mkt.zrgnovel.com
108.158.32.50 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

URL:
https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign=... 5mo old
Submission: On January 16 via api (January 16th 2026, 7:39:11 pm UTC) from AU — Scanned from AU

Summary HTTP 35 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 8 domains to perform 35 HTTP transactions. The main IP is 108.158.32.50, located in United States and belongs to AMAZON-02, US. The main domain is mkt.zrgnovel.com. 5mo old
TLS certificate: Issued by Amazon RSA 2048 M01 on November 26th 2025. Valid for: 1yr.

This is the only time mkt.zrgnovel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	108.158.32.50 108.158.32.50	16509 (AMAZON-02) (AMAZON-02)
1	142.251.222.234 142.251.222.234	15169 (GOOGLE) (GOOGLE)
9	18.67.93.32 18.67.93.32	16509 (AMAZON-02) (AMAZON-02)
1	3.175.115.14 3.175.115.14	16509 (AMAZON-02) (AMAZON-02)
2	157.240.8.23 157.240.8.23	32934 (FACEBOOK) (FACEBOOK)
7	52.45.58.139 52.45.58.139	14618 (AMAZON-AES) (AMAZON-AES)
3	3.212.239.207 3.212.239.207	14618 (AMAZON-AES) (AMAZON-AES)
1	104.26.12.205 104.26.12.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.234.168.144 18.234.168.144	14618 (AMAZON-AES) (AMAZON-AES)
4	142.250.195.106 142.250.195.106	15169 (GOOGLE) (GOOGLE)
3	157.240.8.35 157.240.8.35	32934 (FACEBOOK) (FACEBOOK)
35	12

1 108.158.32.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-50.syd3.r.cloudfront.net

mkt.zrgnovel.com 5mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.251.222.234 (United States)

ASN15169 (GOOGLE, US)
PTR: pnsyda-ag-in-f10.1e100.net

fonts.googleapis.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

9 18.67.93.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-32.syd62.r.cloudfront.net

assets.dreame.com 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 3.175.115.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-175-115-14.syd3.r.cloudfront.net

files.dreame.com 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net

connect.facebook.net 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

7 52.45.58.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-58-139.compute-1.amazonaws.com

bi.dreame.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 3.212.239.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-239-207.compute-1.amazonaws.com

api.dreame.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.26.12.205 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

api.ipify.org 11yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 18.234.168.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-234-168-144.compute-1.amazonaws.com

api.dreameshort.com 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 142.250.195.106 (United States)

ASN15169 (GOOGLE, US)
PTR: tzsyda-ad-in-f10.1e100.net

firebaseinstallations.googleapis.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
firebaseremoteconfig.googleapis.com 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com

www.facebook.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
20	dreame.com assets.dreame.com — Cisco Umbrella Rank: 184961 4yr old files.dreame.com — Cisco Umbrella Rank: 169700 6yr old bi.dreame.com — Cisco Umbrella Rank: 136728 7yr old api.dreame.com — Cisco Umbrella Rank: 165987 7yr old	292 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44 56yr old firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 577 7yr old firebaseremoteconfig.googleapis.com — Cisco Umbrella Rank: 461 6yr old firebaselogging-pa.googleapis.com Failed 6yr old	2 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 130 56yr old	216 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 227 56yr old	126 KB
1	dreameshort.com api.dreameshort.com — Cisco Umbrella Rank: 299413 2yr old
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 1786 11yr old	159 B
1	zrgnovel.com mkt.zrgnovel.com 5mo old	31 KB
0	Failed function sub() { [native code] }. Failed
35	8

	Domain	Requested by
9	assets.dreame.com	mkt.zrgnovel.com
7	bi.dreame.com	mkt.zrgnovel.com
3	www.facebook.com	connect.facebook.net
3	api.dreame.com	assets.dreame.com
2	firebaseremoteconfig.googleapis.com	assets.dreame.com
2	firebaseinstallations.googleapis.com	assets.dreame.com
2	connect.facebook.net	mkt.zrgnovel.com connect.facebook.net
1	api.dreameshort.com	assets.dreame.com
1	api.ipify.org	assets.dreame.com
1	files.dreame.com	mkt.zrgnovel.com
1	fonts.googleapis.com	mkt.zrgnovel.com
1	mkt.zrgnovel.com
0	firebaselogging-pa.googleapis.com Failed	assets.dreame.com
0	af Failed	assets.dreame.com
35	14

This site contains no links.

Subject Issuer	Validity	Valid
mkt.dreameshort.com Amazon RSA 2048 M01	`2025-11-26` - `2026-12-25`	1yr	crt.sh
upload.video.google.com WR2	`2025-12-09` - `2026-03-03`	3mo	crt.sh
assets.dreame.com Amazon RSA 2048 M04	`2025-05-10` - `2026-06-08`	1yr	crt.sh
files.dreame.com Amazon RSA 2048 M04	`2025-12-26` - `2027-01-24`	1yr	crt.sh
*.facebook.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-10-26` - `2026-01-24`	3mo	crt.sh
*.dreame.com Amazon RSA 2048 M02	`2025-03-19` - `2026-04-17`	1yr	crt.sh
ipify.org WE1	`2026-01-01` - `2026-04-01`	3mo	crt.sh
*.dreameshort.com Amazon RSA 2048 M03	`2025-07-07` - `2026-08-05`	1yr	crt.sh

This page contains 1 frames:

Frame: dreameshort://af?af_js_web=true&is_retargeting=true&deep_link_value=dreameshort%3A%2F%2Fdreameshort.com%2Fplayer%3FbookId%3D1375%26jumpType%3D2001%26source%3DdeepLinks%26testGroup%3DBOTTOM_PLAY%26dubType%3Ddefvid&af_sub3=2068579210570479&ldy_ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F144.0.0.0+Safari%2F537.36&deep_link_sub1=media_source%253Dfacebook_ads%2526campaign%253D%25257B%25257Bcampaign.name%25257D%25257D%2526af_adset%253D%25257B%25257Badset.name%25257D%25257D%2526af_sub1%253D%2526af_sub2%253Dundefined%2526af_sub3%253D2068579210570479%2526af_sub4%253Dundefined&s2s=true&ldy_type=landing&cts=1768592352&product=56&timezone=Australia%2FPerth&af_c_id=120237597177130453&af_adset=%7B%7Badset.name%7D%7D&af_adset_id=120237597177420453&af_ad_id=%7B%7Bad.id%7D%7D&af_ad=%7B%7Bad.name%7D%7D&af_channel=%7B%7Bsite_source_name%7D%7D&placement=%7B%7Bplacement%7D%7D&px=2068579210570479&random=MTIwMjM3NTk3MTc3MTMwNDUz1768466992401065&lp_url=https%3A%2F%2Fmkt.zrgnovel.com%2Fdreame%2Fadlanding%2F9%2F4057464832%2F9424%2Ffb70479%2F202615154856499&media_source=facebook_ads&campaign=%7B%7Bcampaign.name%7D%7D
Frame ID: AED43E0AFD9ECADCE3573BA79EE8088C
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Too Late To Miss Me | DreameShort

Detected technologies

Sensors Data (Analytics) Expand

Overall confidence: 100%
Detected patterns

sensorsdata

Zepto (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

zepto.*\.js

Facebook Pixel (Analytics) Expand

Overall confidence: 100%
Detected patterns

connect\.facebook\.\w+/.+/fbevents\.js
connect\.facebook.\w+/signals/config/\d+\?v=([\d\.]+)

ipify (Geolocation) Expand

Overall confidence: 100%
Detected patterns

\.ipify\.org

Page Statistics

35
Requests

94 %
HTTPS

0 %
IPv6

8
Domains

14
Subdomains

12
IPs

3
Countries

467 kB
Transfer

1375 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 202615154856499 Show response
mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/ 48 KB
31 KB 265ms
41ms Document
text/html 108.158.32.50
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237597177130453&af_adset={{adset.name}}&af_adset_id=120237597177420453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NTk3MTc3MTMwNDUz1768466992401065
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-50.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 148306aed6de396f7c0f55e84b1bf339bc6750957df3622e9e1c8d3890bee87d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

age: 956236
cache-control: max-age=15552000
content-encoding: gzip
content-type: text/html
date: Mon, 05 Jan 2026 18:01:57 GMT
etag: W/"a5eb342a018b3cc6d26b4c03775929d6"
last-modified: Mon, 05 Jan 2026 15:48:57 GMT
server: AmazonS3
vary: accept-encoding
via: 1.1 6e1c6646ddd7c3d29e8d895186891110.cloudfront.net (CloudFront)
x-amz-cf-id: PpYgx--WxpKqvtOQMbdA2UCvKXVse5kmbdMQw8RZ9fbLIP320qO99w==
x-amz-cf-pop: SYD3-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: PL_IpdSqc.97aQWZFooX_UkZnTP49Yo7
x-cache: Hit from cloudfront

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 315ms
136ms Stylesheet
text/css 142.251.222.234
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Mulish:ital,wght@0,200..1000;1,200..1000&display=swap

Requested by

Host: mkt.zrgnovel.com
URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237597177130453&af_adset={{adset.name}}&af_adset_id=120237597177420453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NTk3MTc3MTMwNDUz1768466992401065

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

142.251.222.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pnsyda-ag-in-f10.1e100.net

Software

ESF /

Resource Hash

d8314600fbe84906e5c35976ad5587f09d0ecf9d438c10444f8050890cbeebe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://mkt.zrgnovel.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 16 Jan 2026 19:39:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 16 Jan 2026 19:39:12 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 16 Jan 2026 18:50:47 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 f8cd932bb0d7ed8ebb703de6fed5346d.png
assets.dreame.com/dreame/image/ 2 KB
3 KB 140ms
53ms Image
image/png 18.67.93.32
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://assets.dreame.com/dreame/image/f8cd932bb0d7ed8ebb703de6fed5346d.png
Requested by: Host: mkt.zrgnovel.com
URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237597177130453&af_adset={{adset.name}}&af_adset_id=120237597177420453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NTk3MTc3MTMwNDUz1768466992401065
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-32.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d781981162cece64bde9113807889b10338e408a2b9a0eece4eca08371aed033

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://mkt.zrgnovel.com/

Response headers

cache-control: max-age=15552000
x-amz-version-id: KjWbRca910thToJNu2MRZrK_UHlfGOm8
etag: "b33a0a1ee02ff392706a84f406abfb6a"
age: 3626837
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 2370
x-amz-cf-id: w7sW6qiU3WZq76FZ-gJPcT_tfAMwDW7CFgyVQqWUipdenmu40hlKBg==
date: Fri, 05 Dec 2025 20:11:56 GMT
content-type: image/png
last-modified: Wed, 20 Mar 2024 05:54:33 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
x-amz-server-side-encryption: AES256

GET
H2 200 zepto.min.js Show response
assets.dreame.com/dreame/file/ 26 KB
10 KB 105ms
39ms Script
text/javascript 18.67.93.32
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://assets.dreame.com/dreame/file/zepto.min.js
Requested by: Host: mkt.zrgnovel.com
URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237597177130453&af_adset={{adset.name}}&af_adset_id=120237597177420453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NTk3MTc3MTMwNDUz1768466992401065
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-32.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: beb9f5e32ed61fbce010497242a9b6b8219242b5ffc636038e7891510c773725

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://mkt.zrgnovel.com/

Response headers

vary: accept-encoding, Origin
cache-control: max-age=15552000
content-encoding: gzip
x-amz-version-id: c58TfbXVscBDa8Hdq0w_m1ZfBHqyFmy9
etag: W/"50a4556b0089cfa1cb61e88ea23bbcce"
age: 7948703
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: y2tSK4zoSmkyqJArjoyoWwcZGZcPkM616sHop1B2enavvMglHaGw9Q==
date: Thu, 16 Oct 2025 19:40:50 GMT
content-type: text/javascript
last-modified: Thu, 02 Mar 2023 02:11:43 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
x-amz-server-side-encryption: AES256

GET
H2 200 hunt-clipboard.v0018.js Show response
assets.dreame.com/dreame/file/ 5 KB
3 KB 62ms
62ms Script
text/javascript 18.67.93.32
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://assets.dreame.com/dreame/file/hunt-clipboard.v0018.js
Requested by: Host: mkt.zrgnovel.com
URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237597177130453&af_adset={{adset.name}}&af_adset_id=120237597177420453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NTk3MTc3MTMwNDUz1768466992401065
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-32.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f52881689e334487ba62f2e43a136956bde08dba4a5c273d1f8c53b677d4941

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://mkt.zrgnovel.com/

Response headers

vary: accept-encoding, Origin
cache-control: max-age=15552000
content-encoding: gzip
x-amz-version-id: F0ELTctoikI.r1ZPg1qTQ3DKz1Bl7.z7
etag: W/"deb6708bcff6fa221194eb94378815db"
age: 7948863
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 2V_Eae5DPOCp4T4OkRL1K_6_lCq1WeNNpZ3cstMaPdnNKumZtF3PHg==
date: Thu, 16 Oct 2025 19:38:10 GMT
content-type: text/javascript
last-modified: Tue, 08 Apr 2025 02:29:07 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
x-amz-server-side-encryption: AES256

GET
H2 200 fp-v3.js Show response
assets.dreame.com/dreame/file/ 33 KB
14 KB 53ms
53ms Script
text/javascript 18.67.93.32
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://assets.dreame.com/dreame/file/fp-v3.js
Requested by: Host: mkt.zrgnovel.com
URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237597177130453&af_adset={{adset.name}}&af_adset_id=120237597177420453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NTk3MTc3MTMwNDUz1768466992401065
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-32.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5a4ce9720e3a1bceae6e699ccba89f9f002ece6b563758092d144cdf4d0928f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://mkt.zrgnovel.com/

Response headers

vary: accept-encoding, Origin
cache-control: max-age=15552000
content-encoding: gzip
x-amz-version-id: 0B5G3349oxtLck12.Ru5KaYWnbE6088u
etag: W/"6c8689234a1c0bbbd2711ba685157ecd"
age: 12013972
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: AMZRWJVgEMR1sIPPlLBTAN7ahnX4SL5nKLtCoTG28J8GSbPWv9zvcQ==
date: Sat, 30 Aug 2025 18:26:21 GMT
content-type: text/javascript
last-modified: Wed, 12 Apr 2023 02:07:21 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
x-amz-server-side-encryption: AES256

GET
H2 200 sensorsdata.min.js Show response
files.dreame.com/projectS3/file/ 164 KB
48 KB 142ms
50ms Script
text/javascript 3.175.115.14
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://files.dreame.com/projectS3/file/sensorsdata.min.js
Requested by: Host: mkt.zrgnovel.com
URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237597177130453&af_adset={{adset.name}}&af_adset_id=120237597177420453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NTk3MTc3MTMwNDUz1768466992401065
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.175.115.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-175-115-14.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aba1c661f779008053541d47298d85870091c2ca55a9cd0eb4cded99da3e8f31

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://mkt.zrgnovel.com/

Response headers

cache-control: max-age=15552000
content-encoding: gzip
x-amz-version-id: obBjZL8iztbTEVR0GxzwMJsyfJCJLOck
etag: W/"19bb014d9d75ff9a19dac3e5d7786f8b"
age: 826749
via: 1.1 428fe247097bf46177110ab2a4ed3c28.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: Jy5IGCrlW7lo0qWogzB44FI8q2w6Jc28-KjBIZkDtjYpU2lWDf8Gwg==
date: Wed, 07 Jan 2026 06:00:04 GMT
content-type: text/javascript
last-modified: Sun, 09 Oct 2022 06:03:01 GMT
server: AmazonS3
x-amz-cf-pop: SYD3-P3
vary: accept-encoding

GET
H2 200 0f11948b311b7aa963a9eb889e81187e.js Show response
assets.dreame.com/dreame/file/ 29 KB
10 KB 29ms
28ms Script
application/javascript 18.67.93.32
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://assets.dreame.com/dreame/file/0f11948b311b7aa963a9eb889e81187e.js
Requested by: Host: mkt.zrgnovel.com
URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237597177130453&af_adset={{adset.name}}&af_adset_id=120237597177420453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NTk3MTc3MTMwNDUz1768466992401065
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-32.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9cfb24b23deee5996ddcd119382a13a4ffd2a5f4b279551b708b268f8c1a149d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://mkt.zrgnovel.com/

Response headers

vary: accept-encoding, Origin
cache-control: max-age=15552000
content-encoding: gzip
x-amz-version-id: 1WvHJCuQj5.wwyW5z6V16vl5t3hZQ09K
etag: W/"964f8d763eca7b6c7e6e40c226a21e31"
age: 2667257
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: wC5zyZoS7lSHqvcrzEcJ5BZ8Lf9J-7nPpxMufS6N-WoajXxze1FHQA==
date: Tue, 16 Dec 2025 22:44:56 GMT
content-type: application/javascript
last-modified: Fri, 07 Nov 2025 08:22:01 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
x-amz-server-side-encryption: AES256

GET
H2 200 platform.min.js Show response
assets.dreame.com/dreame/file/ 20 KB
7 KB 31ms
30ms Script
text/javascript 18.67.93.32
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://assets.dreame.com/dreame/file/platform.min.js
Requested by: Host: mkt.zrgnovel.com
URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237597177130453&af_adset={{adset.name}}&af_adset_id=120237597177420453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NTk3MTc3MTMwNDUz1768466992401065
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-32.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 18309845a9fadd4a99179e9565edeae2299f6292ed5b7bcdff6a6e70108ac7af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://mkt.zrgnovel.com/

Response headers

vary: accept-encoding, Origin
cache-control: max-age=15552000
content-encoding: gzip
x-amz-version-id: Ac60ZiQpiQHtHZZMax06USQEiNyP.t.Q
etag: W/"18295f6cfc588e9a1b2cf681d99bc1fd"
age: 13705104
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: zHyOPRtf0bwIinTRA2i__Esc-srzQO6pYSLymHx2sP8xheXTFbJ7Ow==
date: Mon, 11 Aug 2025 04:40:49 GMT
content-type: text/javascript
last-modified: Fri, 14 Apr 2023 02:26:44 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
x-amz-server-side-encryption: AES256

GET
H2 200 staticLandingCommonScript.1.js Show response
assets.dreame.com/dreame/file/ 484 KB
149 KB 30ms
30ms Script
text/plain 18.67.93.32
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://assets.dreame.com/dreame/file/staticLandingCommonScript.1.js?ts=1767628136400
Requested by: Host: mkt.zrgnovel.com
URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237597177130453&af_adset={{adset.name}}&af_adset_id=120237597177420453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NTk3MTc3MTMwNDUz1768466992401065
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-32.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3dbe3027c278453a1c66cbfaa4f381ea988f9d9507630172a9b22d6375b6f60a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://mkt.zrgnovel.com/

Response headers

vary: accept-encoding, Origin
cache-control: max-age=15552000
content-encoding: gzip
x-amz-version-id: I49u1ADGHkhGzs5lZPuNDiKrLJ5TXKUC
etag: W/"72286ad6f87ec656310655cdf7e20c03"
age: 57284
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: oBJ_XCECWNuHaB2g2mILo4PPpLL-ac15J8uazAbEFvhJwAJclNdoYw==
date: Fri, 16 Jan 2026 03:44:29 GMT
content-type: text/plain
last-modified: Fri, 16 Jan 2026 03:44:14 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 343 KB
91 KB 54ms
26ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

1b8b7b856129f0fc8ad7056c7d5382afb460779d913b450818f1b7418d926106

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: ;script-src 'nonce-mwnmLDkO' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: 'self' https://.google-analytics.com .google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: .cdninstagram.com https://.google-analytics.com;font-src 'self' data: blob: ;img-src 'self' data: blob: https://.google-analytics.com;media-src 'self' data: blob: ;child-src 'self' data: blob: ;frame-src 'self' data: blob: ;manifest-src 'self' data: blob: ;object-src 'self' data: blob: ;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://mkt.zrgnovel.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 16 Jan 2026 19:39:12 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' blob: *;script-src 'nonce-mwnmLDkO' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=4986, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: EhHtU7ALZOtbq5Yf2w8NQq8QrEWBj72CfhXpzRwq0JqeQTb1GySoRLUHWqKAlHHJlrlF/VlD28bicauEDF5FhA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top, include-js-call-stacks-in-crash-reports
content-length: 93198
x-xss-protection: 0
origin-agent-cluster: ?1

GET
DATA 200
OK truncated
/ 266 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b2f1a58069399538cb3fe9023af4b9d97ba7f786f2486d1de90e8253d256106

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8729af8ff61091c92df7db67bad99277dfc4221b7e2b7f59d9e7168e19cd1e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0d9f38c915a5d76084ed9745ac7a4bac7795129d45e00a86bfbbba9ff4eb4d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 7068b8eb844035f766ec349b6fa7ee96.jpg@400w.webp
assets.dreame.com/dreame/image/ 42 KB
42 KB 26ms
26ms Image
image/webp 18.67.93.32
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://assets.dreame.com/dreame/image/7068b8eb844035f766ec349b6fa7ee96.jpg@400w.webp
Requested by: Host: mkt.zrgnovel.com
URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237597177130453&af_adset={{adset.name}}&af_adset_id=120237597177420453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NTk3MTc3MTMwNDUz1768466992401065
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-32.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b143514474aea2e655076a5e42d5705c5ff023617ae11cd1cd2da1d7d3887b4d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://mkt.zrgnovel.com/

Response headers

cache-control: max-age=15552000
x-amz-version-id: Xu5eLrshnkHS3tZx.Oib6iu3tT.mpsoO
etag: "7b69ba258a7211c7bae8fd267499b08d"
age: 951700
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 42742
x-amz-cf-id: iEgs3K1PMv2m865eearuIFBKJ7ReFHLsVzzMRWYY_EwJ95EfnsZFMw==
date: Mon, 05 Jan 2026 19:17:31 GMT
content-type: image/webp
last-modified: Mon, 05 Jan 2026 15:48:25 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
x-amz-server-side-encryption: AES256

GET
DATA 200
OK truncated
/ 16 KB
16 KB Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a51dd6c0aad2614be9cfc34a834d9a714e7f9b5f8ab85744c5e9cfba2a7e9492

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 sa.gif
bi.dreame.com/ 43 B
257 B 948ms
339ms Image
image/gif 52.45.58.139
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://bi.dreame.com:9106/sa.gif?project=d_project&data=eyJpZGVudGl0aWVzIjp7IiRpZGVudGl0eV9jb29raWVfaWQiOiIxOWJjODUxYTU0NThkNS0wZWIxMGVkMWI3NjBmZS0xMzQ2MmM2OS0xOTIwMDAwLTE5YmM4NTFhNTQ2MmExIn0sImRpc3RpbmN0X2lkIjoiMTliYzg1MWE1NDU4ZDUtMGViMTBlZDFiNzYwZmUtMTM0NjJjNjktMTkyMDAwMC0xOWJjODUxYTU0NjJhMSIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjIzLjUifSwicHJvcGVydGllcyI6eyJmaXJzdF9zcmNfcGFnZV91cmwiOiJodHRwczovL21rdC56cmdub3ZlbC5jb20vZHJlYW1lL2FkbGFuZGluZy85LzQwNTc0NjQ4MzIvOTQyNC9mYjcwNDc5LzIwMjYxNTE1NDg1NjQ5OT91dG1fc291cmNlPWZhY2Vib29rX2FkcyZ1dG1fY2FtcGFpZ249e3tjYW1wYWlnbi5uYW1lfX0mYWZfY19pZD0xMjAyMzc1OTcxNzcxMzA0NTMmYWZfYWRzZXQ9e3thZHNldC5uYW1lfX0mYWZfYWRzZXRfaWQ9MTIwMjM3NTk3MTc3NDIwNDUzJmFmX2FkX2lkPXt7YWQuaWR9fSZhZl9hZD17e2FkLm5hbWV9fSZhZl9jaGFubmVsPXt7c2l0ZV9zb3VyY2VfbmFtZX19JnBsYWNlbWVudD17e3BsYWNlbWVudH19JnB4PTIwNjg1NzkyMTA1NzA0NzkmcmFuZG9tPU1USXdNak0zTlRrM01UYzNNVE13TkRVejE3Njg0NjY5OTI0MDEwNjUifSwiYW5vbnltb3VzX2lkIjoiMTliYzg1MWE1NDU4ZDUtMGViMTBlZDFiNzYwZmUtMTM0NjJjNjktMTkyMDAwMC0xOWJjODUxYTU0NjJhMSIsInR5cGUiOiJwcm9maWxlX3NldF9vbmNlIiwidGltZSI6MTc2ODU5MjM1MjU5NSwiX3RyYWNrX2lkIjozNTkyMjU5NSwiX2ZsdXNoX3RpbWUiOjE3Njg1OTIzNTI1OTV9&ext=crc%3D-809703878
Requested by: Host: mkt.zrgnovel.com
URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237597177130453&af_adset={{adset.name}}&af_adset_id=120237597177420453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NTk3MTc3MTMwNDUz1768466992401065
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.58.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-58-139.compute-1.amazonaws.com
Software: Sws /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://mkt.zrgnovel.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 28 Sep 1970 05:00:00 GMT
access-control-allow-origin: *
content-length: 43
date: Fri, 16 Jan 2026 19:39:13 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: Sws

GET
H2 200 sa.gif
bi.dreame.com/ 43 B
258 B 948ms
338ms Image
image/gif 52.45.58.139
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://bi.dreame.com:9106/sa.gif?project=d_project&data=eyJpZGVudGl0aWVzIjp7IiRpZGVudGl0eV9jb29raWVfaWQiOiIxOWJjODUxYTU0NThkNS0wZWIxMGVkMWI3NjBmZS0xMzQ2MmM2OS0xOTIwMDAwLTE5YmM4NTFhNTQ2MmExIn0sImRpc3RpbmN0X2lkIjoiMTliYzg1MWE1NDU4ZDUtMGViMTBlZDFiNzYwZmUtMTM0NjJjNjktMTkyMDAwMC0xOWJjODUxYTU0NjJhMSIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjIzLjUifSwicHJvcGVydGllcyI6eyIkdGltZXpvbmVfb2Zmc2V0IjotNDgwLCIkc2NyZWVuX2hlaWdodCI6MTIwMCwiJHNjcmVlbl93aWR0aCI6MTYwMCwiJHZpZXdwb3J0X2hlaWdodCI6MTIwMCwiJHZpZXdwb3J0X3dpZHRoIjoxNjAwLCIkbGliIjoianMiLCIkbGliX3ZlcnNpb24iOiIxLjIzLjUiLCIkbGF0ZXN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLku5jotLnlub%2FlkYrmtYHph48iLCIkbGF0ZXN0X3NlYXJjaF9rZXl3b3JkIjoi5pyq5Y%2BW5Yiw5YC8X%2BebtOaOpeaJk%2BW8gCIsIiRsYXRlc3RfcmVmZXJyZXIiOiIiLCIkbGF0ZXN0X3V0bV9zb3VyY2UiOiJmYWNlYm9va19hZHMiLCIkbGF0ZXN0X3V0bV9jYW1wYWlnbiI6Int7Y2FtcGFpZ24ubmFtZX19IiwiY2hhbm5lbCI6ImRyZWFtZXBtaWFuLTE3MyIsInBvcnQiOiJ3ZWIiLCJ3YXBfcGlkIjo5NDI0LCIkcmVmZXJyZXIiOiIiLCIkdXJsIjoiaHR0cHM6Ly9ta3QuenJnbm92ZWwuY29tL2RyZWFtZS9hZGxhbmRpbmcvOS80MDU3NDY0ODMyLzk0MjQvZmI3MDQ3OS8yMDI2MTUxNTQ4NTY0OTk%2FdXRtX3NvdXJjZT1mYWNlYm9va19hZHMmdXRtX2NhbXBhaWduPXt7Y2FtcGFpZ24ubmFtZX19JmFmX2NfaWQ9MTIwMjM3NTk3MTc3MTMwNDUzJmFmX2Fkc2V0PXt7YWRzZXQubmFtZX19JmFmX2Fkc2V0X2lkPTEyMDIzNzU5NzE3NzQyMDQ1MyZhZl9hZF9pZD17e2FkLmlkfX0mYWZfYWQ9e3thZC5uYW1lfX0mYWZfY2hhbm5lbD17e3NpdGVfc291cmNlX25hbWV9fSZwbGFjZW1lbnQ9e3twbGFjZW1lbnR9fSZweD0yMDY4NTc5MjEwNTcwNDc5JnJhbmRvbT1NVEl3TWpNM05UazNNVGMzTVRNd05EVXoxNzY4NDY2OTkyNDAxMDY1IiwiJHVybF9wYXRoIjoiL2RyZWFtZS9hZGxhbmRpbmcvOS80MDU3NDY0ODMyLzk0MjQvZmI3MDQ3OS8yMDI2MTUxNTQ4NTY0OTkiLCIkdGl0bGUiOiJUb28gTGF0ZSBUbyBNaXNzIE1lIHwgRHJlYW1lU2hvcnQiLCIkdXRtX3NvdXJjZSI6ImZhY2Vib29rX2FkcyIsIiR1dG1fY2FtcGFpZ24iOiJ7e2NhbXBhaWduLm5hbWV9fSIsIiRpc19maXJzdF9kYXkiOnRydWUsIiRpc19maXJzdF90aW1lIjp0cnVlLCIkcmVmZXJyZXJfaG9zdCI6IiJ9LCJhbm9ueW1vdXNfaWQiOiIxOWJjODUxYTU0NThkNS0wZWIxMGVkMWI3NjBmZS0xMzQ2MmM2OS0xOTIwMDAwLTE5YmM4NTFhNTQ2MmExIiwidHlwZSI6InRyYWNrIiwiZXZlbnQiOiIkcGFnZXZpZXciLCJ0aW1lIjoxNzY4NTkyMzUyNTk3LCJfdHJhY2tfaWQiOjE3MDAxMjU5OCwiX2ZsdXNoX3RpbWUiOjE3Njg1OTIzNTI1OTh9&ext=crc%3D1558363247
Requested by: Host: mkt.zrgnovel.com
URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237597177130453&af_adset={{adset.name}}&af_adset_id=120237597177420453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NTk3MTc3MTMwNDUz1768466992401065
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.58.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-58-139.compute-1.amazonaws.com
Software: Sws /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://mkt.zrgnovel.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 28 Sep 1970 05:00:00 GMT
access-control-allow-origin: *
content-length: 43
date: Fri, 16 Jan 2026 19:39:13 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: Sws

GET
H2 200 sa.gif
bi.dreame.com/ 43 B
257 B 1223ms
615ms Image
image/gif 52.45.58.139
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://bi.dreame.com:9106/sa.gif?project=d_project&data=eyJpZGVudGl0aWVzIjp7IiRpZGVudGl0eV9jb29raWVfaWQiOiIxOWJjODUxYTU0NThkNS0wZWIxMGVkMWI3NjBmZS0xMzQ2MmM2OS0xOTIwMDAwLTE5YmM4NTFhNTQ2MmExIn0sImRpc3RpbmN0X2lkIjoiMTliYzg1MWE1NDU4ZDUtMGViMTBlZDFiNzYwZmUtMTM0NjJjNjktMTkyMDAwMC0xOWJjODUxYTU0NjJhMSIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjIzLjUifSwicHJvcGVydGllcyI6eyIkZmlyc3RfdmlzaXRfdGltZSI6IjIwMjYtMDEtMTcgMDM6Mzk6MTIuNTk5IiwiJGZpcnN0X3JlZmVycmVyIjoiIiwiJGZpcnN0X2Jyb3dzZXJfbGFuZ3VhZ2UiOiJlbi1hdSIsIiRmaXJzdF9icm93c2VyX2NoYXJzZXQiOiJVVEYtOCIsIiRmaXJzdF90cmFmZmljX3NvdXJjZV90eXBlIjoi5LuY6LS55bm%2F5ZGK5rWB6YePIiwiJGZpcnN0X3NlYXJjaF9rZXl3b3JkIjoi5pyq5Y%2BW5Yiw5YC8X%2BebtOaOpeaJk%2BW8gCIsIiR1dG1fc291cmNlIjoiZmFjZWJvb2tfYWRzIiwiJHV0bV9jYW1wYWlnbiI6Int7Y2FtcGFpZ24ubmFtZX19In0sImFub255bW91c19pZCI6IjE5YmM4NTFhNTQ1OGQ1LTBlYjEwZWQxYjc2MGZlLTEzNDYyYzY5LTE5MjAwMDAtMTliYzg1MWE1NDYyYTEiLCJ0eXBlIjoicHJvZmlsZV9zZXRfb25jZSIsInRpbWUiOjE3Njg1OTIzNTI1OTksIl90cmFja19pZCI6ODcyNTgyNTk5LCJfZmx1c2hfdGltZSI6MTc2ODU5MjM1MjU5OX0%3D&ext=crc%3D-431849008
Requested by: Host: mkt.zrgnovel.com
URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237597177130453&af_adset={{adset.name}}&af_adset_id=120237597177420453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NTk3MTc3MTMwNDUz1768466992401065
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.58.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-58-139.compute-1.amazonaws.com
Software: Sws /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://mkt.zrgnovel.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 28 Sep 1970 05:00:00 GMT
access-control-allow-origin: *
content-length: 43
date: Fri, 16 Jan 2026 19:39:13 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: Sws

GET
H2 200 getIp Show response
api.dreame.com/api/ 130 B
564 B 1215ms
617ms XHR
application/json 3.212.239.207
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: https://api.dreame.com/api/getIp
Requested by: Host: assets.dreame.com
URL: https://assets.dreame.com/dreame/file/zepto.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.239.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-239-207.compute-1.amazonaws.com
Software: nginx / PHP/7.4.33
Resource Hash: 22abc03401376cbf5d705014ce395eb880436c74682c2edf2d68178b49a1cc23

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Accept: application/json
Referer: https://mkt.zrgnovel.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,PUT
access-control-allow-origin: https://mkt.zrgnovel.com
date: Fri, 16 Jan 2026 19:39:13 GMT
content-type: application/json;charset=utf-8
x-powered-by: PHP/7.4.33
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Bearer-Token, X-Origin-Product, X-App-Language, X-App-OsType, X-App-DeviceId, X-App-DistinctId, X-App-VersionName, X-App-Channel, X-App-Platform, Paypal-Client-Metadata-Id

GET
H2 200 / Show response
api.ipify.org/ 22 B
159 B 293ms
244ms XHR
application/json 104.26.12.205
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: assets.dreame.com
URL: https://assets.dreame.com/dreame/file/zepto.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.205 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa07f2a2d3c2be5bdad8c021739bf22f71ee22c83f88f74499367539596dd4d5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Accept: application/json
Referer: https://mkt.zrgnovel.com/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
cf-ray: 9bf013dc7c4b5e92-BNE
access-control-allow-origin: *
date: Fri, 16 Jan 2026 19:39:12 GMT
content-type: application/json
vary: Origin
server: cloudflare

GET
H2 200 sa.gif
bi.dreame.com/ 43 B
257 B 860ms
339ms Image
image/gif 52.45.58.139
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://bi.dreame.com:9106/sa.gif?project=d_project&data=eyJpZGVudGl0aWVzIjp7IiRpZGVudGl0eV9jb29raWVfaWQiOiIxOWJjODUxYTU0NThkNS0wZWIxMGVkMWI3NjBmZS0xMzQ2MmM2OS0xOTIwMDAwLTE5YmM4NTFhNTQ2MmExIn0sImRpc3RpbmN0X2lkIjoiMTliYzg1MWE1NDU4ZDUtMGViMTBlZDFiNzYwZmUtMTM0NjJjNjktMTkyMDAwMC0xOWJjODUxYTU0NjJhMSIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjIzLjUifSwicHJvcGVydGllcyI6eyIkdGltZXpvbmVfb2Zmc2V0IjotNDgwLCIkc2NyZWVuX2hlaWdodCI6MTIwMCwiJHNjcmVlbl93aWR0aCI6MTYwMCwiJHZpZXdwb3J0X2hlaWdodCI6MTIwMCwiJHZpZXdwb3J0X3dpZHRoIjoxNjAwLCIkbGliIjoianMiLCIkbGliX3ZlcnNpb24iOiIxLjIzLjUiLCIkbGF0ZXN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLku5jotLnlub%2FlkYrmtYHph48iLCIkbGF0ZXN0X3NlYXJjaF9rZXl3b3JkIjoi5pyq5Y%2BW5Yiw5YC8X%2BebtOaOpeaJk%2BW8gCIsIiRsYXRlc3RfcmVmZXJyZXIiOiIiLCIkbGF0ZXN0X3V0bV9zb3VyY2UiOiJmYWNlYm9va19hZHMiLCIkbGF0ZXN0X3V0bV9jYW1wYWlnbiI6Int7Y2FtcGFpZ24ubmFtZX19IiwiY2hhbm5lbCI6ImRyZWFtZXBtaWFuLTE3MyIsInBvcnQiOiJ3ZWIiLCJ3YXBfcGlkIjo5NDI0LCJlbmNvZGVfdHlwZSI6MSwid3JpdGVfc3RhdHVzIjoxLCIkdXJsX3BhdGgiOiJodHRwczovL21rdC56cmdub3ZlbC5jb20vZHJlYW1lL2FkbGFuZGluZy85LzQwNTc0NjQ4MzIvOTQyNC9mYjcwNDc5LzIwMjYxNTE1NDg1NjQ5OSIsIiRpc19maXJzdF9kYXkiOnRydWUsIiR1cmwiOiJodHRwczovL21rdC56cmdub3ZlbC5jb20vZHJlYW1lL2FkbGFuZGluZy85LzQwNTc0NjQ4MzIvOTQyNC9mYjcwNDc5LzIwMjYxNTE1NDg1NjQ5OT91dG1fc291cmNlPWZhY2Vib29rX2FkcyZ1dG1fY2FtcGFpZ249e3tjYW1wYWlnbi5uYW1lfX0mYWZfY19pZD0xMjAyMzc1OTcxNzcxMzA0NTMmYWZfYWRzZXQ9e3thZHNldC5uYW1lfX0mYWZfYWRzZXRfaWQ9MTIwMjM3NTk3MTc3NDIwNDUzJmFmX2FkX2lkPXt7YWQuaWR9fSZhZl9hZD17e2FkLm5hbWV9fSZhZl9jaGFubmVsPXt7c2l0ZV9zb3VyY2VfbmFtZX19JnBsYWNlbWVudD17e3BsYWNlbWVudH19JnB4PTIwNjg1NzkyMTA1NzA0NzkmcmFuZG9tPU1USXdNak0zTlRrM01UYzNNVE13TkRVejE3Njg0NjY5OTI0MDEwNjUiLCIkdGl0bGUiOiJUb28gTGF0ZSBUbyBNaXNzIE1lIHwgRHJlYW1lU2hvcnQifSwiYW5vbnltb3VzX2lkIjoiMTliYzg1MWE1NDU4ZDUtMGViMTBlZDFiNzYwZmUtMTM0NjJjNjktMTkyMDAwMC0xOWJjODUxYTU0NjJhMSIsInR5cGUiOiJ0cmFjayIsImV2ZW50IjoiY2xpcGJvYXJkQ3JlYXRlIiwidGltZSI6MTc2ODU5MjM1MjY4NCwiX3RyYWNrX2lkIjoyNjQ5MDI2ODUsIl9mbHVzaF90aW1lIjoxNzY4NTkyMzUyNjg1fQ%3D%3D&ext=crc%3D-272872444
Requested by: Host: mkt.zrgnovel.com
URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237597177130453&af_adset={{adset.name}}&af_adset_id=120237597177420453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NTk3MTc3MTMwNDUz1768466992401065
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.58.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-58-139.compute-1.amazonaws.com
Software: Sws /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://mkt.zrgnovel.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 28 Sep 1970 05:00:00 GMT
access-control-allow-origin: *
content-length: 43
date: Fri, 16 Jan 2026 19:39:13 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: Sws

POST
H2 200 addAttributionInfo
api.dreameshort.com/ad/ 0
0 1069ms
416ms Ping
application/json 18.234.168.144
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: https://api.dreameshort.com/ad/addAttributionInfo
Requested by: Host: assets.dreame.com
URL: https://assets.dreame.com/dreame/file/staticLandingCommonScript.1.js?ts=1767628136400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.234.168.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-234-168-144.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://mkt.zrgnovel.com/

Response headers

GET
H2 200 sa.gif
bi.dreame.com/ 43 B
257 B 969ms
614ms Image
image/gif 52.45.58.139
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://bi.dreame.com:9106/sa.gif?project=d_project&data=eyJpZGVudGl0aWVzIjp7IiRpZGVudGl0eV9jb29raWVfaWQiOiIxOWJjODUxYTU0NThkNS0wZWIxMGVkMWI3NjBmZS0xMzQ2MmM2OS0xOTIwMDAwLTE5YmM4NTFhNTQ2MmExIn0sImRpc3RpbmN0X2lkIjoiMTliYzg1MWE1NDU4ZDUtMGViMTBlZDFiNzYwZmUtMTM0NjJjNjktMTkyMDAwMC0xOWJjODUxYTU0NjJhMSIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjIzLjUifSwicHJvcGVydGllcyI6eyJ3YXBfYW5vbnltb3VzX2lkIjoiMzcyYzBjZDljNDJiZjU4MmIyOGIzMzY1ZDkyYWRmMzAifSwiYW5vbnltb3VzX2lkIjoiMTliYzg1MWE1NDU4ZDUtMGViMTBlZDFiNzYwZmUtMTM0NjJjNjktMTkyMDAwMC0xOWJjODUxYTU0NjJhMSIsInR5cGUiOiJwcm9maWxlX3NldF9vbmNlIiwidGltZSI6MTc2ODU5MjM1Mjg1NCwiX3RyYWNrX2lkIjo1NDQyMDI4NTQsIl9mbHVzaF90aW1lIjoxNzY4NTkyMzUyODU0fQ%3D%3D&ext=crc%3D-870463710
Requested by: Host: mkt.zrgnovel.com
URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237597177130453&af_adset={{adset.name}}&af_adset_id=120237597177420453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NTk3MTc3MTMwNDUz1768466992401065
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.58.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-58-139.compute-1.amazonaws.com
Software: Sws /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://mkt.zrgnovel.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 28 Sep 1970 05:00:00 GMT
access-control-allow-origin: *
content-length: 43
date: Fri, 16 Jan 2026 19:39:13 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: Sws

GET
H2 200 sa.gif
bi.dreame.com/ 43 B
257 B 584ms
339ms Image
image/gif 52.45.58.139
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://bi.dreame.com:9106/sa.gif?project=d_project&data=eyJpZGVudGl0aWVzIjp7IiRpZGVudGl0eV9jb29raWVfaWQiOiIxOWJjODUxYTU0NThkNS0wZWIxMGVkMWI3NjBmZS0xMzQ2MmM2OS0xOTIwMDAwLTE5YmM4NTFhNTQ2MmExIn0sImRpc3RpbmN0X2lkIjoiMTliYzg1MWE1NDU4ZDUtMGViMTBlZDFiNzYwZmUtMTM0NjJjNjktMTkyMDAwMC0xOWJjODUxYTU0NjJhMSIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjIzLjUifSwicHJvcGVydGllcyI6eyIkdGltZXpvbmVfb2Zmc2V0IjotNDgwLCIkc2NyZWVuX2hlaWdodCI6MTIwMCwiJHNjcmVlbl93aWR0aCI6MTYwMCwiJHZpZXdwb3J0X2hlaWdodCI6MTIwMCwiJHZpZXdwb3J0X3dpZHRoIjoxNjAwLCIkbGliIjoianMiLCIkbGliX3ZlcnNpb24iOiIxLjIzLjUiLCIkbGF0ZXN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLku5jotLnlub%2FlkYrmtYHph48iLCIkbGF0ZXN0X3NlYXJjaF9rZXl3b3JkIjoi5pyq5Y%2BW5Yiw5YC8X%2BebtOaOpeaJk%2BW8gCIsIiRsYXRlc3RfcmVmZXJyZXIiOiIiLCIkbGF0ZXN0X3V0bV9zb3VyY2UiOiJmYWNlYm9va19hZHMiLCIkbGF0ZXN0X3V0bV9jYW1wYWlnbiI6Int7Y2FtcGFpZ24ubmFtZX19IiwiY2hhbm5lbCI6ImRyZWFtZXBtaWFuLTE3MyIsInBvcnQiOiJ3ZWIiLCJ3YXBfcGlkIjo5NDI0LCJ3aW5kb3dfYW5vbnltb3VzX2lkIjoiMzcyYzBjZDljNDJiZjU4MmIyOGIzMzY1ZDkyYWRmMzAiLCJwcm9ncmVzc1JhdGlvIjowLCJjaGFwdGVyX2lkIjowLCJwYWdlX2luZGV4IjowLCIkaXNfZmlyc3RfZGF5Ijp0cnVlLCIkdXJsIjoiaHR0cHM6Ly9ta3QuenJnbm92ZWwuY29tL2RyZWFtZS9hZGxhbmRpbmcvOS80MDU3NDY0ODMyLzk0MjQvZmI3MDQ3OS8yMDI2MTUxNTQ4NTY0OTk%2FdXRtX3NvdXJjZT1mYWNlYm9va19hZHMmdXRtX2NhbXBhaWduPXt7Y2FtcGFpZ24ubmFtZX19JmFmX2NfaWQ9MTIwMjM3NTk3MTc3MTMwNDUzJmFmX2Fkc2V0PXt7YWRzZXQubmFtZX19JmFmX2Fkc2V0X2lkPTEyMDIzNzU5NzE3NzQyMDQ1MyZhZl9hZF9pZD17e2FkLmlkfX0mYWZfYWQ9e3thZC5uYW1lfX0mYWZfY2hhbm5lbD17e3NpdGVfc291cmNlX25hbWV9fSZwbGFjZW1lbnQ9e3twbGFjZW1lbnR9fSZweD0yMDY4NTc5MjEwNTcwNDc5JnJhbmRvbT1NVEl3TWpNM05UazNNVGMzTVRNd05EVXoxNzY4NDY2OTkyNDAxMDY1IiwiJHRpdGxlIjoiVG9vIExhdGUgVG8gTWlzcyBNZSB8IERyZWFtZVNob3J0In0sImFub255bW91c19pZCI6IjE5YmM4NTFhNTQ1OGQ1LTBlYjEwZWQxYjc2MGZlLTEzNDYyYzY5LTE5MjAwMDAtMTliYzg1MWE1NDYyYTEiLCJ0eXBlIjoidHJhY2siLCJldmVudCI6InBhZ2Vfdmlld19zbGlkZSIsInRpbWUiOjE3Njg1OTIzNTI5NjMsIl90cmFja19pZCI6NDI4NDcyOTY0LCJfZmx1c2hfdGltZSI6MTc2ODU5MjM1Mjk2NH0%3D&ext=crc%3D1868817223
Requested by: Host: mkt.zrgnovel.com
URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237597177130453&af_adset={{adset.name}}&af_adset_id=120237597177420453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NTk3MTc3MTMwNDUz1768466992401065
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.58.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-58-139.compute-1.amazonaws.com
Software: Sws /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://mkt.zrgnovel.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 28 Sep 1970 05:00:00 GMT
access-control-allow-origin: *
content-length: 43
date: Fri, 16 Jan 2026 19:39:13 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: Sws

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/stary-web-page/ 0
0 292ms
132ms Preflight
text/html 142.250.195.106
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/stary-web-page/installations

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

142.250.195.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzsyda-ad-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://mkt.zrgnovel.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://mkt.zrgnovel.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 16 Jan 2026 19:39:14 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/stary-web-page/ 625 B
671 B 833ms
830ms Fetch
application/json 142.250.195.106
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/stary-web-page/installations

Requested by

Host: assets.dreame.com
URL: https://assets.dreame.com/dreame/file/staticLandingCommonScript.1.js?ts=1767628136400

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

142.250.195.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzsyda-ad-in-f10.1e100.net

Software

ESF /

Resource Hash

a0bb77d2bcc455c6025993e15fd0c52e34e56c2bb91b9f14610d69c265508a17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-firebase-client: eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjEzLjEgZmlyZS1jb3JlLWVzbTIwMTcvMC4xMy4xIGZpcmUtanMvIGZpcmUtanMtYWxsLWFwcC8xMS45LjEgZmlyZS1paWQvMC42LjE3IGZpcmUtaWlkLWVzbTIwMTcvMC42LjE3IGZpcmUtcGVyZi8wLjcuNiBmaXJlLXBlcmYtZXNtMjAxNy8wLjcuNiIsImRhdGVzIjpbIjIwMjYtMDEtMTYiXX1dfQ
x-goog-api-key: AIzaSyCa5h90UFcwx9JG3Qq-JyvGejQB1nGEotQ
Referer: https://mkt.zrgnovel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
accept: application/json
content-type: application/json

Response headers

access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://mkt.zrgnovel.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 488
date: Fri, 16 Jan 2026 19:39:14 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 450bed6e206f7ed88e57deb9c09761aa.ico
assets.dreame.com/dreame/file/ 2 KB
3 KB 25ms
25ms Other
image/x-icon 18.67.93.32
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://assets.dreame.com/dreame/file/450bed6e206f7ed88e57deb9c09761aa.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-32.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d781981162cece64bde9113807889b10338e408a2b9a0eece4eca08371aed033

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://mkt.zrgnovel.com/

Response headers

cache-control: max-age=15552000
x-amz-version-id: G.yCrz3qPS6wvRx5E0fF9qLDEAdhqwBJ
etag: "b33a0a1ee02ff392706a84f406abfb6a"
age: 3156877
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 2370
x-amz-cf-id: 7bumJVL3A_pFob-hxKre0iRtT-0HItKD4EB8fQg9eVuLLxTIxEoi3w==
date: Thu, 11 Dec 2025 06:44:37 GMT
content-type: image/x-icon
last-modified: Mon, 08 Apr 2024 06:29:47 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
x-amz-server-side-encryption: AES256

GET
H3 200 2068579210570479 Show response
connect.facebook.net/signals/config/ 147 KB
35 KB 26ms
26ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/signals/config/2068579210570479?v=2.9.249&r=stable&domain=mkt.zrgnovel.com&hme=55aefe1c49be5a19d8e824ed1e4d1aa19c2218c89fb7f12848983e28aeeccbb5&ex_m=93%2C155%2C133%2C20%2C66%2C67%2C126%2C62%2C42%2C127%2C71%2C61%2C10%2C140%2C79%2C15%2C92%2C121%2C114%2C69%2C72%2C120%2C137%2C101%2C142%2C7%2C3%2C4%2C6%2C5%2C2%2C80%2C90%2C143%2C222%2C166%2C56%2C224%2C225%2C49%2C181%2C27%2C68%2C230%2C229%2C169%2C29%2C55%2C9%2C58%2C86%2C87%2C88%2C94%2C117%2C28%2C26%2C119%2C116%2C115%2C134%2C70%2C136%2C135%2C44%2C54%2C110%2C14%2C139%2C39%2C211%2C213%2C176%2C23%2C24%2C25%2C17%2C18%2C38%2C34%2C36%2C35%2C75%2C81%2C85%2C99%2C125%2C128%2C40%2C100%2C21%2C19%2C106%2C63%2C32%2C130%2C129%2C131%2C122%2C22%2C31%2C53%2C98%2C138%2C64%2C16%2C132%2C103%2C30%2C191%2C162%2C281%2C209%2C153%2C194%2C187%2C163%2C96%2C118%2C74%2C108%2C48%2C43%2C102%2C41%2C107%2C113%2C52%2C59%2C112%2C47%2C50%2C46%2C89%2C141%2C0%2C111%2C13%2C109%2C11%2C1%2C51%2C82%2C57%2C60%2C105%2C78%2C77%2C144%2C145%2C83%2C84%2C8%2C91%2C45%2C123%2C76%2C73%2C65%2C104%2C95%2C37%2C124%2C33%2C97%2C12%2C146

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

4e6a069fbef82771bd3c49c4dd3bf79f29d5d68613a85a7348c03cecd9a28a1a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: ;script-src 'nonce-wSbCUD3u' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: 'self' https://.google-analytics.com .google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: .cdninstagram.com https://.google-analytics.com;font-src 'self' data: blob: ;img-src 'self' data: blob: https://.google-analytics.com;media-src 'self' data: blob: ;child-src 'self' data: blob: ;frame-src 'self' data: blob: ;manifest-src 'self' data: blob: ;object-src 'self' data: blob: ;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://mkt.zrgnovel.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 16 Jan 2026 19:39:13 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' blob: *;script-src 'nonce-wSbCUD3u' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=99, mss=1232, tbw=103034, tp=93, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: e13/4bxTzX2jv0h6uar5pc+lwvXRLB8EYMUUCFtqt9TCX9nMrrX3L2QcwnQJynSxFur3jFIrIsNeZO3lelWuYg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top, include-js-call-stacks-in-crash-reports
content-length: 35550
x-xss-protection: 0
origin-agent-cluster: ?1

GET dreameshort://af?af_js_web=true&is_retargeting=true&deep_link_value=dreameshort%3A%2F%2Fdreameshort.com%2Fplayer%3FbookId%3D1375%26jumpType%3D2001%26source%3DdeepLinks%26testGroup%3DBOTTOM_PLAY%26dubType%3Ddefvid&af_sub3=2068579210570479&ldy_ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F144.0.0.0+Safari%2F537.36&deep_link_sub1=media_source%253Dfacebook_ads%2526campaign%253D%25257B%25257Bcampaign.name%25257D%25257D%2526af_adset%253D%25257B%25257Badset.name%25257D%25257D%2526af_sub1%253D%2526af_sub2%253Dundefined%2526af_sub3%253D2068579210570479%2526af_sub4%253Dundefined&s2s=true&ldy_type=landing&cts=1768592352&product=56&timezone=Australia%2FPerth&af_c_id=120237597177130453&af_adset=%7B%7Badset.name%7D%7D&af_adset_id=120237597177420453&af_ad_id=%7B%7Bad.id%7D%7D&af_ad=%7B%7Bad.name%7D%7D&af_channel=%7B%7Bsite_source_name%7D%7D&placement=%7B%7Bplacement%7D%7D&px=2068579210570479&random=MTIwMjM3NTk3MTc3MTMwNDUz1768466992401065&lp_url=https%3A%2F%2Fmkt.zrgnovel.com%2Fdreame%2Fadlanding%2F9%2F4057464832%2F9424%2Ffb70479%2F202615154856499&media_source=facebook_ads&campaign=%7B%7Bcampaign.name%7D%7D
dreameshort://af?af_js_web=true&is_retargeting=true&deep_link_value=dreameshort%3A%2F%2Fdreameshort.com%2Fplayer%3FbookId%3D1375%26jumpType%3D2001%26source%3DdeepLinks%26testGroup%3DBOTTOM_PLAY%26dubType%3Ddefvid&af_sub3=2068579210570479&ldy_ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F144.0.0.0+Safari%2F537.36&deep_link_sub1=media_source%253Dfacebook_ads%2526campaign%253D%25257B%25257Bcampaign.name%25257D%25257D%2526af_adset%253D%25257B%25257Badset.name%25257D%25257D%2526af_sub1%253D%2526af_sub2%253Dundefined%2526af_sub3%253D2068579210570479%2526af_sub4%253Dundefined&s2s=true&ldy_type=landing&cts=1768592352&product=56&timezone=Australia%2FPerth&af_c_id=120237597177130453&af_adset=%7B%7Badset.name%7D%7D&af_adset_id=120237597177420453&af_ad_id=%7B%7Bad.id%7D%7D&af_ad=%7B%7Bad.name%7D%7D&af_channel=%7B%7Bsite_source_name%7D%7D&placement=%7B%7Bplacement%7D%7D&px=2068579210570479&random=MTIwMjM3NTk3MTc3MTMwNDUz1768466992401065&lp_url=https%3A%2F%2Fmkt.zrgnovel.com%2Fdreame%2Fadlanding%2F9%2F4057464832%2F9424%2Ffb70479%2F202615154856499&media_source=facebook_ads&campaign=%7B%7Bcampaign.name%7D%7D 0
0

GET
H2 200 sa.gif
bi.dreame.com/ 43 B
257 B 441ms
441ms Image
image/gif 52.45.58.139
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://bi.dreame.com:9106/sa.gif?project=d_project&data=eyJpZGVudGl0aWVzIjp7IiRpZGVudGl0eV9jb29raWVfaWQiOiIxOWJjODUxYTU0NThkNS0wZWIxMGVkMWI3NjBmZS0xMzQ2MmM2OS0xOTIwMDAwLTE5YmM4NTFhNTQ2MmExIn0sImRpc3RpbmN0X2lkIjoiMTliYzg1MWE1NDU4ZDUtMGViMTBlZDFiNzYwZmUtMTM0NjJjNjktMTkyMDAwMC0xOWJjODUxYTU0NjJhMSIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjIzLjUifSwicHJvcGVydGllcyI6eyIkdGltZXpvbmVfb2Zmc2V0IjotNDgwLCIkc2NyZWVuX2hlaWdodCI6MTIwMCwiJHNjcmVlbl93aWR0aCI6MTYwMCwiJHZpZXdwb3J0X2hlaWdodCI6MTIwMCwiJHZpZXdwb3J0X3dpZHRoIjoxNjAwLCIkbGliIjoianMiLCIkbGliX3ZlcnNpb24iOiIxLjIzLjUiLCIkbGF0ZXN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLku5jotLnlub%2FlkYrmtYHph48iLCIkbGF0ZXN0X3NlYXJjaF9rZXl3b3JkIjoi5pyq5Y%2BW5Yiw5YC8X%2BebtOaOpeaJk%2BW8gCIsIiRsYXRlc3RfcmVmZXJyZXIiOiIiLCIkbGF0ZXN0X3V0bV9zb3VyY2UiOiJmYWNlYm9va19hZHMiLCIkbGF0ZXN0X3V0bV9jYW1wYWlnbiI6Int7Y2FtcGFpZ24ubmFtZX19IiwiY2hhbm5lbCI6ImRyZWFtZXBtaWFuLTE3MyIsInBvcnQiOiJ3ZWIiLCJ3YXBfcGlkIjo5NDI0LCJ3aW5kb3dfYW5vbnltb3VzX2lkIjoiMzcyYzBjZDljNDJiZjU4MmIyOGIzMzY1ZDkyYWRmMzAiLCIkdGl0bGUiOiJUb28gTGF0ZSBUbyBNaXNzIE1lIHwgRHJlYW1lU2hvcnQiLCIkdXJsIjoiaHR0cHM6Ly9ta3QuenJnbm92ZWwuY29tL2RyZWFtZS9hZGxhbmRpbmcvOS80MDU3NDY0ODMyLzk0MjQvZmI3MDQ3OS8yMDI2MTUxNTQ4NTY0OTk%2FdXRtX3NvdXJjZT1mYWNlYm9va19hZHMmdXRtX2NhbXBhaWduPXt7Y2FtcGFpZ24ubmFtZX19JmFmX2NfaWQ9MTIwMjM3NTk3MTc3MTMwNDUzJmFmX2Fkc2V0PXt7YWRzZXQubmFtZX19JmFmX2Fkc2V0X2lkPTEyMDIzNzU5NzE3NzQyMDQ1MyZhZl9hZF9pZD17e2FkLmlkfX0mYWZfYWQ9e3thZC5uYW1lfX0mYWZfY2hhbm5lbD17e3NpdGVfc291cmNlX25hbWV9fSZwbGFjZW1lbnQ9e3twbGFjZW1lbnR9fSZweD0yMDY4NTc5MjEwNTcwNDc5JnJhbmRvbT1NVEl3TWpNM05UazNNVGMzTVRNd05EVXoxNzY4NDY2OTkyNDAxMDY1IiwiJHVybF9wYXRoIjoiL2RyZWFtZS9hZGxhbmRpbmcvOS80MDU3NDY0ODMyLzk0MjQvZmI3MDQ3OS8yMDI2MTUxNTQ4NTY0OTkiLCIkcmVmZXJyZXJfaG9zdCI6IiIsIiRyZWZlcnJlciI6IiIsIiR2aWV3cG9ydF9wb3NpdGlvbiI6MCwiZXZlbnRfZHVyYXRpb24iOjAuMDgyLCIkaXNfZmlyc3RfZGF5Ijp0cnVlfSwiYW5vbnltb3VzX2lkIjoiMTliYzg1MWE1NDU4ZDUtMGViMTBlZDFiNzYwZmUtMTM0NjJjNjktMTkyMDAwMC0xOWJjODUxYTU0NjJhMSIsInR5cGUiOiJ0cmFjayIsImV2ZW50IjoiJFdlYlBhZ2VMZWF2ZSIsInRpbWUiOjE3Njg1OTIzNTM5MDgsIl90cmFja19pZCI6MjYxODYzOTA5LCJfZmx1c2hfdGltZSI6MTc2ODU5MjM1MzkwOX0%3D&ext=crc%3D-25597286
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.58.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-58-139.compute-1.amazonaws.com
Software: Sws /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://mkt.zrgnovel.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 28 Sep 1970 05:00:00 GMT
access-control-allow-origin: *
content-length: 43
date: Fri, 16 Jan 2026 19:39:14 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: Sws

GET
H3 200 /
www.facebook.com/privacy_sandbox/topics/registration/ 67 B
0 400ms
368ms Fetch
image/png 157.240.8.35
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://www.facebook.com/privacy_sandbox/topics/registration/?id=2068579210570479

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/2068579210570479?v=2.9.249&r=stable&domain=mkt.zrgnovel.com&hme=55aefe1c49be5a19d8e824ed1e4d1aa19c2218c89fb7f12848983e28aeeccbb5&ex_m=93%2C155%2C133%2C20%2C66%2C67%2C126%2C62%2C42%2C127%2C71%2C61%2C10%2C140%2C79%2C15%2C92%2C121%2C114%2C69%2C72%2C120%2C137%2C101%2C142%2C7%2C3%2C4%2C6%2C5%2C2%2C80%2C90%2C143%2C222%2C166%2C56%2C224%2C225%2C49%2C181%2C27%2C68%2C230%2C229%2C169%2C29%2C55%2C9%2C58%2C86%2C87%2C88%2C94%2C117%2C28%2C26%2C119%2C116%2C115%2C134%2C70%2C136%2C135%2C44%2C54%2C110%2C14%2C139%2C39%2C211%2C213%2C176%2C23%2C24%2C25%2C17%2C18%2C38%2C34%2C36%2C35%2C75%2C81%2C85%2C99%2C125%2C128%2C40%2C100%2C21%2C19%2C106%2C63%2C32%2C130%2C129%2C131%2C122%2C22%2C31%2C53%2C98%2C138%2C64%2C16%2C132%2C103%2C30%2C191%2C162%2C281%2C209%2C153%2C194%2C187%2C163%2C96%2C118%2C74%2C108%2C48%2C43%2C102%2C41%2C107%2C113%2C52%2C59%2C112%2C47%2C50%2C46%2C89%2C141%2C0%2C111%2C13%2C109%2C11%2C1%2C51%2C82%2C57%2C60%2C105%2C78%2C77%2C144%2C145%2C83%2C84%2C8%2C91%2C45%2C123%2C76%2C73%2C65%2C104%2C95%2C37%2C124%2C33%2C97%2C12%2C146

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'nonce-jZxkk2VX' blob: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com .instagram.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://trustly.one/ https://.trustly.one/ https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;child-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net accounts.meta.com .accounts.meta.com https://trustly.one/ https://.trustly.one/ https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;manifest-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;object-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://mkt.zrgnovel.com/

Response headers

access-control-expose-headers: X-FB-Debug, X-Loader-Length, X-Stack, Error-MID
content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7596046322491793243&cpp=C2&cv=1032104740&st=1768592354244"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
observe-browsing-topics: ?1
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-methods: OPTIONS
alt-svc: h3=":443"; ma=86400
date: Fri, 16 Jan 2026 19:39:14 GMT
content-type: image/png
vary: Origin, Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=1,i
x-fb-debug: sTHpKp8DCM6C8hgkVWXN/QOG1uCiQ7WQ1cbzIhezl+NP7h2snoQeazoKz0usIFzmq9JIbn5Fnx0GQ+8XaDpdLg==
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7596046322491793243&cpp=C2&cv=1032104740&st=1768592354244", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-jZxkk2VX' blob: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com *.instagram.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=0, c=24, mss=1232, tbw=4982, tp=9, tpl=0, uplat=342, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self "https://www.fbsbx.com"), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top, include-js-call-stacks-in-crash-reports
access-control-allow-origin: *
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 200 eventPush
api.dreame.com/api/ 32 B
477 B 1167ms
572ms Ping
text/html 3.212.239.207
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: https://api.dreame.com/api/eventPush
Requested by: Host: assets.dreame.com
URL: https://assets.dreame.com/dreame/file/staticLandingCommonScript.1.js?ts=1767628136400
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.239.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-239-207.compute-1.amazonaws.com
Software: nginx / PHP/7.4.33
Resource Hash: a3ca9511084802f73ba055cd1475adbb89e8a147382d93b03fc0ab98063de03d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://mkt.zrgnovel.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,PUT
access-control-allow-origin: https://mkt.zrgnovel.com
date: Fri, 16 Jan 2026 19:39:15 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Bearer-Token, X-Origin-Product, X-App-Language, X-App-OsType, X-App-DeviceId, X-App-DistinctId, X-App-VersionName, X-App-Channel, X-App-Platform, Paypal-Client-Metadata-Id

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 58ms
27ms Image
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2068579210570479&ev=PageView&dl=https%3A%2F%2Fmkt.zrgnovel.com%2Fdreame%2Fadlanding%2F9%2F4057464832%2F9424%2Ffb70479%2F202615154856499%3Futm_source%3Dfacebook_ads%26utm_campaign%3D%7B%7Bcampaign.name%7D%7D%26af_c_id%3D120237597177130453%26af_adset%3D%7B%7Badset.name%7D%7D%26af_adset_id%3D120237597177420453%26af_ad_id%3D%7B%7Bad.id%7D%7D%26af_ad%3D%7B%7Bad.name%7D%7D%26af_channel%3D%7B%7Bsite_source_name%7D%7D%26placement%3D%7B%7Bplacement%7D%7D%26px%3D2068579210570479%26random%3DMTIwMjM3NTk3MTc3MTMwNDUz1768466992401065&rl=&if=false&ts=1768592354018&sw=1600&sh=1200&cud[external_id]=%23%23%23*%23**%23*%23%23**%23%23%23*%23%23*%23%23%23%23*%23%23***%23%23&ncud[external_id]=%23%23%23*%23**%23*%23%23**%23%23%23*%23%23*%23%23%23%23*%23%23***%23%23&ud[external_id]=372c0cd9c42bf582b28b3365d92adf30&aud[external_id]=372c0cd9c42bf582b28b3365d92adf30&v=2.9.249&r=stable&ec=0&o=4126&fbp=fb.1.1768592354010.652805714736866884&ler=empty&cdl=API_unavailable&pmd[title]=Too%20Late%20To%20Miss%20Me%20%7C%20DreameShort&pmd[description]=A%20wonderland%20for%20all%20kinds%20of%20book%20lovers%3B%20Embrace%20a%20whole%20new%20world%20of%20gripping%20stories.&plt=781.7999992370605&it=1768592353903&coo=false&expv2[0]=pl1&expv2[1]=el2&expv2[2]=bc1&expv2[3]=mr2&expv2[4]=ct2&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://mkt.zrgnovel.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=4760, tp=9, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 16 Jan 2026 19:39:14 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
197 B 555ms
524ms Image
image/png 157.240.8.35
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2068579210570479&ev=PageView&dl=https%3A%2F%2Fmkt.zrgnovel.com%2Fdreame%2Fadlanding%2F9%2F4057464832%2F9424%2Ffb70479%2F202615154856499%3Futm_source%3Dfacebook_ads%26utm_campaign%3D%7B%7Bcampaign.name%7D%7D%26af_c_id%3D120237597177130453%26af_adset%3D%7B%7Badset.name%7D%7D%26af_adset_id%3D120237597177420453%26af_ad_id%3D%7B%7Bad.id%7D%7D%26af_ad%3D%7B%7Bad.name%7D%7D%26af_channel%3D%7B%7Bsite_source_name%7D%7D%26placement%3D%7B%7Bplacement%7D%7D%26px%3D2068579210570479%26random%3DMTIwMjM3NTk3MTc3MTMwNDUz1768466992401065&rl=&if=false&ts=1768592354018&sw=1600&sh=1200&cud[external_id]=%23%23%23*%23**%23*%23%23**%23%23%23*%23%23*%23%23%23%23*%23%23***%23%23&ncud[external_id]=%23%23%23*%23**%23*%23%23**%23%23%23*%23%23*%23%23%23%23*%23%23***%23%23&ud[external_id]=372c0cd9c42bf582b28b3365d92adf30&aud[external_id]=372c0cd9c42bf582b28b3365d92adf30&v=2.9.249&r=stable&ec=0&o=4126&fbp=fb.1.1768592354010.652805714736866884&ler=empty&cdl=API_unavailable&pmd[title]=Too%20Late%20To%20Miss%20Me%20%7C%20DreameShort&pmd[description]=A%20wonderland%20for%20all%20kinds%20of%20book%20lovers%3B%20Embrace%20a%20whole%20new%20world%20of%20gripping%20stories.&plt=781.7999992370605&it=1768592353903&coo=false&expv2[0]=pl1&expv2[1]=el2&expv2[2]=bc1&expv2[3]=mr2&expv2[4]=ct2&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'nonce-yd3bN3Sr' blob: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com .instagram.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://trustly.one/ https://.trustly.one/ https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;child-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net accounts.meta.com .accounts.meta.com https://trustly.one/ https://.trustly.one/ https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;manifest-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;object-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer: https://mkt.zrgnovel.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7596046322467350731&cpp=C2&cv=1032104740&st=1768592354215"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 16 Jan 2026 19:39:14 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: uawsoEQYa+aD7GApuAAjO6qS5ypKCcJioB2ZlAE+ZnbVz4QKv+kivlegSN+qhd4r8I+2e9VjhKjctw7YQmMnHw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7596046322467350731&cpp=C2&cv=1032104740&st=1768592354215", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-yd3bN3Sr' blob: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com *.instagram.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=24, mss=1232, tbw=5400, tp=13, tpl=0, uplat=498, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self "https://www.fbsbx.com"), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top, include-js-call-stacks-in-crash-reports
x-xss-protection: 0
origin-agent-cluster: ?1

OPTIONS
H2 204 eventPush
api.dreame.com/api/ 0
0 375ms
373ms Preflight 3.212.239.207
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: https://api.dreame.com/api/eventPush
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.239.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-239-207.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mkt.zrgnovel.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Bearer-Token, X-Origin-Product, X-App-Language, X-App-OsType, X-App-DeviceId, X-App-DistinctId, X-App-VersionName, X-App-Channel, X-App-Platform, Paypal-Client-Metadata-Id
access-control-allow-methods: POST,GET,PUT
access-control-allow-origin: https://mkt.zrgnovel.com
date: Fri, 16 Jan 2026 19:39:14 GMT
server: nginx

POST
H3 200 fireperf:fetch Show response
firebaseremoteconfig.googleapis.com/v1/projects/stary-web-page/namespaces/ 1 KB
499 B 173ms
172ms Fetch
application/json 142.250.195.106
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/stary-web-page/namespaces/fireperf:fetch?key=AIzaSyCa5h90UFcwx9JG3Qq-JyvGejQB1nGEotQ

Requested by

Host: assets.dreame.com
URL: https://assets.dreame.com/dreame/file/staticLandingCommonScript.1.js?ts=1767628136400

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.195.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzsyda-ad-in-f10.1e100.net

Software

ESF /

Resource Hash

bbad072ecee59170301b5914416b90047a06744c259c0ab0b92e17bf90c2d85d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Authorization: FIREBASE_INSTALLATIONS_AUTH eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHBJZCI6IjE6MjQ5MjU2MjAyNzY0OndlYjoyYzk5NmYwZDk5ZjNmOTdiZDA1NDI5IiwiZXhwIjoxNzY5MTk3MTU0LCJmaWQiOiJkRW96RkpBQjB4S05jdjVtYXlrdl9KIiwicHJvamVjdE51bWJlciI6MjQ5MjU2MjAyNzY0fQ.AB2LPV8wRQIhAOP63pnonSdAhne4GtscIcLNCKxh-ba_Hbs74KGfg2ACAiBh7a09voIHOgscR6jYWMgDIhwbzE280gUNo8TRRzbLCg
Referer: https://mkt.zrgnovel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-expose-headers: etag,vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
etag: etag-stary-web-page-fireperf-fetch-897541966
x-content-type-options: nosniff
access-control-allow-origin: https://mkt.zrgnovel.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 476
date: Fri, 16 Jan 2026 19:39:15 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: ESF
x-frame-options: SAMEORIGIN

OPTIONS
H2 200 fireperf:fetch
firebaseremoteconfig.googleapis.com/v1/projects/stary-web-page/namespaces/ 0
0 168ms
162ms Preflight
text/html 142.250.195.106
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/stary-web-page/namespaces/fireperf:fetch?key=AIzaSyCa5h90UFcwx9JG3Qq-JyvGejQB1nGEotQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

142.250.195.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzsyda-ad-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: POST
Origin: https://mkt.zrgnovel.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://mkt.zrgnovel.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 16 Jan 2026 19:39:15 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST log
firebaselogging-pa.googleapis.com/v1/firelog/legacy/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: af
URL: dreameshort://af?af_js_web=true&is_retargeting=true&deep_link_value=dreameshort%3A%2F%2Fdreameshort.com%2Fplayer%3FbookId%3D1375%26jumpType%3D2001%26source%3DdeepLinks%26testGroup%3DBOTTOM_PLAY%26dubType%3Ddefvid&af_sub3=2068579210570479&ldy_ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F144.0.0.0+Safari%2F537.36&deep_link_sub1=media_source%253Dfacebook_ads%2526campaign%253D%25257B%25257Bcampaign.name%25257D%25257D%2526af_adset%253D%25257B%25257Badset.name%25257D%25257D%2526af_sub1%253D%2526af_sub2%253Dundefined%2526af_sub3%253D2068579210570479%2526af_sub4%253Dundefined&s2s=true&ldy_type=landing&cts=1768592352&product=56&timezone=Australia%2FPerth&af_c_id=120237597177130453&af_adset=%7B%7Badset.name%7D%7D&af_adset_id=120237597177420453&af_ad_id=%7B%7Bad.id%7D%7D&af_ad=%7B%7Bad.name%7D%7D&af_channel=%7B%7Bsite_source_name%7D%7D&placement=%7B%7Bplacement%7D%7D&px=2068579210570479&random=MTIwMjM3NTk3MTc3MTMwNDUz1768466992401065&lp_url=https%3A%2F%2Fmkt.zrgnovel.com%2Fdreame%2Fadlanding%2F9%2F4057464832%2F9424%2Ffb70479%2F202615154856499&media_source=facebook_ads&campaign=%7B%7Bcampaign.name%7D%7D

Domain: firebaselogging-pa.googleapis.com
URL: https://firebaselogging-pa.googleapis.com/v1/firelog/legacy/log?key=AIzaSyCx80ru6-RXeTi3GvqkFsMVyMf-vpgIoVw

Verdicts & Comments Add Verdict or Comment

376 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.zrgnovel.com/	1970-01-21 11:17:45	Name: sajssdk_2015_cross_new_user Value: 1
.zrgnovel.com/	1970-01-21 20:52:32	Name: sensorsdata2015jssdkcross Value: %7B%22distinct_id%22%3A%2219bc851a5458d5-0eb10ed1b760fe-13462c69-1920000-19bc851a5462a1%22%2C%22first_id%22%3A%22%22%2C%22props%22%3A%7B%22%24latest_traffic_source_type%22%3A%22%E4%BB%98%E8%B4%B9%E5%B9%BF%E5%91%8A%E6%B5%81%E9%87%8F%22%2C%22%24latest_search_keyword%22%3A%22%E6%9C%AA%E5%8F%96%E5%88%B0%E5%80%BC_%E7%9B%B4%E6%8E%A5%E6%89%93%E5%BC%80%22%2C%22%24latest_referrer%22%3A%22%22%2C%22%24latest_utm_source%22%3A%22facebook_ads%22%2C%22%24latest_utm_campaign%22%3A%22%7B%7Bcampaign.name%7D%7D%22%7D%2C%22identities%22%3A%22eyIkaWRlbnRpdHlfY29va2llX2lkIjoiMTliYzg1MWE1NDU4ZDUtMGViMTBlZDFiNzYwZmUtMTM0NjJjNjktMTkyMDAwMC0xOWJjODUxYTU0NjJhMSJ9%22%2C%22history_login_id%22%3A%7B%22name%22%3A%22%22%2C%22value%22%3A%22%22%7D%2C%22%24device_id%22%3A%2219bc851a5458d5-0eb10ed1b760fe-13462c69-1920000-19bc851a5462a1%22%7D
.zrgnovel.com/	1970-01-21 13:26:08	Name: _fbp Value: fb.1.1768592354010.652805714736866884

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237597177130453&af_adset={{adset.name}}&af_adset_id=120237597177420453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NTk3MTc3MTMwNDUz1768466992401065 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0203F0044170000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237597177130453&af_adset={{adset.name}}&af_adset_id=120237597177420453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NTk3MTc3MTMwNDUz1768466992401065 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A0111044170000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
other	error	URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237597177130453&af_adset={{adset.name}}&af_adset_id=120237597177420453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NTk3MTc3MTMwNDUz1768466992401065 Message: Not allowed to launch 'dreameshort://af?af_js_web=true&is_retargeting=true&deep_link_value=dreameshort%3A%2F%2Fdreameshort.com%2Fplayer%3FbookId%3D1375%26jumpType%3D2001%26source%3DdeepLinks%26testGroup%3DBOTTOM_PLAY%26dubType%3Ddefvid&af_sub3=2068579210570479&ldy_ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F144.0.0.0+Safari%2F537.36&deep_link_sub1=media_source%253Dfacebook_ads%2526campaign%253D%25257B%25257Bcampaign.name%25257D%25257D%2526af_adset%253D%25257B%25257Badset.name%25257D%25257D%2526af_sub1%253D%2526af_sub2%253Dundefined%2526af_sub3%253D2068579210570479%2526af_sub4%253Dundefined&s2s=true&ldy_type=landing&cts=1768592352&product=56&timezone=Australia%2FPerth&af_c_id=120237597177130453&af_adset=%7B%7Badset.name%7D%7D&af_adset_id=120237597177420453&af_ad_id=%7B%7Bad.id%7D%7D&af_ad=%7B%7Bad.name%7D%7D&af_channel=%7B%7Bsite_source_name%7D%7D&placement=%7B%7Bplacement%7D%7D&px=2068579210570479&random=MTIwMjM3NTk3MTc3MTMwNDUz1768466992401065&lp_url=https%3A%2F%2Fmkt.zrgnovel.com%2Fdreame%2Fadlanding%2F9%2F4057464832%2F9424%2Ffb70479%2F202615154856499&media_source=facebook_ads&campaign=%7B%7Bcampaign.name%7D%7D' because a user gesture is required.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

af
api.dreame.com
api.dreameshort.com
api.ipify.org
assets.dreame.com
bi.dreame.com
connect.facebook.net
files.dreame.com
firebaseinstallations.googleapis.com
firebaselogging-pa.googleapis.com
firebaseremoteconfig.googleapis.com
fonts.googleapis.com
mkt.zrgnovel.com
www.facebook.com
af
firebaselogging-pa.googleapis.com
104.26.12.205
108.158.32.50
142.250.195.106
142.251.222.234
157.240.8.23
157.240.8.35
18.234.168.144
18.67.93.32
3.175.115.14
3.212.239.207
52.45.58.139
148306aed6de396f7c0f55e84b1bf339bc6750957df3622e9e1c8d3890bee87d
18309845a9fadd4a99179e9565edeae2299f6292ed5b7bcdff6a6e70108ac7af
1b8b7b856129f0fc8ad7056c7d5382afb460779d913b450818f1b7418d926106
1f52881689e334487ba62f2e43a136956bde08dba4a5c273d1f8c53b677d4941
22abc03401376cbf5d705014ce395eb880436c74682c2edf2d68178b49a1cc23
3dbe3027c278453a1c66cbfaa4f381ea988f9d9507630172a9b22d6375b6f60a
4e6a069fbef82771bd3c49c4dd3bf79f29d5d68613a85a7348c03cecd9a28a1a
5a4ce9720e3a1bceae6e699ccba89f9f002ece6b563758092d144cdf4d0928f4
9b2f1a58069399538cb3fe9023af4b9d97ba7f786f2486d1de90e8253d256106
9cfb24b23deee5996ddcd119382a13a4ffd2a5f4b279551b708b268f8c1a149d
a0bb77d2bcc455c6025993e15fd0c52e34e56c2bb91b9f14610d69c265508a17
a3ca9511084802f73ba055cd1475adbb89e8a147382d93b03fc0ab98063de03d
a51dd6c0aad2614be9cfc34a834d9a714e7f9b5f8ab85744c5e9cfba2a7e9492
aa07f2a2d3c2be5bdad8c021739bf22f71ee22c83f88f74499367539596dd4d5
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aba1c661f779008053541d47298d85870091c2ca55a9cd0eb4cded99da3e8f31
b0d9f38c915a5d76084ed9745ac7a4bac7795129d45e00a86bfbbba9ff4eb4d7
b143514474aea2e655076a5e42d5705c5ff023617ae11cd1cd2da1d7d3887b4d
bbad072ecee59170301b5914416b90047a06744c259c0ab0b92e17bf90c2d85d
beb9f5e32ed61fbce010497242a9b6b8219242b5ffc636038e7891510c773725
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d781981162cece64bde9113807889b10338e408a2b9a0eece4eca08371aed033
d8314600fbe84906e5c35976ad5587f09d0ecf9d438c10444f8050890cbeebe2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8729af8ff61091c92df7db67bad99277dfc4221b7e2b7f59d9e7168e19cd1e2

mkt.zrgnovel.com 108.158.32.50 Public Scan Open in urlscan Pro

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

35 Requests

94 %HTTPS

0 %IPv6

8 Domains

14 Subdomains

12 IPs

3 Countries

467 kBTransfer

1375 kBSize

3 Cookies

0 Outgoing links

Redirected requests

35 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mkt.zrgnovel.com
108.158.32.50 Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

35
Requests

94 %
HTTPS

0 %
IPv6

8
Domains

14
Subdomains

12
IPs

3
Countries

467 kB
Transfer

1375 kB
Size

3
Cookies

35 HTTP transactions
4 data transactions