dramacool.sr/drama-detail/maids-revenge-2022
172.67.158.198301 Moved Permanently 0 B URL HTTP/1.1 dramacool.sr/drama-detail/maids-revenge-2022
IP 172.67.158.198:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /drama-detail/maids-revenge-2022 HTTP/1.1
Host: dramacool.sr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 14 Sep 2022 06:50:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 07:50:25 GMT
Location: https://dramacool.sr/drama-detail/maids-revenge-2022
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FfB5ZHxEzGVKrUPBmnpLTA1rcqgPx%2BAhmIwaUsCEMcxy%2Bj73Jvr7zcIU4LUng9fTctA%2BaFpDBPFXuge7IWlW5eN2GSgyYwOtQDqMm7LoISWkb%2B5hA%2Bq7c4lc68L8yO8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74a73032bab0b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 14 Sep 2022 06:09:27 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DinbfENLBrY_Ntms3w2sPAys3ggZH8e8qHgZlQ6NbWlhCq4GKDp-zA==
Age: 2457
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4769
Expires: Wed, 14 Sep 2022 08:09:54 GMT
Date: Wed, 14 Sep 2022 06:50:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 14 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: g9PsOVj6xe1Aw67a71dIB1z7Lj7VoG74HUavqEej7h68QdgjHyf1kg==
age: 8110
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 06:50:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 14 Sep 2022 06:03:22 GMT
Expires: Wed, 14 Sep 2022 06:59:57 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OKIR709XwJErOySbu0AKfNE3m0u3-UHBjAEk7xzEWDZntk1rtA41ng==
Age: 2823
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e96dbe1b54932c8f447bbbfc9d31cfb0
b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd
427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5614
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 06:50:25 GMT
Last-Modified: Wed, 14 Sep 2022 05:16:51 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 5.3 kB IP 142.250.74.3:0
Hash 2600a8097139c85b6bc61676194c1638
a3234fecf4681a93914d9d0abc2b263cc5036a2e
3871aa9152344be12f30e3ac030eba68303dedca5d76dfee0b521d45643d853d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 06:50:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-223055057-1
142.250.74.72200 OK 43 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-223055057-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash eab18f5404b4b44e7ac4aec8da7d7019
fe1423ad15ad2fd9024e8b1431cebdf843b2030a
e794a6fd43eb880fa9cda86483bd88192d2fc09804a39797d2dd3a73ddf1b322
GET /gtag/js?id=UA-223055057-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dramacool.sr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 14 Sep 2022 06:50:25 GMT
expires: Wed, 14 Sep 2022 06:50:25 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43190
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 3.4 kB IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e5fa88056dbbdf2e276de9fa3c5da119
357d4a813599b0e6d26abde2ae5482a1e18223bf
c4351e6e00ca7e326d65fb634959463a4cb8c99be25b825ca524700b2386b94c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "11AD53994C2F5025F16C7D095CFD2977588682EB99D027A8350FF0FA35343EED"
Last-Modified: Tue, 13 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12046
Expires: Wed, 14 Sep 2022 10:11:11 GMT
Date: Wed, 14 Sep 2022 06:50:25 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5fb531e1755814a270db67b082eaa9b7
5f56f7282b26328f81b5eff14b5c5bafea2ea24f
11ad53994c2f5025f16c7d095cfd2977588682eb99d027a8350ff0fa35343eed
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "11AD53994C2F5025F16C7D095CFD2977588682EB99D027A8350FF0FA35343EED"
Last-Modified: Tue, 13 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12050
Expires: Wed, 14 Sep 2022 10:11:15 GMT
Date: Wed, 14 Sep 2022 06:50:25 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b89ae7c844da380e702a13e4972318b3
c418f973c43bff94b93ec58c11ffd304b452b48f
945602fb480864b39de5dec2f4dd2b11ec1fdf7bc59407bb1d7f6aa4d4992d73
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "945602FB480864B39DE5DEC2F4DD2B11EC1FDF7BC59407BB1D7F6AA4D4992D73"
Last-Modified: Tue, 13 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1841
Expires: Wed, 14 Sep 2022 07:21:07 GMT
Date: Wed, 14 Sep 2022 06:50:26 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b89ae7c844da380e702a13e4972318b3
c418f973c43bff94b93ec58c11ffd304b452b48f
945602fb480864b39de5dec2f4dd2b11ec1fdf7bc59407bb1d7f6aa4d4992d73
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "945602FB480864B39DE5DEC2F4DD2B11EC1FDF7BC59407BB1D7F6AA4D4992D73"
Last-Modified: Tue, 13 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1841
Expires: Wed, 14 Sep 2022 07:21:07 GMT
Date: Wed, 14 Sep 2022 06:50:26 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c79a6d9219e52788c0288a4288601f0b
a55c74c35279d08872bb4b0805d3f8ff684bc322
345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 06:50:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.33.119.27200 OK 1.6 kB IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9b07131efcb39fc543f06b866c724140
ff332a684bb1df27b0f0671de2ef312e3bd83a3f
647079e49e3a7859cd4d8849fe8a8b59bb7ab44ddced20a60781777cb242526c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "11AD53994C2F5025F16C7D095CFD2977588682EB99D027A8350FF0FA35343EED"
Last-Modified: Tue, 13 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12049
Expires: Wed, 14 Sep 2022 10:11:15 GMT
Date: Wed, 14 Sep 2022 06:50:26 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2e64a0eae72ace948efbbad9e4b1b23b
3fbe18ee4549cc4761581db50b1595219fde00bc
7697c5dc84da0c95d884f22b48d5bfff948522a93da04a0c6660d41f9d8b19b7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7697C5DC84DA0C95D884F22B48D5BFFF948522A93DA04A0C6660D41F9D8B19B7"
Last-Modified: Tue, 13 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20798
Expires: Wed, 14 Sep 2022 12:37:04 GMT
Date: Wed, 14 Sep 2022 06:50:26 GMT
Connection: keep-alive
grunoaph.net/tag.min.js
139.45.197.238200 OK 30 kB IP 139.45.197.238:0
File type ASCII text, with very long lines (30861)
Hash 5136a2c146a8c29316ef83ee44870aeb
970eb381d39c4c3200c5325466d8f70ac49a2b60
c5df629bba7aaeb36ff6280047930322136d3c258ad2a1d588e60514728eeae9
Analyzer Verdict Alert quad9 Sinkholed
GET /tag.min.js HTTP/1.1
Host: grunoaph.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dramacool.sr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 06:50:26 GMT
content-type: text/javascript; charset=utf-8
content-length: 22984
content-encoding: br
x-trace-id: 26f7a8166758ffbea9f5000eb21a4d1e
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Tue, 13 Sep 2022 08:59:22 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
vu.cantateremiss.com/r7NAlctF6MTbGeBW/49122
142.91.159.108200 OK 25 B URL HTTP/1.1 vu.cantateremiss.com/r7NAlctF6MTbGeBW/49122
IP 142.91.159.108:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /r7NAlctF6MTbGeBW/49122 HTTP/1.1
Host: vu.cantateremiss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dramacool.sr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 14 Sep 2022 06:50:26 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dramacool.sr
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Thu, 15-Sep-2022 06:50:26 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Thu, 15-Sep-2022 06:50:26 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
push.services.mozilla.com/
52.13.69.101101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.13.69.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qlQCoaG3Y6c4/fQnvXaDOg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: McvQva5+JzX+Bh3bOgq+IZFhSio=
dramacool-ukph88jvsw.disqus.com/count.js
151.101.84.134200 OK 1.1 kB URL HTTP/1.1 dramacool-ukph88jvsw.disqus.com/count.js
IP 151.101.84.134:0
Hash fbd048ab12c7b8490b02dd3be88ee28e
5143cbde8f9575a2560298891f0bed70e2489ec9
d7250ce81200864427699870c6b825aa0f39926d7c56873405d8584571423aa3
GET /count.js HTTP/1.1
Host: dramacool-ukph88jvsw.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dramacool.sr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 871
Content-Type: application/javascript; charset=utf-8
Server: nginx
Last-Modified: Thu, 08 Sep 2022 14:04:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
ETag: "6319f674-367"
X-Amz-Cf-Pop: DFW56-P4
X-Amz-Cf-Id: nj4p440ZzL6idC1j5VuSJ7I4-5QjacYe9i7syxVzpLi5anNLYVmAtA==
Cache-Control: public, max-age=300
Date: Wed, 14 Sep 2022 06:50:26 GMT
Age: 167
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
www.google-analytics.com/analytics.js
142.250.74.174200 OK 54 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
Hash fd3ad69b852152413cdf2e935c6c3656
18f0a8260b7cfa6a4ee89687ed4720a684156c44
77a50c08aa09d243b4a4303690b26f740732120174d3074d5e828b73dfd28ec2
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dramacool.sr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Wed, 14 Sep 2022 06:41:12 GMT
expires: Wed, 14 Sep 2022 08:41:12 GMT
cache-control: public, max-age=7200
age: 554
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 89dc4294d8e50675a5cb111e84d38452
993b0be337e43de62b8a33bef20c972881c8a646
27e6f64589d2befddc951fc27b83d03e1113bcfe301c76a2e412a20d2558a0c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 06:50:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 89dc4294d8e50675a5cb111e84d38452
993b0be337e43de62b8a33bef20c972881c8a646
27e6f64589d2befddc951fc27b83d03e1113bcfe301c76a2e412a20d2558a0c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 06:50:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dramacool.bet/ic-new.svg
104.21.94.122200 OK 956 B IP 104.21.94.122:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (851), with CRLF line terminators
Hash eed6fa5fb9052a1650f7ff86019cbc85
c00bf55663a35dc514b174e8420ead1652f6816d
b4906f8c377b5fdb9b34ebe989d4c6a3b839882f818fac2a981b3e67cfaf4a0c
GET /ic-new.svg HTTP/1.1
Host: dramacool.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dramacool.sr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 06:50:26 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Mon, 18 Jul 2022 18:27:36 GMT
expires: Thu, 29 Sep 2022 14:09:07 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: HIT
x-server-powered-by: Engintron
cf-cache-status: HIT
age: 3861679
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YOFauZ%2Bg6zdaiFa6n6XYocGOrWrCczxVGSyh1yUeeQ%2FQVeIHCz17Dq0e6bw3X7%2FX71dtWUabUibk8Ou44EIN%2F4ppY8qwP92XiaQuiQdysxFatk38YL7ERtFyvwn9IeF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74a73038ae98b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8153444726766124
142.250.74.66200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8153444726766124
IP 142.250.74.66:0
File type ASCII text, with very long lines (2903)
Hash f415e3a5bd33664fed42ef95f28d83a3
35ae141dc24171acfa05946a751c0df0b93acc2b
b23d60e45223cc3faed36fa57c39385e8961f04521ba86d63323951e88a74582
GET /pagead/js/adsbygoogle.js?client=ca-pub-8153444726766124 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dramacool.sr
Connection: keep-alive
Referer: https://dramacool.sr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Wed, 14 Sep 2022 06:50:26 GMT
expires: Wed, 14 Sep 2022 06:50:26 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 3898943825149805971
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 57940
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dramacool.bet/ic-upcoming.svg
104.21.94.122200 OK 59 kB URL HTTP/2 dramacool.bet/ic-upcoming.svg
IP 104.21.94.122:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1548), with no line terminators
Hash 784b7d69fdc34d877d73b3f23a397ad2
61eaa3132c75561a40c2e8af2e4eb6d3243153f3
b386bb293684feb85d69da01835546055760d5639edb8b07e19724872547f0c0
GET /ic-upcoming.svg HTTP/1.1
Host: dramacool.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dramacool.sr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 06:50:26 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Mon, 18 Jul 2022 18:25:47 GMT
expires: Thu, 29 Sep 2022 14:09:07 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: HIT
x-server-powered-by: Engintron
cf-cache-status: HIT
age: 3861679
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13S8vJ%2BXSNpLnlwLocZdeesD05fe0kSB57TuFjYn2h%2B%2BUShBYYUjisngEx%2BGSMFO9jJYsBnwb0WTMscQvpwEuwaQyzGOhRhy1Joahsz8GCmOxZwhLsW%2BmKNWbqJOmftv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74a73038ae94b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 89dc4294d8e50675a5cb111e84d38452
993b0be337e43de62b8a33bef20c972881c8a646
27e6f64589d2befddc951fc27b83d03e1113bcfe301c76a2e412a20d2558a0c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 06:50:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
my.rtmark.net/gid.js?userId=e1e667d2dccd436792e6274ab0009a03
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=e1e667d2dccd436792e6274ab0009a03
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 7eae610a5bb664a8a886206a75966fbe
de74dfc61b96726dec0543134a06d67d096e7ae0
9a94a76140b587d38b527a0615274c0b70d61492baeb69da6050eca3c0a4db79
GET /gid.js?userId=e1e667d2dccd436792e6274ab0009a03 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dramacool.sr
Connection: keep-alive
Referer: https://dramacool.sr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 06:50:26 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://dramacool.sr
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=e1e667d2dccd436792e6274ab0009a03; expires=Thu, 14 Sep 2023 06:50:26 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20220912/r20190131/zrt_lookup.html
216.58.207.194200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220912/r20190131/zrt_lookup.html
IP 216.58.207.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 09a8bd805dba1307ae0bd76a0c9ca73d
bdc16e7610abae944da47ff3a0e5fea818241fb0
e3978f36e9c5f0b909ed64015db629e2c64b46e75d165c6d1d146fcb792cdbde
GET /pagead/html/r20220912/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dramacool.sr/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4412
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:15:25 GMT
expires: Wed, 28 Sep 2022 05:15:25 GMT
cache-control: public, max-age=1209600
age: 5701
etag: 8616628553774171045
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dramacool-ukph88jvsw.disqus.com/count-data.js?2=https%3A%2F%2Fdramacool.sr%2Fdrama-detail%2Fmaids-revenge-2022
151.101.84.134200 OK 289 B URL HTTP/1.1 dramacool-ukph88jvsw.disqus.com/count-data.js?2=https%3A%2F%2Fdramacool.sr%2Fdrama-detail%2Fmaids-revenge-2022
IP 151.101.84.134:0
Hash 4c74859098309f6e4edc5b9da26235e2
2d41009fbd6b488404e22ab7e5ef7d806de37574
89f36628e38878fbed2914f06b2f3db074e81f705905b4d96269bd0e54e36209
GET /count-data.js?2=https%3A%2F%2Fdramacool.sr%2Fdrama-detail%2Fmaids-revenge-2022 HTTP/1.1
Host: dramacool-ukph88jvsw.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dramacool.sr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 289
Server: nginx
Content-Type: application/javascript; charset=UTF-8
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=600
Date: Wed, 14 Sep 2022 06:50:26 GMT
Age: 25
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9a0fdf7fe7701be1f41b47ea2487c60
bb64e1c07015d87cab0575d563311a0983426934
7fdc2d5cc0bd3374a477403e359b03f7b556df0c6a608a202f8e77b7f0a2cd1d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 06:50:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a44521d3957cdba57b0fc21915252110
e04f70e8f3271d219d22be1a0c54f7a047abdd55
aaca825919de7c1d549ae107d482a8ac35cf518c1141ef3054018267a26067bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 06:50:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b743089bdff5635e2f7c38d20c1910f6
f1874493bc88c2d9ba4a95a43e810da1cb452abd
3a60895d54c86a3e46a3dbcacfc07f3fae4ba79add296b16d0938baacc8d462a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 06:50:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=dramacool.sr&callback=_gfp_s_&client=ca-pub-8153444726766124
172.217.21.162200 OK 199 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=dramacool.sr&callback=_gfp_s_&client=ca-pub-8153444726766124
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 70bd4f73b9e472b07066419dcb859a17
a5a10199bbd0d7f9f11bc3c492a82156103535f1
09dead183f8d7f51f252cfd82765c3eff41b135d36610b130f747de0f4da6e35
GET /gampad/cookie.js?domain=dramacool.sr&callback=_gfp_s_&client=ca-pub-8153444726766124 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dramacool.sr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 14 Sep 2022 06:50:26 GMT
server: cafe
cache-control: private
content-length: 199
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=dramacool.sr
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=dramacool.sr
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dramacool.sr HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dramacool.sr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 14 Sep 2022 06:50:26 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=dramacool.sr
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=dramacool.sr
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dramacool.sr HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dramacool.sr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 14 Sep 2022 06:50:26 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9a0fdf7fe7701be1f41b47ea2487c60
bb64e1c07015d87cab0575d563311a0983426934
7fdc2d5cc0bd3374a477403e359b03f7b556df0c6a608a202f8e77b7f0a2cd1d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 06:50:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a44521d3957cdba57b0fc21915252110
e04f70e8f3271d219d22be1a0c54f7a047abdd55
aaca825919de7c1d549ae107d482a8ac35cf518c1141ef3054018267a26067bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 06:50:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b743089bdff5635e2f7c38d20c1910f6
f1874493bc88c2d9ba4a95a43e810da1cb452abd
3a60895d54c86a3e46a3dbcacfc07f3fae4ba79add296b16d0938baacc8d462a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 06:50:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dramacool-ukph88jvsw.disqus.com/count.js?
151.101.84.134200 OK 871 B URL HTTP/1.1 dramacool-ukph88jvsw.disqus.com/count.js?
IP 151.101.84.134:0
File type ASCII text, with very long lines (528)
Hash a487039f9b553cb4f6928743872234e9
b3d835075d1983a8c2fe716285d173fcc3708f9c
364f622ba24e063adcee84f132da53c6e6071745f04a00d10937663deb24b822
GET /count.js? HTTP/1.1
Host: dramacool-ukph88jvsw.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dramacool.sr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 871
Content-Type: application/javascript; charset=utf-8
Server: nginx
Last-Modified: Thu, 08 Sep 2022 14:04:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
ETag: "6319f674-367"
X-Amz-Cf-Pop: DFW56-P4
X-Amz-Cf-Id: nj4p440ZzL6idC1j5VuSJ7I4-5QjacYe9i7syxVzpLi5anNLYVmAtA==
Cache-Control: public, max-age=300
Date: Wed, 14 Sep 2022 06:50:26 GMT
Age: 167
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
region1.google-analytics.com/g/collect?v=2&tid=G-K66MQMMZ99>m=2oe9c0&_p=2038857075&cid=1700445439.1663138213&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663138212&sct=1&seg=0&dl=https%3A%2F%2Fdramacool.sr%2Fdrama-detail%2Fmaids-revenge-2022&dt=Watch%20Maid%27s%20Revenge%20(2022)%20Chinese%20Drama%20English%20Sub%20Episodes%20at...&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-K66MQMMZ99>m=2oe9c0&_p=2038857075&cid=1700445439.1663138213&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663138212&sct=1&seg=0&dl=https%3A%2F%2Fdramacool.sr%2Fdrama-detail%2Fmaids-revenge-2022&dt=Watch%20Maid%27s%20Revenge%20(2022)%20Chinese%20Drama%20English%20Sub%20Episodes%20at...&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-K66MQMMZ99>m=2oe9c0&_p=2038857075&cid=1700445439.1663138213&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663138212&sct=1&seg=0&dl=https%3A%2F%2Fdramacool.sr%2Fdrama-detail%2Fmaids-revenge-2022&dt=Watch%20Maid%27s%20Revenge%20(2022)%20Chinese%20Drama%20English%20Sub%20Episodes%20at...&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dramacool.sr
Connection: keep-alive
Referer: https://dramacool.sr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://dramacool.sr
date: Wed, 14 Sep 2022 06:50:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b83eeef1819083d0f8d52290b58abdef
7f5d00f725bed6d26c8ba00628adafc8f43c0c93
cca1c281e84e9694db182f17cd47d5782d602bf36e2f4902ce7612f2c5d74bd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 06:50:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dramacool.sr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Wed, 14 Sep 2022 06:50:27 GMT
expires: Wed, 14 Sep 2022 06:50:27 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dramacool-ukph88jvsw.disqus.com/embed.js
151.101.84.134200 OK 25 kB URL HTTP/1.1 dramacool-ukph88jvsw.disqus.com/embed.js
IP 151.101.84.134:0
File type ASCII text, with very long lines (32091)
Hash baa2233fdbdb89208831f0841129156a
98b765a9b6efd56e851adbf37a08003e67d1bfd7
e809e149e13d0b90f37cf5a06772f239e19e9cc54d1de2f8bc1ca29ff5f39e47
GET /embed.js HTTP/1.1
Host: dramacool-ukph88jvsw.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dramacool.sr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 25375
Server: openresty
Content-Type: application/javascript; charset=utf-8
X-Service: router
Content-Encoding: gzip
Date: Wed, 14 Sep 2022 06:50:27 GMT
Age: 0
Vary: Accept-Encoding
Cache-Control: private, max-age=60
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dramacool.sr/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 12:27:00 GMT
expires: Wed, 13 Sep 2023 12:27:00 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 66207
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 78f8bae58862d8be3437cfe9e927011d
fb01a9cfd346f2c9b7694276c72a76e213887b06
389d233aa4b3ea23315c9d6e8d72d96fb2f802e227d24199c788a5a89e96a19e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 06:50:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 514 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 819e259f65e6532ed9d3e4e6dd9bfd75
7d7f9d1deb4c0cec2018429d03685e9aa01edf9c
b2aa0ceeb20355113e57748fbedaac4f881be3bf41bfe768af6da607060031c3
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dramacool.sr/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 14 Sep 2022 06:50:27 GMT
date: Wed, 14 Sep 2022 06:50:27 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-kQGkydYCPWzXp3NQv52yjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
disqus.com/embed/comments/?base=default&f=dramacool-ukph88jvsw&t_u=https%3A%2F%2Fdramacool.sr%2Fdrama-detail%2Fmaids-revenge-2022&t_d=Watch%20Maid%27s%20Revenge%20(2022)%20Chinese%20Drama%20English%20Sub%20Episodes%20at...&t_t=Watch%20Maid%27s%20Revenge%20(2022)%20Chinese%20Drama%20English%20Sub%20Episodes%20at...&s_o=default
151.101.192.134200 OK 2.7 kB URL HTTP/1.1 disqus.com/embed/comments/?base=default&f=dramacool-ukph88jvsw&t_u=https%3A%2F%2Fdramacool.sr%2Fdrama-detail%2Fmaids-revenge-2022&t_d=Watch%20Maid%27s%20Revenge%20(2022)%20Chinese%20Drama%20English%20Sub%20Episodes%20at...&t_t=Watch%20Maid%27s%20Revenge%20(2022)%20Chinese%20Drama%20English%20Sub%20Episodes%20at...&s_o=default
IP 151.101.192.134:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2730)
Hash 8a3b5b7a2454e8394370a1bcc9021d99
77f48fa1c4a3832620c6289b50dcd80297d9e019
6d1530afdb7b116b5b55d002f3b7b9872b460bfa8e242b335715d953de68f0f3
GET /embed/comments/?base=default&f=dramacool-ukph88jvsw&t_u=https%3A%2F%2Fdramacool.sr%2Fdrama-detail%2Fmaids-revenge-2022&t_d=Watch%20Maid%27s%20Revenge%20(2022)%20Chinese%20Drama%20English%20Sub%20Episodes%20at...&t_t=Watch%20Maid%27s%20Revenge%20(2022)%20Chinese%20Drama%20English%20Sub%20Episodes%20at...&s_o=default HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dramacool.sr/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2687
Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Sat, 10 Sep 2022 03:42:41 GMT
ETag: W/"lounge:view:9346695597.d85602554f3f0c24799ab6b1423033fb.2"
Referrer-Policy: no-referrer-when-downgrade
Content-Encoding: gzip
Date: Wed, 14 Sep 2022 06:50:27 GMT
Age: 2
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
c.disquscdn.com/next/embed/lounge.load.11e4d4419036ee9a10f4fa6b46721633.js
143.204.55.72200 OK 495 B URL HTTP/2 c.disquscdn.com/next/embed/lounge.load.11e4d4419036ee9a10f4fa6b46721633.js
IP 143.204.55.72:0
File type ASCII text, with very long lines (958), with no line terminators
Hash 64d31c78ba756456d69bdb54e6860b8e
5ce3de41f4cc04435b0b2e085ac408862c12a466
c86c0bc6b75532ab48f900337724348591e4015ce307d1949e52f101afd2226b
GET /next/embed/lounge.load.11e4d4419036ee9a10f4fa6b46721633.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://disqus.com
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 495
date: Mon, 12 Sep 2022 19:34:10 GMT
server: nginx
last-modified: Mon, 12 Sep 2022 19:13:42 GMT
etag: "631f84e6-1ef"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 12 Sep 2023 19:34:10 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3iEKz9P94hPg11lGTdhH59SW3bwcBzKHewIOl5sGwee-c4t6UMb8ZQ==
age: 126977
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
143.204.55.72200 OK 95 kB URL HTTP/2 c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
IP 143.204.55.72:0
File type ASCII text, with very long lines (32023)
Hash 7b99df04cc3984222b4f02f738de9fa4
f3eefe01e2f39579ceaca4927de1177711e01544
c64b6a193db830888df222e8c3d1d0c964cb9700e2ed62796e02dbe49a39d8ec
GET /next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 94755
date: Mon, 25 Jul 2022 05:21:29 GMT
server: nginx
last-modified: Fri, 22 Jul 2022 12:02:54 GMT
etag: "62da91ee-17223"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 25 Jul 2023 05:21:29 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FogqHwL25fQnG417MUoWGsWVIHBVpz0SrpMObOzWKcp_hw0wSGHbRw==
age: 4411738
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/styles/lounge.9772024640e1cec8d973cd80fb62abd8.css
143.204.55.72200 OK 26 kB URL HTTP/2 c.disquscdn.com/next/embed/styles/lounge.9772024640e1cec8d973cd80fb62abd8.css
IP 143.204.55.72:0
File type ASCII text, with very long lines (65469)
Hash 4ce72b6a8aa2f41bee77d2e9368008a3
5bcae35b33d95af653f83d0435bfb8b590a06254
4fbb9394a919e5b087e3d63b77781758489f02be847eb899e977518576a906cb
GET /next/embed/styles/lounge.9772024640e1cec8d973cd80fb62abd8.css HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://dramacool.sr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
content-length: 26136
date: Mon, 12 Sep 2022 19:34:09 GMT
server: nginx
last-modified: Mon, 12 Sep 2022 19:13:42 GMT
etag: "631f84e6-6618"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 12 Sep 2023 19:34:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vOBesBo7gXFRtW4GZfH1IaM73r3I1V8wDE-mNJptSJCLkPmAk2G5wQ==
age: 126978
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/lounge.bundle.29e6af40821697bba1cb55aca8ebe0da.js
143.204.55.72200 OK 124 kB URL HTTP/2 c.disquscdn.com/next/embed/lounge.bundle.29e6af40821697bba1cb55aca8ebe0da.js
IP 143.204.55.72:0
File type ASCII text, with very long lines (32035)
Size 124 kB (124008 bytes)
Hash c2be67ea36262afa1d757cce4842b658
a18b815d368d6b9d16836aa3e51fcebf10e74f42
93d5b2c272e433fe2f9128218e4b55babd694f884fd4ab59f88aa15e754dd41f
GET /next/embed/lounge.bundle.29e6af40821697bba1cb55aca8ebe0da.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://dramacool.sr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 124008
date: Mon, 12 Sep 2022 19:34:09 GMT
server: nginx
last-modified: Mon, 12 Sep 2022 19:13:42 GMT
etag: "631f84e6-1e468"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 12 Sep 2023 19:34:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pRstwfTPcc9u1YIO_G4eJkCjc-Wrq3JV6xyEcTJU7u6JF2WdDJd6Wg==
age: 126978
X-Firefox-Spdy: h2
disqus.com/next/config.js
151.101.192.134200 OK 16 kB URL HTTP/1.1 disqus.com/next/config.js
IP 151.101.192.134:0
File type ASCII text, with very long lines (16127), with no line terminators
Hash 78165d31560c2bf4064ae71dafff3993
69ce30957f04e499b2335677864aefbdd59f84da
75408f16c4d5d7fc6a5e2efa1968549638331d1eb0552dd6437b8999062f7f9e
GET /next/config.js HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://dramacool.sr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 16127
Server: nginx
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Wed, 14 Sep 2022 06:50:27 GMT
Age: 5
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
disqus.com/api/3.0/forums/details?forum=dramacool-ukph88jvsw&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
151.101.192.134200 OK 3.0 kB URL HTTP/1.1 disqus.com/api/3.0/forums/details?forum=dramacool-ukph88jvsw&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
IP 151.101.192.134:0
File type JSON data\012- , ASCII text, with very long lines (2992), with no line terminators
Hash 8ec71318ac69f075ae06e05638001706
34da3334908abeccceb11683026ef54ac5c2b05e
a011e3a03035f3ef32e0ca8c850a72f05f2b18f82f502651928f671fb821c4df
GET /api/3.0/forums/details?forum=dramacool-ukph88jvsw&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=dramacool-ukph88jvsw&t_u=https%3A%2F%2Fdramacool.sr%2Fdrama-detail%2Fmaids-revenge-2022&t_d=Watch%20Maid%27s%20Revenge%20(2022)%20Chinese%20Drama%20English%20Sub%20Episodes%20at...&t_t=Watch%20Maid%27s%20Revenge%20(2022)%20Chinese%20Drama%20English%20Sub%20Episodes%20at...&s_o=default
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2992
Server: nginx
Content-Type: application/json
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Wed, 14 Sep 2022 06:50:27 GMT
Age: 85
Vary: Origin, Cookie
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
143.204.55.72200 OK 27 kB URL HTTP/2 c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
IP 143.204.55.72:0
File type ASCII text, with very long lines (32024)
Hash 0c2785ae737e4a3a6baf270c42954aaa
ba03fa7243d6e4f184c3f2f05f733f5f40b96cc3
75310b8dcb511e824684c40202fb6edb67136e7b747e2d42c71a628bce42c2f2
GET /next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dramacool.sr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 26578
date: Mon, 25 Jul 2022 05:21:30 GMT
server: nginx
last-modified: Fri, 22 Jul 2022 12:02:54 GMT
etag: "62da91ee-67d2"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 25 Jul 2023 05:21:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oQRsC9w44uZeEeraFi91NOPArEK8s3HRoU-jXRGeHe0totEXRfU_cg==
age: 4411737
X-Firefox-Spdy: h2
a.disquscdn.com/1662551939/images/noavatar92.png
151.101.86.49200 OK 1.6 kB URL HTTP/2 a.disquscdn.com/1662551939/images/noavatar92.png
IP 151.101.86.49:0
File type PNG image data, 92 x 92, 8-bit/color RGB, non-interlaced\012- data
Hash 675fb4b91ca717db030507f2d84bcfdf
c8728df74487f907230358a1b08ae1a1b25f9ed4
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
GET /1662551939/images/noavatar92.png HTTP/1.1
Host: a.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
server: nginx
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
etag: "60395f01-66c"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Fri, 07 Oct 2022 13:56:43 GMT
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: cUjg1ejmQDWQIYSimcrbNQ-6NEjy5e1a3J52uQtVneGHQHbkKr0zfw==
date: Wed, 14 Sep 2022 06:50:27 GMT
age: 579224
strict-transport-security: max-age=300; includeSubdomains
content-length: 1644
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13541
Expires: Wed, 14 Sep 2022 10:36:08 GMT
Date: Wed, 14 Sep 2022 06:50:27 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13541
Expires: Wed, 14 Sep 2022 10:36:08 GMT
Date: Wed, 14 Sep 2022 06:50:27 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13541
Expires: Wed, 14 Sep 2022 10:36:08 GMT
Date: Wed, 14 Sep 2022 06:50:27 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13541
Expires: Wed, 14 Sep 2022 10:36:08 GMT
Date: Wed, 14 Sep 2022 06:50:27 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13541
Expires: Wed, 14 Sep 2022 10:36:08 GMT
Date: Wed, 14 Sep 2022 06:50:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7859b5f-1c86-429e-be16-f7b41657b096.jpeg
34.120.237.76200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7859b5f-1c86-429e-be16-f7b41657b096.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7be52d818b206e064541ef4f4b0786b
7674123112859fd79ee9214c5308ad6a5e4ed015
bb011cf1e3c97c42f22c0553b64c23f120fa52d4bc7b56b5bde5678226aff0ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7859b5f-1c86-429e-be16-f7b41657b096.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16980
x-amzn-requestid: f6211d45-1e26-49a6-8c46-412d8714501c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YSIvUHPwoAMFzFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d87fb-00d053687671af6214ea6ba9;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 07:02:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1ZhWlfWQgEMpTF4Nrnc3RTN71UZICYJTNpVNUvEsurjMDp2e8mta4Q==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 00:10:59 GMT
age: 23968
etag: "7674123112859fd79ee9214c5308ad6a5e4ed015"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0789404fdbe3613d465d8fa89a63d7b8
0617d2e513097ca415a1d07cd39b1cb64d832ecf
80e55e383f354113c3694bbcc00fd1c544a97079bd3c462f1b90e952c0634bac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10138
x-amzn-requestid: bdf798d9-6729-4363-a900-f32c4041d0c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YU5qsGZ-oAMFQ1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ea311-7b146c0620a83d5c00446f87;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 03:10:09 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OM9K72ukk0cuyR1ZcV5xWXnEd8U9OgeQi7bkCe0Pzn3BfdLMvSdSXg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 03:02:44 GMT
age: 13663
etag: "0617d2e513097ca415a1d07cd39b1cb64d832ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f5befd5bb8e6d5dad2465be69d5a33e4
e5b46c3ca439a09950290cada1af5e27cede10f2
4dc0a3373fb4c1830c4e2420dddbcbe8dceecf10e969cbe8d02368e41207832c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5988
x-amzn-requestid: a0d81c7a-14e3-443d-8fb7-19241f06d3c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yaux0H77IAMF2_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f80b-0fe6fbbe75e891b925f88dc2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 1X79jBMZa4UQmWsLdg_QIg5MQeersp1O3iSgpKd6R2f8Kl7PAJh0hQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:49:32 GMT
etag: "e5b46c3ca439a09950290cada1af5e27cede10f2"
content-type: image/jpeg
age: 32455
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c86775f-a6ef-49b2-85ad-4272db5b9f42.webp
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c86775f-a6ef-49b2-85ad-4272db5b9f42.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 80786e640acccfa61ef2aaa27a2a95fa
94663318844e6567f2d160d620eb9ed777fba2a3
686348c1aa038c5109c39c3491524a98bcfc5b1559568391ba7fb240a285a064
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c86775f-a6ef-49b2-85ad-4272db5b9f42.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9467
x-amzn-requestid: d14b460e-2aa5-41c8-9a8b-4da671156014
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv3HJJoAMFWgg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7fe-0643dea6458034ab51d840d5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: rVAqQoiN5d1Ph-lVvB7luXmG0zQJuvLi8I_B-xGbJjLkyyAid6rktw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:45:09 GMT
age: 32718
etag: "94663318844e6567f2d160d620eb9ed777fba2a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F660a99ba-8fb8-48d5-9b57-24bf119b1397.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F660a99ba-8fb8-48d5-9b57-24bf119b1397.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4d699a7d242c123b1f4912f4c534b87
42a6d9d5b99f94166f6ffbcfe510d19da97f3105
5b631de5a0c94dcd5a943a5be7f990ba7e9174449a9f732ef2448fb590e1b3d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F660a99ba-8fb8-48d5-9b57-24bf119b1397.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8164
x-amzn-requestid: 1c9b16e9-7ba7-45a9-842d-151e70aaf48f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YauxUG3XIAMFbCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f808-0c82bf512f8464187a9994fa;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: m2Wi-Ma_XppIdxDZcottTKm0wb7Y9kpvE3dMnQaesiQ-024MTIClKw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:45:11 GMT
age: 32716
etag: "42a6d9d5b99f94166f6ffbcfe510d19da97f3105"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.viglink.com/images/pixel.gif?ch=1&rn=9.721098045685773
104.16.161.13200 OK 43 B URL HTTP/2 cdn.viglink.com/images/pixel.gif?ch=1&rn=9.721098045685773
IP 104.16.161.13:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /images/pixel.gif?ch=1&rn=9.721098045685773 HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dramacool.sr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 06:50:27 GMT
content-type: image/gif
content-length: 43
x-amz-id-2: 9/IvErEY22tX4ULfeOpcwqHi8mHdiTNKhfXoUKN0roNG9pzTaiSmoLJTr0lztCcSl1VPXSGb0pg=
x-amz-request-id: D8NBHA8SGYQB6X08
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
etag: "221d8352905f2c38b3cb2bd191d630b0"
cache-control: max-age=15, must-revalidate
cf-cache-status: HIT
age: 1
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a730441b76b527-OSL
X-Firefox-Spdy: h2
cdn.viglink.com/images/pixel.gif?ch=2&rn=9.721098045685773
104.16.161.13200 OK 43 B URL HTTP/2 cdn.viglink.com/images/pixel.gif?ch=2&rn=9.721098045685773
IP 104.16.161.13:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /images/pixel.gif?ch=2&rn=9.721098045685773 HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dramacool.sr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 14 Sep 2022 06:50:27 GMT
content-type: image/gif
content-length: 43
x-amz-id-2: 9/IvErEY22tX4ULfeOpcwqHi8mHdiTNKhfXoUKN0roNG9pzTaiSmoLJTr0lztCcSl1VPXSGb0pg=
x-amz-request-id: D8NBHA8SGYQB6X08
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
etag: "221d8352905f2c38b3cb2bd191d630b0"
cache-control: max-age=15, must-revalidate
cf-cache-status: HIT
age: 1
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a730441b77b527-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56811a1a20a467464e1f3da171ef8b14
366b2090d409d694b72b4b4131df46dd65d69c5a
4c208fb88884166adf4ecc5882f75948b4a87d85c76ad6e7137e8edbd125c996
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15547
x-amzn-requestid: a78f7d90-84c3-4198-88bf-1d722c37f09f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4EUDoAMF13A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-49535e5525606250306488ba;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yP22CSG5x3BVfq29UMdw30TZcvuaL-kUDgjBZDUEMpRVDWqlZrCgdQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:42:05 GMT
age: 32902
etag: "366b2090d409d694b72b4b4131df46dd65d69c5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
referrer.disqus.com/juggler/event.gif?abe=1&embed_hidden=1&load_time=221&event=init_embed&thread=9346695597&forum=dramacool-ukph88jvsw&forum_id=7315247&imp=2si85l11td6jou&thread_slug=watch_maids_revenge_2022_chinese_drama_english_sub_episodes_at_94&user_type=anon&referrer=https%3A%2F%2Fdramacool.sr%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true
151.101.84.134200 OK 43 B URL HTTP/1.1 referrer.disqus.com/juggler/event.gif?abe=1&embed_hidden=1&load_time=221&event=init_embed&thread=9346695597&forum=dramacool-ukph88jvsw&forum_id=7315247&imp=2si85l11td6jou&thread_slug=watch_maids_revenge_2022_chinese_drama_english_sub_episodes_at_94&user_type=anon&referrer=https%3A%2F%2Fdramacool.sr%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true
IP 151.101.84.134:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /juggler/event.gif?abe=1&embed_hidden=1&load_time=221&event=init_embed&thread=9346695597&forum=dramacool-ukph88jvsw&forum_id=7315247&imp=2si85l11td6jou&thread_slug=watch_maids_revenge_2022_chinese_drama_english_sub_episodes_at_94&user_type=anon&referrer=https%3A%2F%2Fdramacool.sr%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true HTTP/1.1
Host: referrer.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=dramacool-ukph88jvsw&t_u=https%3A%2F%2Fdramacool.sr%2Fdrama-detail%2Fmaids-revenge-2022&t_d=Watch%20Maid%27s%20Revenge%20(2022)%20Chinese%20Drama%20English%20Sub%20Episodes%20at...&t_t=Watch%20Maid%27s%20Revenge%20(2022)%20Chinese%20Drama%20English%20Sub%20Episodes%20at...&s_o=default
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 43
Server: nginx
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Wed, 14 Sep 2022 06:50:27 GMT
Cross-Origin-Resource-Policy: cross-origin
links.services.disqus.com/api/ping
151.101.84.64200 OK 316 B URL HTTP/1.1 links.services.disqus.com/api/ping
IP 151.101.84.64:0
File type ASCII text, with very long lines (316), with no line terminators
Hash 8aa15957853f0cef33515e628f2a7788
e698e5ed22050f7dad8e727f04e2cde47e233867
c9b136d7d7b4f0daec22ad3b35adf0759912e682a65f087abbd01e090ce493fa
POST /api/ping HTTP/1.1
Host: links.services.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 161
Origin: https://dramacool.sr
Connection: keep-alive
Referer: https://dramacool.sr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 316
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dramacool.sr
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Date: Wed, 14 Sep 2022 06:50:28 GMT
Set-Cookie: vglnk.Agent.p=928f24a8006d5922ba5339e425ccad6d; Expires=Thu, 14 Sep 2023 06:50:28 GMT; path=/
vglnk.PartnerRfsh.p=; Expires=Thu, 14 Sep 2023 06:50:28 GMT; path=/
links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
151.101.84.64200 OK 43 B URL HTTP/1.1 links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
IP 151.101.84.64:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d HTTP/1.1
Host: links.services.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dramacool.sr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 43
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Date: Wed, 14 Sep 2022 06:50:28 GMT
Set-Cookie: vglnk.Agent.p=4b45635e220c7a49e762cf064f4ea52b; Expires=Thu, 14 Sep 2023 06:50:28 GMT; path=/
vglnk.PartnerRfsh.p=; Expires=Thu, 14 Sep 2023 06:50:28 GMT; path=/
links.services.disqus.com/api/domains
151.101.84.64200 OK 41 B URL HTTP/1.1 links.services.disqus.com/api/domains
IP 151.101.84.64:0
File type ASCII text, with no line terminators
Hash 4279245a47a2fa0b72eee199c69b08c4
4d6ff980fdc488e8278f94cdc391943aa827e98a
3d3fac966237d0b02c331a9beb8fa7d0910475bdf303462124999d7f065fb75d
POST /api/domains HTTP/1.1
Host: links.services.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 219
Origin: https://dramacool.sr
Connection: keep-alive
Referer: https://dramacool.sr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 41
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dramacool.sr
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Date: Wed, 14 Sep 2022 06:50:28 GMT
Set-Cookie: vglnk.Agent.p=e1213d83e83ab02e770347ce0de730c3; Expires=Thu, 14 Sep 2023 06:50:28 GMT; path=/
vglnk.PartnerRfsh.p=; Expires=Thu, 14 Sep 2023 06:50:28 GMT; path=/
dramacool.sr/drama-detail/maids-revenge-2022
172.67.158.198200 OK 0 B URL HTTP/2 dramacool.sr/drama-detail/maids-revenge-2022
IP 172.67.158.198:0
GET /drama-detail/maids-revenge-2022 HTTP/1.1
Host: dramacool.sr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 14 Sep 2022 06:50:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IlBLYlhFOWJQL0s5MGhhWlVnd1NvMlE9PSIsInZhbHVlIjoiRUlYb1VYdUNFakdyZE9TTVhGMzlVclRld0NxMG9RRFF4c1ZML0h5Ty8ySitVckJOQVJVRXJEYklyVUtyQ21FamMrTVNSK0tYaEF4Sm1pbDlZS2tBNUtDcmtWUTJOMWplZW9CVVh3OHFMMS80YmRhQ3ZkeWRZRGRpWHZsV3ZXcTUiLCJtYWMiOiIxNDY0NmIwMmUxNjE4Y2U5MzQ1MDA3MDljNGI1N2JiMGYxNzVmODljZTBkNDBiYTYwMjAyNDA5MjBhODc2NjgyIiwidGFnIjoiIn0%3D; expires=Wed, 14-Sep-2022 08:50:25 GMT; Max-Age=7200; path=/; samesite=lax
dramacool_session=eyJpdiI6ImFlYzBJWG0zazljdnRGSWZaSUF3MkE9PSIsInZhbHVlIjoidTNlRTJmRGcra0paWTRYN0crdXpyaWprRVBsZkIwWG9tVzdvSjVEZG0vS1JmOHQ5SGVhTlRDeG4xeWlpMG0xQnhwdXJ1elcydnArb0VJQXZkUFN2OUZ0MWV6aWFyRkpvYjY5YnQ2VjU4cGlLNURNR2hVcXcxSGhUQjJjQ2dIbW0iLCJtYWMiOiIwM2Y3OGFlNTUxZDA2Y2NlNjY0ZmY5OTBmZTlhMjk0ZTE5NjBiMWFiODU2ZjE4ZTc3N2ViZGI3NDRkMzhkZmNhIiwidGFnIjoiIn0%3D; expires=Wed, 14-Sep-2022 08:50:25 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bo9KXeis9UdXmnxwKb8P14h51nRC31ss1XdMG%2FWAXd33F6Jv4gfK5XKfpd2xCjunfYhXL6uKV10jIcIY%2BGSb6oqs%2BTlmJzj%2BO%2FQlvnftOsAj5XeZ9awXGX1VNgFBUs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74a7303449d50afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
grunoaph.net/?rb=g827647s_nbY4YY3NWsff90W14qBOoe_2e4quLrj-xlodScidtxhi3yp5Vc2Im6kSydx6L0WHdnv7sbWCLJD6PNZjAI18UpZXq-6Up9DqNhVEWcCnTEreUHMydmHIpkIMcfTRB5A4Adv8bT92-mEYQ9GQzAK0hSCRYfNW-u3gbK-oyYdUTf89NFCknaD4dFs1_Vb4jQIGLRYcSC9Pil9hQ%3D%3D&request_ab2=0&zoneid=5360946&js_build=iclick-v1.426.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fdramacool.sr%2Fdrama-detail%2Fmaids-revenge-2022&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.426.0&bs=88bdd86e-7e63-4889-9ad3-b8568eaf9ea3&userId=e1e667d2dccd436792e6274ab0009a03&m=link
139.45.197.238200 OK 0 B URL HTTP/2 grunoaph.net/?rb=g827647s_nbY4YY3NWsff90W14qBOoe_2e4quLrj-xlodScidtxhi3yp5Vc2Im6kSydx6L0WHdnv7sbWCLJD6PNZjAI18UpZXq-6Up9DqNhVEWcCnTEreUHMydmHIpkIMcfTRB5A4Adv8bT92-mEYQ9GQzAK0hSCRYfNW-u3gbK-oyYdUTf89NFCknaD4dFs1_Vb4jQIGLRYcSC9Pil9hQ%3D%3D&request_ab2=0&zoneid=5360946&js_build=iclick-v1.426.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fdramacool.sr%2Fdrama-detail%2Fmaids-revenge-2022&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.426.0&bs=88bdd86e-7e63-4889-9ad3-b8568eaf9ea3&userId=e1e667d2dccd436792e6274ab0009a03&m=link
IP 139.45.197.238:0
Analyzer Verdict Alert quad9 Sinkholed
GET /?rb=g827647s_nbY4YY3NWsff90W14qBOoe_2e4quLrj-xlodScidtxhi3yp5Vc2Im6kSydx6L0WHdnv7sbWCLJD6PNZjAI18UpZXq-6Up9DqNhVEWcCnTEreUHMydmHIpkIMcfTRB5A4Adv8bT92-mEYQ9GQzAK0hSCRYfNW-u3gbK-oyYdUTf89NFCknaD4dFs1_Vb4jQIGLRYcSC9Pil9hQ%3D%3D&request_ab2=0&zoneid=5360946&js_build=iclick-v1.426.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fdramacool.sr%2Fdrama-detail%2Fmaids-revenge-2022&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.426.0&bs=88bdd86e-7e63-4889-9ad3-b8568eaf9ea3&userId=e1e667d2dccd436792e6274ab0009a03&m=link HTTP/1.1
Host: grunoaph.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dramacool.sr/
Origin: https://dramacool.sr
Connection: keep-alive
Cookie: OAID=e1e667d2dccd436792e6274ab0009a03; oaidts=1663138226
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 06:50:26 GMT
content-type: application/json
x-trace-id: ba0483b4a7c0de616705e66b0745aa87
access-control-allow-origin: https://dramacool.sr
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=e1e667d2dccd436792e6274ab0009a03; expires=Thu, 14 Sep 2023 06:50:26 GMT; path=/; secure; SameSite=None
oaidts=1663138226; expires=Thu, 14 Sep 2023 06:50:26 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 21 Sep 2022 06:50:26 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
grunoaph.net/5/5360946/?oo=1&aab=1
139.45.197.238200 OK 0 B URL HTTP/2 grunoaph.net/5/5360946/?oo=1&aab=1
IP 139.45.197.238:0
Analyzer Verdict Alert quad9 Sinkholed
GET /5/5360946/?oo=1&aab=1 HTTP/1.1
Host: grunoaph.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dramacool.sr
Connection: keep-alive
Referer: https://dramacool.sr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 06:50:26 GMT
content-type: application/json
x-trace-id: 6ca8cb18426233c795961ed6ed8182c8
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://dramacool.sr
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=e1e667d2dccd436792e6274ab0009a03; expires=Thu, 14 Sep 2023 06:50:26 GMT; path=/; secure; SameSite=None
oaidts=1663138226; expires=Thu, 14 Sep 2023 06:50:26 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2