601ca9c7ab190faca42ee4c4552923f750349063dddc0847c5e3b4a
15488250d587b1a0bd0c5da73cad740221972996546a199fb3dcc4c7a0693089
1707346b93ea4f91be70ba1d144c800813af2ef6d7bf2a9785665d2e9764b4c8
1d526fad070c76f88e2da30db5c682735e9688ae53c70a8f3a891cb7621dbed5
217ae52225102032da93065a804628b20e0e4ddd283a34338ab8c9c867e20b2c
21e64d024aa24a971eaa07a66b05c6c6634cb6f777fe584168136923cffb45df
225e625140a6dc5b7ea7ea7cdb1790f9a5f97b88660c35a80744c4002cf97a64
232e8bfeb616bbf7b18a25712882c00c1a1d546ce3873c055c49cb35ef648054
33e97e4cdd1c76bfaac07700268328f23c99b16f9f25938068432987327f42b2
382865cf929932d15c75700d49484eb5a72ecf1763a1a4277c32f097561ccf57
3adb041090c177f537a9fe8eaba68f263c2db05093fceeb81402600ea987e362
437e8ee2f95b83ac2b42df78ecdcc8478721d69df1c560e95a5a93378621a7a7
43fccd349655df7497727c1c95d4fd97033f8aaf649067cbafb2b6d2751cf340
4bfe03fab7e26dff2a26572faae22abd7071446ad2543fce8b32c74d7993c456
51fbcded2ea45ee24f4910b6d4721e01b7799cf20a833c5fbeb667bb9a806c94
5e4a39e9f9298e25b326bd92f08b9cca6b15f0d617677c8ef2a6a3c037a8a0a1
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
73d373ed5f48efd137d015e250ac11d368fd987b41d6dba88e81578b43e219a2
78ab8776c8f68316d19152a9ca8954b8abb84868d60a268d5db5fdeba3d68eb3
883c2959ff08798d569125c363c9fdce1f90788941b8ad9bd4c8ee9b87db31c9
8967e92030ed0a00a387102752bf579de79417622c50475757e360990096e5c3
8c78bb71257b58cd8897f2d79533e404e9505d39273341be31f34449e79d8e55
8d32b089876a1b30ec52f286900c7311601c0868416123630b4c308f1c1f61d1
9d3481d538ff6f39043c79c2d6ba3e0b75e3e646ba7307c874a9d9bdf91a24dc
9de746af69a7bfc61859836df6cc3807ad68a611c14e44ac853b69750158cae2
9f58ea7dfe34f0f6c590e3bad2f46e132b8d114e8cfd64b4ce5e71c65524af2c
a10844d60cd0fd12d194780a7d5521ac07b4dc525b40b9938d8e6780424f85d8
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
a436f6e9fac6f797912fbcd4d4f16ee6015a7d0ae99d0aba11280f1b65562853
a62a7b5ff4b5b98dd53c4fa08d66f2491b00e392716a92ab180e775931d6e0ba
a63adf7b7e9675b57340e7346b44bfa102244d7706f3dcfc93167e6ca6f448c9
a83bc8dcab86bd2d534f9879f40766e5215b888d3e5f80296c0584664d3d4c43
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa4b74cc94b96ff49ac4462f2a335fcaf85777e2a8857b805d08da763d8647ff
abc9583e8d949ef66df3245119bd80a865ea464de96f5c381cbbeaa12f2a497f
acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1
acfb20c4e45023943289876b0509f910c1f09e536a46af718538441c6c8f7d67
cfb6708f8e8d5277007f904e261d1e4c7dc1c9240b04bbaccf4ddf472b3cc95a
d39273233cc7cef9386b2926077b1c556ac2fb39b84104dc1d8663310f612694
d4d2c5c9d0208261f7c2b111958538a938334cef0081ecc6660fc28a9cae2c33
d58d2b845f7f0acbfc1e66fd06334ab955c78e20a2b98fe526941db84d4e2ecf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46f6b4f26b01c07c007271ba3fa7f9ace95641478d0d5c5fc256cdda4351ded
e8098c6938d10947bf06e59e59b684daf1ef70c1e520bd7e6d4d85e28ee94f00
eef632303bbe9319d81a3eba67c232f73377b49fbe412fed44a69fff918c702a
f0a5607c5dc1515f3d370b114f2ce55f3979d9e5677821f14b854c47f71f09b8
f5653349d4d9eade79c3484fc521672332ffba22afbf1022e80ecb56973814c4
f6894acedc5915b51c9f1857f0da8ea062475edaff3b391b7cd7ffdf7115ad91
f9d07e8444ee37797a824fbf89f0a0d3553e01289185be0400ff7ef13afa9950
fb6ca30f6041e4ae9925e5c27b92b1c3483339ba91f02d4399ee8cb16120f8af