urlscan.io logo urlscan.io
SecurityTrails logo

dramacool9.co Open in urlscan Pro
2606:4700:3033::681b:94e0  Public Scan

Go To Rescan Add Verdict Report
URL: http://dramacool9.co/?s=jewel+in+the+palace
Submission: On April 01 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 7 countries across 13 domains to perform 43 HTTP transactions. The main IP is 2606:4700:3033::681b:94e0, located in United States and belongs to CLOUDFLARENET, US. The main domain is dramacool9.co.
This is the only time dramacool9.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
8 18 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 213.32.115.24 16276 (OVH)
2 103.90.220.251 135905 (VNPT-AS-V...)
2 104.22.52.65 13335 (CLOUDFLAR...)
1 81.177.141.171 8342 (RTCOMM-AS)
3 2a00:1450:400... 15169 (GOOGLE)
4 51.75.172.218 16276 (OVH)
1 10 104.19.136.78 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.19.137.80 13335 (CLOUDFLAR...)
1 2.16.186.80 20940 (AKAMAI-ASN1)
1 2 2.16.31.65 16625 (AKAMAI-AS)
2 2 52.49.13.31 16509 (AMAZON-02)
43 15
1    2606:4700:3033::681b:94e0 (United States)

ASN13335 (CLOUDFLARENET, US)
dramacool9.co
18    2606:4700:3036::681b:95e0 (United States)

ASN13335 (CLOUDFLARENET, US)
www.dramacool9.co
2    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    213.32.115.24 (France)

ASN16276 (OVH, FR)
PTR: ip24.ip-213-32-115.eu
idspatchi.com
2    103.90.220.251 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)
syndi.adxpub.com
serv.adxpub.com
2    104.22.52.65 (United States)

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
1    81.177.141.171 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)
PTR: srv125-h-st.jino.ru
ga-analytics.com
3    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    51.75.172.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-51-75-172.eu
hoemasfat.site
10    104.19.136.78 (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
cdn.mgid.com
servicer.mgid.com
s-img.mgid.com
cm.mgid.com
c.mgid.com
2    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    104.19.137.80 (United States)

ASN13335 (CLOUDFLARENET, US)
cm.steepto.com
1    2.16.186.80 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-80.deploy.static.akamaitechnologies.com
b.scorecardresearch.com
2    2.16.31.65 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-31-65.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
2    52.49.13.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-13-31.eu-west-1.compute.amazonaws.com
match.adsrvr.org
Domain Requested by
18 www.dramacool9.co 8 redirects dramacool9.co
4 hoemasfat.site idspatchi.com
dramacool9.co
3 s-img.mgid.com
3 www.google-analytics.com www.googletagmanager.com
dramacool9.co
2 match.adsrvr.org 2 redirects
2 sb.scorecardresearch.com 1 redirects
2 cm.steepto.com jsc.mgid.com
2 fonts.gstatic.com dramacool9.co
jsc.mgid.com
2 cdn.mgid.com dramacool9.co
jsc.mgid.com
2 jsc.mgid.com 1 redirects dramacool9.co
2 www.googletagmanager.com dramacool9.co
1 c.mgid.com
1 cm.mgid.com
1 b.scorecardresearch.com jsc.mgid.com
1 servicer.mgid.com jsc.mgid.com
1 serv.adxpub.com syndi.adxpub.com
1 c.statcounter.com www.statcounter.com
1 ga-analytics.com dramacool9.co
1 www.statcounter.com dramacool9.co
1 syndi.adxpub.com dramacool9.co
1 idspatchi.com dramacool9.co
1 dramacool9.co
43 22

This site contains links to these domains. Also see Links.

Domain
www.dramacool9.co
wordpress.org
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-09-12 -
2020-09-11		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.adxpub.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-15 -
2020-10-14		 a year crt.sh
us-dallas.statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2019-11-22 -
2020-10-29		 a year crt.sh
hoemasfat.site
Let's Encrypt Authority X3		 2020-03-03 -
2020-06-01		 3 months crt.sh
ssl382684.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-11-07 -
2020-05-15		 6 months crt.sh
*.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
ssl382690.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-11-07 -
2020-05-15		 6 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2019-12-16 -
2020-12-25		 a year crt.sh

This page contains 3 frames:

Primary Page: http://dramacool9.co/?s=jewel+in+the+palace
Frame ID: F414E07CE29FA18A16954B6CBF367D28
Requests: 28 HTTP requests in this frame

Frame: https://jsc.mgid.com/a/d/adxpub.dramacool9.co.786625.js
Frame ID: 139A680EF77BA847E030939C303D9D07
Requests: 15 HTTP requests in this frame

Frame: https://cm.steepto.com/i-noref.js?cbuster=1585705581749332651962
Frame ID: B8392C5319E36B55440ABBB2E137800F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

43
Requests

86 %
HTTPS

33 %
IPv6

13
Domains

22
Subdomains

15
IPs

7
Countries

303 kB
Transfer

693 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://www.dramacool9.co/wp-content/plugins/very-simple-contact-form/css/vscf-style.min.css?ver=4.9.13 HTTP 301
  • https://www.dramacool9.co/wp-content/plugins/very-simple-contact-form/css/vscf-style.min.css?ver=4.9.13
Request Chain 2
  • http://www.dramacool9.co/wp-content/themes/dramacool9/fonts/simple-line-icons.min.css?ver=2.3.3 HTTP 301
  • https://www.dramacool9.co/wp-content/themes/dramacool9/fonts/simple-line-icons.min.css?ver=2.3.3
Request Chain 3
  • http://www.dramacool9.co/wp-content/themes/dramacool9/style.css?ver=4.9.13 HTTP 301
  • https://www.dramacool9.co/wp-content/themes/dramacool9/style.css?ver=4.9.13
Request Chain 4
  • http://www.dramacool9.co/js/jquery-3.1.1.min.js?ver=3.1.1 HTTP 301
  • https://www.dramacool9.co/js/jquery-3.1.1.min.js?ver=3.1.1
Request Chain 7
  • http://www.dramacool9.co/wp-content/themes/dramacool9/images/logo.jpg HTTP 301
  • https://www.dramacool9.co/wp-content/themes/dramacool9/images/logo.jpg
Request Chain 8
  • http://www.dramacool9.co/wp-content/themes/dramacool9/images/logo-mobile.png HTTP 301
  • https://www.dramacool9.co/wp-content/themes/dramacool9/images/logo-mobile.png
Request Chain 9
  • http://www.dramacool9.co/wp-content/uploads/2018/12/Jewel-in-the-Palace-180x220.jpg HTTP 301
  • https://www.dramacool9.co/wp-content/uploads/2018/12/Jewel-in-the-Palace-180x220.jpg
Request Chain 12
  • http://www.dramacool9.co/wp-content/themes/dramacool9/js/main.js?ver=20171003 HTTP 301
  • https://www.dramacool9.co/wp-content/themes/dramacool9/js/main.js?ver=20171003
Request Chain 27
  • http://jsc.mgid.com/a/d/adxpub.dramacool9.co.786625.js HTTP 301
  • https://jsc.mgid.com/a/d/adxpub.dramacool9.co.786625.js
Request Chain 40
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1585705581807&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fdramacool9.co%2F%3Fs%3Djewel%2Bin%2Bthe%2Bpalace&c9=http%3A%2F%2Fdramacool9.co%2F%3Fs%3Djewel%2Bin%2Bthe%2Bpalace HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1585705581807&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fdramacool9.co%2F%3Fs%3Djewel%2Bin%2Bthe%2Bpalace&c9=http%3A%2F%2Fdramacool9.co%2F%3Fs%3Djewel%2Bin%2Bthe%2Bpalace
Request Chain 41
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=5c590a72-64fc-445d-b45e-fa52f8381ac8&ttl=1588297582

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
dramacool9.co/ 		21 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://dramacool9.co/?s=jewel+in+the+palace
Protocol
HTTP/1.1
Server
2606:4700:3033::681b:94e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c826225c7a04f3cc786a7fd5f2704013ce71b8b4dca4e13793427507c2fd7016

Request headers

Host
dramacool9.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 01 Apr 2020 01:46:19 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dc01145168775b9fd5a845105a0572de41585705579; expires=Fri, 01-May-20 01:46:19 GMT; path=/; domain=.dramacool9.co; HttpOnly; SameSite=Lax
Vary
Accept-Encoding
Link
<http://www.dramacool9.co/wp-json/>; rel="https://api.w.org/"
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
57cea2c09d709c2d-AMS
Content-Encoding
gzip
style.css
www.dramacool9.co/wp-content/plugins/search-filter/ 		577 B
509 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dramacool9.co/wp-content/plugins/search-filter/style.css?ver=1
Requested by
Host: dramacool9.co
URL: http://dramacool9.co/?s=jewel+in+the+palace
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:95e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
071ca38b8cec663d589e0f75341f534a696edc4aee2b99d6e502c98fa04ee020

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 01 Apr 2020 01:46:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 23 Mar 2019 09:27:11 GMT
server
cloudflare
age
136668
etag
W/"5c95fbef-241"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=604800
cf-ray
57cea2c22fd7d901-AMS
expires
Mon, 06 Apr 2020 11:48:31 GMT
vscf-style.min.css
www.dramacool9.co/wp-content/plugins/very-simple-contact-form/css/
Redirect Chain
  • http://www.dramacool9.co/wp-content/plugins/very-simple-contact-form/css/vscf-style.min.css?ver=4.9.13
  • https://www.dramacool9.co/wp-content/plugins/very-simple-contact-form/css/vscf-style.min.css?ver=4.9.13
813 B
382 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dramacool9.co/wp-content/plugins/very-simple-contact-form/css/vscf-style.min.css?ver=4.9.13
Requested by
Host: dramacool9.co
URL: http://dramacool9.co/?s=jewel+in+the+palace
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:95e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
132d9692b5cd45a0e114636ff8ba6eee1ad43ed6579d8fab2abfa4b9d1c79d50

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Apr 2020 01:46:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 10 Oct 2019 03:50:09 GMT
server
cloudflare
age
483602
etag
W/"5d9eaa71-32d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=604800
cf-ray
57cea2c23ffed901-AMS
expires
Thu, 02 Apr 2020 11:26:17 GMT

Redirect headers

Date
Wed, 01 Apr 2020 01:46:19 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://www.dramacool9.co/wp-content/plugins/very-simple-contact-form/css/vscf-style.min.css?ver=4.9.13
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57cea2c1f8eafa60-AMS
Expires
Wed, 01 Apr 2020 02:46:19 GMT
simple-line-icons.min.css
www.dramacool9.co/wp-content/themes/dramacool9/fonts/
Redirect Chain
  • http://www.dramacool9.co/wp-content/themes/dramacool9/fonts/simple-line-icons.min.css?ver=2.3.3
  • https://www.dramacool9.co/wp-content/themes/dramacool9/fonts/simple-line-icons.min.css?ver=2.3.3
4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dramacool9.co/wp-content/themes/dramacool9/fonts/simple-line-icons.min.css?ver=2.3.3
Requested by
Host: dramacool9.co
URL: http://dramacool9.co/?s=jewel+in+the+palace
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:95e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8d7819fd67466d69ea255fc21234db1b2ce957799c6fce78b4aca56e8ff1663

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Apr 2020 01:46:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Sep 2018 12:16:52 GMT
server
cloudflare
age
483600
etag
W/"5b97b234-fab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=604800
cf-ray
57cea2c22fe3d901-AMS
expires
Thu, 02 Apr 2020 11:26:19 GMT

Redirect headers

Date
Wed, 01 Apr 2020 01:46:19 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://www.dramacool9.co/wp-content/themes/dramacool9/fonts/simple-line-icons.min.css?ver=2.3.3
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57cea2c1f920d921-AMS
Expires
Wed, 01 Apr 2020 02:46:19 GMT
style.css
www.dramacool9.co/wp-content/themes/dramacool9/
Redirect Chain
  • http://www.dramacool9.co/wp-content/themes/dramacool9/style.css?ver=4.9.13
  • https://www.dramacool9.co/wp-content/themes/dramacool9/style.css?ver=4.9.13
47 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dramacool9.co/wp-content/themes/dramacool9/style.css?ver=4.9.13
Requested by
Host: dramacool9.co
URL: http://dramacool9.co/?s=jewel+in+the+palace
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:95e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ad913b76301698a67b6f35a0508c493965e0afe82b1bb1e9100937b18a9a5d7

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Apr 2020 01:46:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 12 Mar 2020 10:48:53 GMT
server
cloudflare
age
483600
etag
W/"5e6a1395-bb87"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=604800
cf-ray
57cea2c22fded901-AMS
expires
Thu, 02 Apr 2020 11:26:19 GMT

Redirect headers

Date
Wed, 01 Apr 2020 01:46:19 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://www.dramacool9.co/wp-content/themes/dramacool9/style.css?ver=4.9.13
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57cea2c1fcbfc863-AMS
Expires
Wed, 01 Apr 2020 02:46:19 GMT
jquery-3.1.1.min.js
www.dramacool9.co/js/
Redirect Chain
  • http://www.dramacool9.co/js/jquery-3.1.1.min.js?ver=3.1.1
  • https://www.dramacool9.co/js/jquery-3.1.1.min.js?ver=3.1.1
85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dramacool9.co/js/jquery-3.1.1.min.js?ver=3.1.1
Requested by
Host: dramacool9.co
URL: http://dramacool9.co/?s=jewel+in+the+palace
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:95e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Apr 2020 01:46:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 14 Mar 2020 15:15:58 GMT
server
cloudflare
age
483600
etag
W/"5e6cf52e-152b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
cf-ray
57cea2c22fe6d901-AMS
expires
Thu, 02 Apr 2020 11:26:19 GMT

Redirect headers

Date
Wed, 01 Apr 2020 01:46:19 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://www.dramacool9.co/js/jquery-3.1.1.min.js?ver=3.1.1
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57cea2c20df3fa40-AMS
Expires
Wed, 01 Apr 2020 02:46:19 GMT
js
www.googletagmanager.com/gtag/ 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-131447009-1
Requested by
Host: dramacool9.co
URL: http://dramacool9.co/?s=jewel+in+the+palace
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
83faa770b32e28b7eaabf5b3dadc4422a5da58a8826d95e5f2d34bdb89c39c09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 01 Apr 2020 01:46:19 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28642
x-xss-protection
0
last-modified
Wed, 01 Apr 2020 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 01 Apr 2020 01:46:19 GMT
16782
idspatchi.com/1clkn/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://idspatchi.com/1clkn/16782
Requested by
Host: dramacool9.co
URL: http://dramacool9.co/?s=jewel+in+the+palace
Protocol
HTTP/1.1
Server
213.32.115.24 , France, ASN16276 (OVH, FR),
Reverse DNS
ip24.ip-213-32-115.eu
Software
nginx /
Resource Hash
b450e0a93a4b104eafa9b9f483e2754a2d64de445ae7fc6769bfef8e0b1940c2

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 01 Apr 2020 01:46:19 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=20
logo.jpg
www.dramacool9.co/wp-content/themes/dramacool9/images/
Redirect Chain
  • http://www.dramacool9.co/wp-content/themes/dramacool9/images/logo.jpg
  • https://www.dramacool9.co/wp-content/themes/dramacool9/images/logo.jpg
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dramacool9.co/wp-content/themes/dramacool9/images/logo.jpg
Requested by
Host: dramacool9.co
URL: http://dramacool9.co/?s=jewel+in+the+palace
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:95e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40aa0428d1ca81211efca4d159a7734b5bfc7b480f2af6106bd7b99cba004901

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Apr 2020 01:46:19 GMT
cf-cache-status
HIT
last-modified
Tue, 11 Sep 2018 12:48:11 GMT
server
cloudflare
age
1693209
etag
"5b97b98b-1367"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
57cea2c2789ad901-AMS
content-length
4967
expires
Sat, 11 Apr 2020 11:26:10 GMT

Redirect headers

Date
Wed, 01 Apr 2020 01:46:19 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://www.dramacool9.co/wp-content/themes/dramacool9/images/logo.jpg
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57cea2c259e0d921-AMS
Expires
Wed, 01 Apr 2020 02:46:19 GMT
logo-mobile.png
www.dramacool9.co/wp-content/themes/dramacool9/images/
Redirect Chain
  • http://www.dramacool9.co/wp-content/themes/dramacool9/images/logo-mobile.png
  • https://www.dramacool9.co/wp-content/themes/dramacool9/images/logo-mobile.png
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dramacool9.co/wp-content/themes/dramacool9/images/logo-mobile.png
Requested by
Host: dramacool9.co
URL: http://dramacool9.co/?s=jewel+in+the+palace
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:95e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02e359ce2a9a6df5792c5e146bed2af8d22ddebd39b407f6063959e74f6ab46d

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Apr 2020 01:46:19 GMT
cf-cache-status
HIT
last-modified
Tue, 11 Sep 2018 12:48:07 GMT
server
cloudflare
age
1693209
etag
"5b97b987-b4b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
57cea2c298cbd901-AMS
content-length
2891
expires
Sat, 11 Apr 2020 11:26:10 GMT

Redirect headers

Date
Wed, 01 Apr 2020 01:46:19 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://www.dramacool9.co/wp-content/themes/dramacool9/images/logo-mobile.png
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57cea2c26a02fa60-AMS
Expires
Wed, 01 Apr 2020 02:46:19 GMT
Jewel-in-the-Palace-180x220.jpg
www.dramacool9.co/wp-content/uploads/2018/12/
Redirect Chain
  • http://www.dramacool9.co/wp-content/uploads/2018/12/Jewel-in-the-Palace-180x220.jpg
  • https://www.dramacool9.co/wp-content/uploads/2018/12/Jewel-in-the-Palace-180x220.jpg
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dramacool9.co/wp-content/uploads/2018/12/Jewel-in-the-Palace-180x220.jpg
Requested by
Host: dramacool9.co
URL: http://dramacool9.co/?s=jewel+in+the+palace
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:95e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49a94e43103c95bb77a59a99383bc61f932ef27ecce525a1631feb7204fe9165

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Apr 2020 01:46:19 GMT
cf-cache-status
HIT
last-modified
Tue, 14 Jan 2020 12:59:56 GMT
server
cloudflare
age
1684088
etag
"5e1dbb4c-27a8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
57cea2c298cdd901-AMS
content-length
10152
expires
Sat, 11 Apr 2020 13:58:11 GMT

Redirect headers

Date
Wed, 01 Apr 2020 01:46:19 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://www.dramacool9.co/wp-content/uploads/2018/12/Jewel-in-the-Palace-180x220.jpg
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57cea2c26ee3fa40-AMS
Expires
Wed, 01 Apr 2020 02:46:19 GMT
adx-delivery.min.js
syndi.adxpub.com/javascripts/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://syndi.adxpub.com/javascripts/adx-delivery.min.js
Requested by
Host: dramacool9.co
URL: http://dramacool9.co/?s=jewel+in+the+palace
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.90.220.251 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
nginx /
Resource Hash
b192a0ca875db1fe7d59cf1991fc2dc2ed518164f4cde3029ac013a0676ae8f4

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Wed, 01 Apr 2020 01:46:20 GMT
Last-Modified
Mon, 09 Mar 2020 04:14:39 GMT
Server
nginx
ETag
"5e65c2af-1537"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5431
js
www.googletagmanager.com/gtag/ 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-132524096-1
Requested by
Host: dramacool9.co
URL: http://dramacool9.co/?s=jewel+in+the+palace
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
367ff1bd2a4e4df4ee1ad5dccae6a730c5a0d6db4e02bbad21135424c325edc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 01 Apr 2020 01:46:19 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28643
x-xss-protection
0
last-modified
Wed, 01 Apr 2020 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 01 Apr 2020 01:46:19 GMT
main.js
www.dramacool9.co/wp-content/themes/dramacool9/js/
Redirect Chain
  • http://www.dramacool9.co/wp-content/themes/dramacool9/js/main.js?ver=20171003
  • https://www.dramacool9.co/wp-content/themes/dramacool9/js/main.js?ver=20171003
9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dramacool9.co/wp-content/themes/dramacool9/js/main.js?ver=20171003
Requested by
Host: dramacool9.co
URL: http://dramacool9.co/?s=jewel+in+the+palace
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:95e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75a07319b4f58d19449fafcfe3fed0d259859dfaf253ce7c3b0e683ef2bb5cbf

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Apr 2020 01:46:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Jul 2019 01:36:09 GMT
server
cloudflare
age
483600
etag
W/"5d311e89-24f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
cf-ray
57cea2c24810d901-AMS
expires
Thu, 02 Apr 2020 11:26:19 GMT

Redirect headers

Date
Wed, 01 Apr 2020 01:46:19 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://www.dramacool9.co/wp-content/themes/dramacool9/js/main.js?ver=20171003
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57cea2c21958d921-AMS
Expires
Wed, 01 Apr 2020 02:46:19 GMT
counter.js
www.statcounter.com/counter/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: dramacool9.co
URL: http://dramacool9.co/?s=jewel+in+the+palace
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4af4e87a3c8c8c300d4fb8ffe1627624a8c5463c0d48d3ebb4fcf3ec2da3f7dd

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 01 Apr 2020 01:46:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Mar 2020 14:45:36 GMT
server
cloudflare
age
18378
etag
W/"5e723410-7fd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=43200
cf-ray
57cea2c2dc3ee58b-MAN
expires
Wed, 01 Apr 2020 08:40:01 GMT
assets.js
ga-analytics.com/ 		39 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ga-analytics.com/assets.js
Requested by
Host: dramacool9.co
URL: http://dramacool9.co/?s=jewel+in+the+palace
Protocol
HTTP/1.1
Server
81.177.141.171 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
srv125-h-st.jino.ru
Software
Jino.ru/mod_pizza /
Resource Hash
8583c7c374712909ed75df559ce0e6960fa1d70be753a5b2250dbcd033488b99

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 01 Apr 2020 01:46:20 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Nov 2019 08:17:23 GMT
Server
Jino.ru/mod_pizza
ETag
"4f4274b-9b69-597eb0b1b4ac0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16695
bg.jpg
www.dramacool9.co/wp-content/themes/dramacool9/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dramacool9.co/wp-content/themes/dramacool9/images/bg.jpg
Requested by
Host: dramacool9.co
URL: http://dramacool9.co/?s=jewel+in+the+palace
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:95e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5537535a9a23ece6018f2e10f7f6eb80cea6bb3cd2df07f09d17e8422a014444

Request headers

Referer
https://www.dramacool9.co/wp-content/themes/dramacool9/style.css?ver=4.9.13
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 01 Apr 2020 01:46:19 GMT
cf-cache-status
HIT
last-modified
Wed, 12 Sep 2018 06:35:54 GMT
server
cloudflare
age
1693209
etag
"5b98b3ca-11df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
57cea2c2787dd901-AMS
content-length
4575
expires
Sat, 11 Apr 2020 11:26:10 GMT
simple-line-icons.woff
www.dramacool9.co/wp-content/themes/dramacool9/fonts/ 		0
0
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131447009-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
4367
date
Wed, 01 Apr 2020 00:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Wed, 01 Apr 2020 02:33:32 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1413662734&t=pageview&_s=1&dl=http%3A%2F%2Fdramacool9.co%2F%3Fs%3Djewel%2Bin%2Bthe%2Bpalace&ul=en-us&de=UTF-8&dt=Search%20Results%20jewel%20in%20the%20palace%20EngSub%20%7C%20Watch%20Search%20Results%20jewel%20in%20the%20palace%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1711484427&gjid=1630742694&cid=1781792010.1585705580&tid=UA-131447009-1&_gid=972408608.1585705580&_r=1&gtm=2ou3i0&z=22421420
Requested by
Host: dramacool9.co
URL: http://dramacool9.co/?s=jewel+in+the+palace
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Wed, 01 Apr 2020 01:46:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1413662734&t=pageview&_s=1&dl=http%3A%2F%2Fdramacool9.co%2F%3Fs%3Djewel%2Bin%2Bthe%2Bpalace&ul=en-us&de=UTF-8&dt=Search%20Results%20jewel%20in%20the%20palace%20EngSub%20%7C%20Watch%20Search%20Results%20jewel%20in%20the%20palace%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAUAB~&jid=80189960&gjid=2134330677&cid=1781792010.1585705580&tid=UA-132524096-1&_gid=972408608.1585705580&_r=1&gtm=2ou3i0&z=1272100093
Requested by
Host: dramacool9.co
URL: http://dramacool9.co/?s=jewel+in+the+palace
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Wed, 01 Apr 2020 01:46:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
pntne
hoemasfat.site/ 		0
370 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hoemasfat.site/pntne
Requested by
Host: idspatchi.com
URL: http://idspatchi.com/1clkn/16782
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
51.75.172.218 , France, ASN16276 (OVH, FR),
Reverse DNS
ip218.ip-51-75-172.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
http://dramacool9.co
Referer
http://dramacool9.co/?s=jewel+in+the+palace
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Wed, 01 Apr 2020 01:46:20 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
*
Keep-Alive
timeout=20
t.php
c.statcounter.com/ 		49 B
552 B 		Other
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=11857087&java=1&security=513b4a2c&u1=6516CA40BF3B4F71FFE9E4C42711C989&sc_rum_f_s=0&sc_rum_f_e=409&sc_rum_e_s=422&sc_rum_e_e=440&sc_random=0.6731884366666119&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=http%3A//dramacool9.co/%3Fs%3Djewel+in+the+palace&t=Search%20Results%20jewel%20in%20the%20palace%20EngSub%20%7C%20Watch%20Search%20Results%20jewel%20in%20the%20palace%20Online&sc_snum=1&sess=5f6681&p=0&invisible=1
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
Origin
http://dramacool9.co
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 01 Apr 2020 01:46:20 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
status
200
cf-ray
57cea2c34ccfe58b-MAN
content-type
image/gif
content-length
49
expires
Mon, 26 Jul 1997 05:00:00 GMT
simple-line-icons.ttf
www.dramacool9.co/wp-content/themes/dramacool9/fonts/ 		0
0
pntne
hoemasfat.site/ 		2 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hoemasfat.site/pntne
Requested by
Host: dramacool9.co
URL: http://dramacool9.co/?s=jewel+in+the+palace
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
51.75.172.218 , France, ASN16276 (OVH, FR),
Reverse DNS
ip218.ip-51-75-172.eu
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept
application/json
Referer
http://dramacool9.co/?s=jewel+in+the+palace
Origin
http://dramacool9.co
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 01 Apr 2020 01:46:20 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
http://dramacool9.co
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
*
Keep-Alive
timeout=20
pntne
hoemasfat.site/ 		0
370 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hoemasfat.site/pntne
Requested by
Host: idspatchi.com
URL: http://idspatchi.com/1clkn/16782
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
51.75.172.218 , France, ASN16276 (OVH, FR),
Reverse DNS
ip218.ip-51-75-172.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
http://dramacool9.co
Referer
http://dramacool9.co/?s=jewel+in+the+palace
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Wed, 01 Apr 2020 01:46:20 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
*
Keep-Alive
timeout=20
pntne
hoemasfat.site/ 		2 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hoemasfat.site/pntne
Requested by
Host: dramacool9.co
URL: http://dramacool9.co/?s=jewel+in+the+palace
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
51.75.172.218 , France, ASN16276 (OVH, FR),
Reverse DNS
ip218.ip-51-75-172.eu
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept
application/json
Referer
http://dramacool9.co/?s=jewel+in+the+palace
Origin
http://dramacool9.co
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 01 Apr 2020 01:46:20 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
http://dramacool9.co
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
*
Keep-Alive
timeout=20
rXRV5on1Pmcb1XGd9Z07.json
serv.adxpub.com/ 		313 B
574 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://serv.adxpub.com/rXRV5on1Pmcb1XGd9Z07.json?pageurl=http://dramacool9.co/?s=jewel+in+the+palace
Requested by
Host: syndi.adxpub.com
URL: https://syndi.adxpub.com/javascripts/adx-delivery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.90.220.251 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
nginx / Express
Resource Hash
7c150b3546efc02632c70269f6724cc7e2c5b5396ae94eb51029891f7bee42c2

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
Origin
http://dramacool9.co
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 01 Apr 2020 01:46:21 GMT
ETag
W/"139-3LQxX6zngr82lmSxwnuS2aDfkIc"
Server
nginx
X-Powered-By
Express
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
313
adxpub.dramacool9.co.786625.js
jsc.mgid.com/a/d/ Frame 139A
Redirect Chain
  • http://jsc.mgid.com/a/d/adxpub.dramacool9.co.786625.js
  • https://jsc.mgid.com/a/d/adxpub.dramacool9.co.786625.js
134 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/a/d/adxpub.dramacool9.co.786625.js
Requested by
Host: dramacool9.co
URL: http://dramacool9.co/?s=jewel+in+the+palace
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
528ee9326420cbda9a053a85445ba4850b9151a4e3b2c6a697a7b445f7f44ed1

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Apr 2020 01:46:21 GMT
content-encoding
br
cf-cache-status
HIT
age
6670
cf-polished
origSize=137316
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id
F3F7033C1DC7847C
x-amz-id-2
IXv3eHBKVAc4r/HcM142xw6YmDQdGTg2/tQjz4Tv1+KO194R/LbNJN48UH+H+lMG+4LIB1M/HYk=
last-modified
Tue, 31 Mar 2020 19:47:51 GMT
server
cloudflare
etag
W/"abeaf76dbe28b0d78104c85985210a29"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
expires
Wed, 01 Apr 2020 02:46:21 GMT
cache-control
public, max-age=3600
cf-ray
57cea2cc6cabfa48-AMS
cf-bgj
minify

Redirect headers

Date
Wed, 01 Apr 2020 01:46:21 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://jsc.mgid.com/a/d/adxpub.dramacool9.co.786625.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57cea2cbf819fa78-AMS
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
Expires
Wed, 01 Apr 2020 02:46:21 GMT
ADXPUB_logo_ch.png
cdn.mgid.com/images/logos/ Frame 139A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/ADXPUB_logo_ch.png
Requested by
Host: dramacool9.co
URL: http://dramacool9.co/?s=jewel+in+the+palace
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36dc8476b989764724d114c4cab30a7b4c8eab90337f27d7cf1c2a892ea70ef2

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 01 Apr 2020 01:46:21 GMT
cf-cache-status
HIT
age
2634
cf-polished
origFmt=png, origSize=3982
cf-ray
57cea2cd0e0bfa48-AMS
status
200
content-disposition
inline; filename="ADXPUB_logo_ch.webp"
cf-bgj
imgq:100
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
1976
x-amz-id-2
jPtj1B0erCUufK/omW1gWt2jDwo5fECZZxwzXPKhoJ01TRRysYHhSUfvc81BSYSr0/j2fKNqZHE=
last-modified
Tue, 24 Mar 2020 09:25:22 GMT
server
cloudflare
etag
"4d76e39f9636f9a5e904c69ea8463ffd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-amz-request-id
CF2D608F4F61F451
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/webp
expires
Wed, 01 Apr 2020 05:46:21 GMT
truncated
/ Frame 139A 		632 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ Frame 139A 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
Requested by
Host: dramacool9.co
URL: http://dramacool9.co/?s=jewel+in+the+palace
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
Origin
http://dramacool9.co
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 27 Feb 2020 09:11:18 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Aug 2014 18:08:16 GMT
server
sffe
age
2910903
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
16224
x-xss-protection
0
expires
Fri, 26 Feb 2021 09:11:18 GMT
1
servicer.mgid.com/786625/ Frame 139A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/786625/1?w=188&h=586&cols=1&pv=5&cbuster=1585705581655832438345&uniqId=096cf&niet=4g&nisd=false&iframe=1&ref=http%3A%2F%2Fdramacool9.co%2F%3Fs%3Djewel%2Bin%2Bthe%2Bpalace&lu=http%3A%2F%2Fdramacool9.co%2F%3Fs%3Djewel%2Bin%2Bthe%2Bpalace&pageView=1&pvid=171336afc579a2bd9d9&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/a/d/adxpub.dramacool9.co.786625.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c405323b780872a428e75a99722b12b278a37bbd99780f2ac4c6f0a59c9a7eef

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Wed, 01 Apr 2020 01:46:21 GMT
content-encoding
br
cf-cache-status
DYNAMIC
content-type
application/x-javascript; charset=utf-8
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
57cea2cd7ecafa48-AMS
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
ADXPUB_logo_ch.png
cdn.mgid.com/images/logos/ Frame 139A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/ADXPUB_logo_ch.png
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/a/d/adxpub.dramacool9.co.786625.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36dc8476b989764724d114c4cab30a7b4c8eab90337f27d7cf1c2a892ea70ef2

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 01 Apr 2020 01:46:21 GMT
cf-cache-status
HIT
age
2634
cf-polished
origFmt=png, origSize=3982
cf-ray
57cea2cdef9bfa48-AMS
status
200
content-disposition
inline; filename="ADXPUB_logo_ch.webp"
cf-bgj
imgq:100
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
1976
x-amz-id-2
jPtj1B0erCUufK/omW1gWt2jDwo5fECZZxwzXPKhoJ01TRRysYHhSUfvc81BSYSr0/j2fKNqZHE=
last-modified
Tue, 24 Mar 2020 09:25:22 GMT
server
cloudflare
etag
"4d76e39f9636f9a5e904c69ea8463ffd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-amz-request-id
CF2D608F4F61F451
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/webp
expires
Wed, 01 Apr 2020 05:46:21 GMT
i.js
cm.steepto.com/ Frame 139A 		130 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.steepto.com/i.js?cbuster=1585705581741760024835
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/a/d/adxpub.dramacool9.co.786625.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.137.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81b1b2a0681e16cf1650dbe71dcf27ef0a1273ffabd259c9f4aab63b1fdb7c04

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Wed, 01 Apr 2020 01:46:21 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
57cea2ce3e9bbf69-AMS
cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v10/ Frame 139A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v10/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/a/d/adxpub.dramacool9.co.786625.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
Origin
http://dramacool9.co
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 27 Feb 2020 10:48:10 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Aug 2014 18:06:58 GMT
server
sffe
age
2905091
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15556
x-xss-protection
0
expires
Fri, 26 Feb 2021 10:48:10 GMT
i-noref.js
cm.steepto.com/ Frame B839 		19 B
394 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.steepto.com/i-noref.js?cbuster=1585705581749332651962
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/a/d/adxpub.dramacool9.co.786625.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.137.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Wed, 01 Apr 2020 01:46:21 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
bytes
cf-ray
57cea2ce3e9cbf69-AMS
content-length
19
beacon.js
b.scorecardresearch.com/ Frame 139A 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://b.scorecardresearch.com/beacon.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/a/d/adxpub.dramacool9.co.786625.js
Protocol
HTTP/1.1
Server
2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 01 Apr 2020 01:46:21 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Thu, 02 Apr 2020 01:46:21 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMzE0NzU3LzA4ZmYxNjQ5YWYwMGJmMGJlNzIxOWI4YzQ2MzhjZDQ2LmpwZw**.webp
s-img.mgid.com/g/4171939/492x328/0x0x492x328/ Frame 139A 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4171939/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMzE0NzU3LzA4ZmYxNjQ5YWYwMGJmMGJlNzIxOWI4YzQ2MzhjZDQ2LmpwZw**.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76de0a509c9ca917bb1427e4809e31fac7dd05b5d3bc193bc7eac4c95619c5e8

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 01 Apr 2020 01:46:21 GMT
cf-cache-status
HIT
last-modified
Sat, 07 Mar 2020 12:44:35 GMT
server
cloudflare
age
586256
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
57cea2ce1802fa48-AMS
access-control-allow-origin
*
content-length
17256
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMzQ0NTM4LzQ1M2RkNjQ4YmM5OTk5NzFiMTY0YmVmYzM5ZmJmYTIzLmpwZw**.webp
s-img.mgid.com/g/5212602/492x328/0x0x492x328/ Frame 139A 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/5212602/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMzQ0NTM4LzQ1M2RkNjQ4YmM5OTk5NzFiMTY0YmVmYzM5ZmJmYTIzLmpwZw**.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ada265e35eece011c5f36aa985e47f67f117815cb5304eba8e9d7d087834418

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 01 Apr 2020 01:46:21 GMT
cf-cache-status
HIT
last-modified
Mon, 30 Mar 2020 18:39:48 GMT
server
cloudflare
age
111980
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
57cea2ce1801fa48-AMS
access-control-allow-origin
*
content-length
7750
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvNDU2NDQ0LzVlNjhlZDFmOWVlMWI1MmVmMWJlZWUwNjcwNDUxMmMwLmpwZw**.webp
s-img.mgid.com/g/4901017/492x328/0x0x1375x916/ Frame 139A 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4901017/492x328/0x0x1375x916/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvNDU2NDQ0LzVlNjhlZDFmOWVlMWI1MmVmMWJlZWUwNjcwNDUxMmMwLmpwZw**.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2064b8df58b4fcb52e0a20d01945a86202adbc99f8700b70cfdafb86cc1a4532

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 01 Apr 2020 01:46:21 GMT
cf-cache-status
HIT
last-modified
Mon, 03 Feb 2020 17:07:33 GMT
server
cloudflare
age
3897668
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
57cea2ce1803fa48-AMS
access-control-allow-origin
*
content-length
10684
b2
sb.scorecardresearch.com/ Frame 139A
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1585705581807&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fdramacool9.co%2F%3Fs%3Djewel%2Bin%2Bthe%2Bpalace&c9=http%3A%2F%2Fdramaco...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1585705581807&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fdramacool9.co%2F%3Fs%3Djewel%2Bin%2Bthe%2Bpalace&c9=http%3A%2F%2Fdramac...
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1585705581807&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fdramacool9.co%2F%3Fs%3Djewel%2Bin%2Bthe%2Bpalace&c9=http%3A%2F%2Fdramacool9.co%2F%3Fs%3Djewel%2Bin%2Bthe%2Bpalace
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.31.65 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-31-65.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Apr 2020 01:46:21 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1585705581807&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fdramacool9.co%2F%3Fs%3Djewel%2Bin%2Bthe%2Bpalace&c9=http%3A%2F%2Fdramacool9.co%2F%3Fs%3Djewel%2Bin%2Bthe%2Bpalace
Pragma
no-cache
Date
Wed, 01 Apr 2020 01:46:21 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/ Frame 139A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=5c590a72-64fc-445d-b45e-fa52f8381ac8&ttl=1588297582
43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=5c590a72-64fc-445d-b45e-fa52f8381ac8&ttl=1588297582
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Apr 2020 01:46:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
status
200
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
57cea2d00c01fa48-AMS
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 01 Apr 2020 01:46:22 GMT
x-aspnet-version
4.0.30319
location
https://cm.mgid.com/m?cdsp=371158&c=5c590a72-64fc-445d-b45e-fa52f8381ac8&ttl=1588297582
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status
302
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
c
c.mgid.com/ Frame 139A 		43 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?f=1&pv=3&v=184|123|28|lZUuh-4cw11GhorYc51cW-gH0DHDHDix2JeE6Anv9Y9BJoNX8Lx1QeaFFm_RdSlp&fw=1&extjs=510&v=184|123|28|1yOZbjHc4vOD8cWUJKTzDQ07t0Dslk_AOlVDih606vufKURbaX_EZu5RV6cCP3ol&v=184|123|28|nG5qQdYaEXzACOf_nnoV6jID5spYN1eK5PjdcQ9duamdfaqIG4c9bwnYfnUkjfHg&imgdim=1&cid=786625&h2=QQqqtV8iIRJbOIlEsWXet3iIRCw5aJaSpM4M_SpA4o4*&rid=96a923aa-73ba-11ea-b015-4cd98f41c125&tt=Direct&cbuster=1585705582904926280437&tpl=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://dramacool9.co/?s=jewel+in+the+palace
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Wed, 01 Apr 2020 01:46:22 GMT
cf-cache-status
DYNAMIC
content-type
image/gif
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
57cea2d55e97fa48-AMS
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.dramacool9.co
URL
https://www.dramacool9.co/wp-content/themes/dramacool9/fonts/simple-line-icons.woff?v=2.3.3
Domain
www.dramacool9.co
URL
https://www.dramacool9.co/wp-content/themes/dramacool9/fonts/simple-line-icons.ttf?v=2.3.3

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| gtag object| ga_ object| dataLayer string| cdn__ object| google_tag_manager object| adsbyadx string| GoogleAnalyticsObject function| ga number| sc_project number| sc_invisible string| sc_security number| sc_https object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| regeneratorRuntime function| _statcounter object| detector function| setCookie function| getCookie function| eraseCookie function| setH function| MobileDetect function| generateCb number| adxTime number| adxCb object| adxSlots object| delivery object| initVar boolean| _mgPageView522356

6 Cookies

Domain/Path Name / Value
.dramacool9.co/ Name: sc_is_visitor_unique
Value: rx11857087.1585705580.6516CA40BF3B4F71FFE9E4C42711C989.1.1.1.1.1.1.1.1.1
.dramacool9.co/ Name: _gat_gtag_UA_132524096_1
Value: 1
.dramacool9.co/ Name: _gid
Value: GA1.2.972408608.1585705580
.dramacool9.co/ Name: _ga
Value: GA1.2.1781792010.1585705580
.dramacool9.co/ Name: _gat_gtag_UA_131447009_1
Value: 1
.dramacool9.co/ Name: __cfduid
Value: dc01145168775b9fd5a845105a0572de41585705579

2 Console Messages

Source Level URL
Text
console-api warning URL: https://www.dramacool9.co/js/jquery-3.1.1.min.js?ver=3.1.1(Line 2)
Message:
jQuery.Deferred exception: Cannot read property 'length' of undefined TypeError: Cannot read property 'length' of undefined at HTMLDocument.<anonymous> (https://www.dramacool9.co/wp-content/themes/dramacool9/js/main.js?ver=20171003:357:29) at j (https://www.dramacool9.co/js/jquery-3.1.1.min.js?ver=3.1.1:2:29948) at k (https://www.dramacool9.co/js/jquery-3.1.1.min.js?ver=3.1.1:2:30262) undefined
console-api debug URL: https://jsc.mgid.com/a/d/adxpub.dramacool9.co.786625.js(Line 9)
Message:
[object HTMLImageElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.scorecardresearch.com
c.mgid.com
c.statcounter.com
cdn.mgid.com
cm.mgid.com
cm.steepto.com
dramacool9.co
fonts.gstatic.com
ga-analytics.com
hoemasfat.site
idspatchi.com
jsc.mgid.com
match.adsrvr.org
s-img.mgid.com
sb.scorecardresearch.com
serv.adxpub.com
servicer.mgid.com
syndi.adxpub.com
www.dramacool9.co
www.google-analytics.com
www.googletagmanager.com
www.statcounter.com
www.dramacool9.co
103.90.220.251
104.19.136.78
104.19.137.80
104.22.52.65
2.16.186.80
2.16.31.65
213.32.115.24
2606:4700:3033::681b:94e0
2606:4700:3036::681b:95e0
2a00:1450:4001:800::2008
2a00:1450:4001:814::2003
2a00:1450:4001:81c::200e
51.75.172.218
52.49.13.31
81.177.141.171
02e359ce2a9a6df5792c5e146bed2af8d22ddebd39b407f6063959e74f6ab46d
071ca38b8cec663d589e0f75341f534a696edc4aee2b99d6e502c98fa04ee020
132d9692b5cd45a0e114636ff8ba6eee1ad43ed6579d8fab2abfa4b9d1c79d50
2064b8df58b4fcb52e0a20d01945a86202adbc99f8700b70cfdafb86cc1a4532
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
367ff1bd2a4e4df4ee1ad5dccae6a730c5a0d6db4e02bbad21135424c325edc9
36dc8476b989764724d114c4cab30a7b4c8eab90337f27d7cf1c2a892ea70ef2
40aa0428d1ca81211efca4d159a7734b5bfc7b480f2af6106bd7b99cba004901
49a94e43103c95bb77a59a99383bc61f932ef27ecce525a1631feb7204fe9165
4ada265e35eece011c5f36aa985e47f67f117815cb5304eba8e9d7d087834418
4af4e87a3c8c8c300d4fb8ffe1627624a8c5463c0d48d3ebb4fcf3ec2da3f7dd
528ee9326420cbda9a053a85445ba4850b9151a4e3b2c6a697a7b445f7f44ed1
5537535a9a23ece6018f2e10f7f6eb80cea6bb3cd2df07f09d17e8422a014444
6ad913b76301698a67b6f35a0508c493965e0afe82b1bb1e9100937b18a9a5d7
75a07319b4f58d19449fafcfe3fed0d259859dfaf253ce7c3b0e683ef2bb5cbf
76de0a509c9ca917bb1427e4809e31fac7dd05b5d3bc193bc7eac4c95619c5e8
7c150b3546efc02632c70269f6724cc7e2c5b5396ae94eb51029891f7bee42c2
81b1b2a0681e16cf1650dbe71dcf27ef0a1273ffabd259c9f4aab63b1fdb7c04
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83faa770b32e28b7eaabf5b3dadc4422a5da58a8826d95e5f2d34bdb89c39c09
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8583c7c374712909ed75df559ce0e6960fa1d70be753a5b2250dbcd033488b99
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
b192a0ca875db1fe7d59cf1991fc2dc2ed518164f4cde3029ac013a0676ae8f4
b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc
b450e0a93a4b104eafa9b9f483e2754a2d64de445ae7fc6769bfef8e0b1940c2
c405323b780872a428e75a99722b12b278a37bbd99780f2ac4c6f0a59c9a7eef
c826225c7a04f3cc786a7fd5f2704013ce71b8b4dca4e13793427507c2fd7016
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f8d7819fd67466d69ea255fc21234db1b2ce957799c6fce78b4aca56e8ff1663