mkt.zrgnovel.com
108.158.32.50  Public Scan Open in urlscan Pro

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 202615154856499 Show response mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/	48 KB 31 KB	42ms 5ms	Document text/html	108.158.32.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237666444570453&af_adset={{adset.name}}&af_adset_id=120237666445570453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NjY2NDQ0NTcwNDUz1768568909766350 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.158.32.50 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-158-32-50.syd3.r.cloudfront.net Software AmazonS3 / Resource Hash 148306aed6de396f7c0f55e84b1bf339bc6750957df3622e9e1c8d3890bee87d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Response headers age 1044748 cache-control max-age=15552000 content-encoding gzip content-type text/html date Mon, 05 Jan 2026 18:01:57 GMT etag W/"a5eb342a018b3cc6d26b4c03775929d6" last-modified Mon, 05 Jan 2026 15:48:57 GMT server AmazonS3 vary accept-encoding via 1.1 14ad4e3e12857f3153259ccd2089a180.cloudfront.net (CloudFront) x-amz-cf-id SOL_7JVfkHVS-RX7j3ievIBGrO_F0idJaFaHiuLV4Y1wWkJuhZxR0Q== x-amz-cf-pop SYD3-P2 x-amz-server-side-encryption AES256 x-amz-version-id PL_IpdSqc.97aQWZFooX_UkZnTP49Yo7 x-cache Hit from cloudfront
GET H2	200	css2 fonts.googleapis.com/	4 KB 1 KB	205ms 106ms	Stylesheet text/css	142.250.195.170 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Mulish:ital,wght@0,200..1000;1,200..1000&display=swap Requested by Host: mkt.zrgnovel.com URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237666444570453&af_adset={{adset.name}}&af_adset_id=120237666445570453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NjY2NDQ0NTcwNDUz1768568909766350 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 142.250.195.170 , United States, ASN15169 (GOOGLE, US), Reverse DNS maa03s41-in-f10.1e100.net Software ESF / Resource Hash d8314600fbe84906e5c35976ad5587f09d0ecf9d438c10444f8050890cbeebe2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Referer https://mkt.zrgnovel.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Sat, 17 Jan 2026 20:14:24 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 17 Jan 2026 20:14:24 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Sat, 17 Jan 2026 19:23:40 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	f8cd932bb0d7ed8ebb703de6fed5346d.png assets.dreame.com/dreame/image/	2 KB 3 KB	12ms 4ms	Image image/png	18.67.93.59 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.dreame.com/dreame/image/f8cd932bb0d7ed8ebb703de6fed5346d.png Requested by Host: mkt.zrgnovel.com URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237666444570453&af_adset={{adset.name}}&af_adset_id=120237666445570453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NjY2NDQ0NTcwNDUz1768568909766350 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.59 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-59.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash d781981162cece64bde9113807889b10338e408a2b9a0eece4eca08371aed033 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Referer https://mkt.zrgnovel.com/ Response headers cache-control max-age=15552000 x-amz-version-id KjWbRca910thToJNu2MRZrK_UHlfGOm8 etag "b33a0a1ee02ff392706a84f406abfb6a" age 3715349 via 1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 2370 x-amz-cf-id bFJd6KzM2Atot9y3TyfPndhCyU-u5IO9mRWhFcrIa0JMjjOVdX96dw== date Fri, 05 Dec 2025 20:11:56 GMT content-type image/png last-modified Wed, 20 Mar 2024 05:54:33 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 x-amz-server-side-encryption AES256
GET H2	200	zepto.min.js Show response assets.dreame.com/dreame/file/	26 KB 10 KB	10ms 3ms	Script text/javascript	18.67.93.59 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.dreame.com/dreame/file/zepto.min.js Requested by Host: mkt.zrgnovel.com URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237666444570453&af_adset={{adset.name}}&af_adset_id=120237666445570453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NjY2NDQ0NTcwNDUz1768568909766350 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.59 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-59.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash beb9f5e32ed61fbce010497242a9b6b8219242b5ffc636038e7891510c773725 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Referer https://mkt.zrgnovel.com/ Response headers vary accept-encoding, Origin cache-control max-age=15552000 content-encoding gzip x-amz-version-id c58TfbXVscBDa8Hdq0w_m1ZfBHqyFmy9 etag W/"50a4556b0089cfa1cb61e88ea23bbcce" age 8037215 via 1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id RV7Rqpc8E7V_hO5CRGOwGt-iNocYDeo0YhY4ddZ8gePGp_VSNT8-TA== date Thu, 16 Oct 2025 19:40:50 GMT content-type text/javascript last-modified Thu, 02 Mar 2023 02:11:43 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 x-amz-server-side-encryption AES256
GET H2	200	hunt-clipboard.v0018.js Show response assets.dreame.com/dreame/file/	5 KB 3 KB	45ms 44ms	Script text/javascript	18.67.93.59 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.dreame.com/dreame/file/hunt-clipboard.v0018.js Requested by Host: mkt.zrgnovel.com URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237666444570453&af_adset={{adset.name}}&af_adset_id=120237666445570453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NjY2NDQ0NTcwNDUz1768568909766350 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.59 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-59.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash 1f52881689e334487ba62f2e43a136956bde08dba4a5c273d1f8c53b677d4941 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Referer https://mkt.zrgnovel.com/ Response headers vary accept-encoding, Origin cache-control max-age=15552000 content-encoding gzip x-amz-version-id F0ELTctoikI.r1ZPg1qTQ3DKz1Bl7.z7 etag W/"deb6708bcff6fa221194eb94378815db" age 8037375 via 1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id JPYgQgfiM2XIfp50klsZd73sT8jSmH41kZu2wBwsjllc552kL2JKZA== date Thu, 16 Oct 2025 19:38:10 GMT content-type text/javascript last-modified Tue, 08 Apr 2025 02:29:07 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 x-amz-server-side-encryption AES256
GET H2	200	fp-v3.js Show response assets.dreame.com/dreame/file/	33 KB 14 KB	43ms 43ms	Script text/javascript	18.67.93.59 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.dreame.com/dreame/file/fp-v3.js Requested by Host: mkt.zrgnovel.com URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237666444570453&af_adset={{adset.name}}&af_adset_id=120237666445570453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NjY2NDQ0NTcwNDUz1768568909766350 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.59 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-59.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash 5a4ce9720e3a1bceae6e699ccba89f9f002ece6b563758092d144cdf4d0928f4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Referer https://mkt.zrgnovel.com/ Response headers vary accept-encoding, Origin cache-control max-age=15552000 content-encoding gzip x-amz-version-id 0B5G3349oxtLck12.Ru5KaYWnbE6088u etag W/"6c8689234a1c0bbbd2711ba685157ecd" age 12102484 via 1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id 94QmyolAAz4n8GdscbyvCpQYMM_9Tjw2He3rihl2qpF1VDO1HbClGQ== date Sat, 30 Aug 2025 18:26:21 GMT content-type text/javascript last-modified Wed, 12 Apr 2023 02:07:21 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 x-amz-server-side-encryption AES256
GET H2	200	sensorsdata.min.js Show response files.dreame.com/projectS3/file/	164 KB 48 KB	13ms 4ms	Script text/javascript	3.175.115.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://files.dreame.com/projectS3/file/sensorsdata.min.js Requested by Host: mkt.zrgnovel.com URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237666444570453&af_adset={{adset.name}}&af_adset_id=120237666445570453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NjY2NDQ0NTcwNDUz1768568909766350 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.175.115.107 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-175-115-107.syd3.r.cloudfront.net Software AmazonS3 / Resource Hash aba1c661f779008053541d47298d85870091c2ca55a9cd0eb4cded99da3e8f31 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Referer https://mkt.zrgnovel.com/ Response headers cache-control max-age=15552000 content-encoding gzip x-amz-version-id obBjZL8iztbTEVR0GxzwMJsyfJCJLOck etag W/"19bb014d9d75ff9a19dac3e5d7786f8b" age 915261 via 1.1 0ebc4466e3e0f64be47090d112932420.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id Xm_GFkMMNT7kj_VXki3FSifhylTdG6OWobv3pG6IfX5EfuiO-uDo9Q== date Wed, 07 Jan 2026 06:00:04 GMT content-type text/javascript last-modified Sun, 09 Oct 2022 06:03:01 GMT server AmazonS3 x-amz-cf-pop SYD3-P3 vary accept-encoding
GET H2	200	0f11948b311b7aa963a9eb889e81187e.js Show response assets.dreame.com/dreame/file/	29 KB 10 KB	5ms 4ms	Script application/javascript	18.67.93.59 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.dreame.com/dreame/file/0f11948b311b7aa963a9eb889e81187e.js Requested by Host: mkt.zrgnovel.com URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237666444570453&af_adset={{adset.name}}&af_adset_id=120237666445570453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NjY2NDQ0NTcwNDUz1768568909766350 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.59 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-59.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash 9cfb24b23deee5996ddcd119382a13a4ffd2a5f4b279551b708b268f8c1a149d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Referer https://mkt.zrgnovel.com/ Response headers vary accept-encoding, Origin cache-control max-age=15552000 content-encoding gzip x-amz-version-id 1WvHJCuQj5.wwyW5z6V16vl5t3hZQ09K etag W/"964f8d763eca7b6c7e6e40c226a21e31" age 2755769 via 1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id sRq1AxU-LOCZ79g379S2sW2Ltw_BkEvp3zuMEJW77u36qHlnnVArBg== date Tue, 16 Dec 2025 22:44:56 GMT content-type application/javascript last-modified Fri, 07 Nov 2025 08:22:01 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 x-amz-server-side-encryption AES256
GET H2	200	platform.min.js Show response assets.dreame.com/dreame/file/	20 KB 7 KB	4ms 4ms	Script text/javascript	18.67.93.59 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.dreame.com/dreame/file/platform.min.js Requested by Host: mkt.zrgnovel.com URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237666444570453&af_adset={{adset.name}}&af_adset_id=120237666445570453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NjY2NDQ0NTcwNDUz1768568909766350 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.59 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-59.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash 18309845a9fadd4a99179e9565edeae2299f6292ed5b7bcdff6a6e70108ac7af Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Referer https://mkt.zrgnovel.com/ Response headers vary accept-encoding, Origin cache-control max-age=15552000 content-encoding gzip x-amz-version-id Ac60ZiQpiQHtHZZMax06USQEiNyP.t.Q etag W/"18295f6cfc588e9a1b2cf681d99bc1fd" age 13793616 via 1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id o9rFm5eb-t0HkxMDFrEdbZ86Qs5VYvKeOHGTvLSmqgoqHPzFoZ59Xw== date Mon, 11 Aug 2025 04:40:49 GMT content-type text/javascript last-modified Fri, 14 Apr 2023 02:26:44 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 x-amz-server-side-encryption AES256
GET H2	200	staticLandingCommonScript.1.js Show response assets.dreame.com/dreame/file/	484 KB 149 KB	3ms 2ms	Script text/plain	18.67.93.59 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.dreame.com/dreame/file/staticLandingCommonScript.1.js?ts=1767628136400 Requested by Host: mkt.zrgnovel.com URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237666444570453&af_adset={{adset.name}}&af_adset_id=120237666445570453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NjY2NDQ0NTcwNDUz1768568909766350 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.59 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-59.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash 3dbe3027c278453a1c66cbfaa4f381ea988f9d9507630172a9b22d6375b6f60a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Referer https://mkt.zrgnovel.com/ Response headers vary accept-encoding, Origin cache-control max-age=15552000 content-encoding gzip x-amz-version-id I49u1ADGHkhGzs5lZPuNDiKrLJ5TXKUC etag W/"72286ad6f87ec656310655cdf7e20c03" age 145796 via 1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id uO5GUOSKFPGwFGY0MB88UsL5_w93DSPoYpaND8PUdsU9KakQApZLVw== date Fri, 16 Jan 2026 03:44:29 GMT content-type text/plain last-modified Fri, 16 Jan 2026 03:44:14 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 x-amz-server-side-encryption AES256
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	344 KB 92 KB	10ms 4ms	Script application/x-javascript	157.240.8.23 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: mkt.zrgnovel.com URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237666444570453&af_adset={{adset.name}}&af_adset_id=120237666445570453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NjY2NDQ0NTcwNDUz1768568909766350 Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-syd2.fbcdn.net Software / Resource Hash ce5c81af2342adeca2941d5b481324eddc41b538511ac45edd01c983c4612f90 Security Headers Name Value Content-Security-Policy default-src 'self' blob: *;script-src 'nonce-yIFNmbzj' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Referer https://mkt.zrgnovel.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 17 Jan 2026 20:14:24 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' blob: *;script-src 'nonce-yIFNmbzj' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" x-fb-connection-quality EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4987, tp=9, tpl=0, uplat=1, ullat=-1 pragma public x-fb-debug I46uUhgs+d3LyA2dW6dcLmISNd968xAXd4pyaWoXFA4JxImve5rOviw7YkW63DWccuIFGwxRRaJC6VkVGPIdLw== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top, include-js-call-stacks-in-crash-reports content-length 93626 x-xss-protection 0 origin-agent-cluster ?1
GET DATA	200 OK	truncated /	266 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9b2f1a58069399538cb3fe9023af4b9d97ba7f786f2486d1de90e8253d256106 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e8729af8ff61091c92df7db67bad99277dfc4221b7e2b7f59d9e7168e19cd1e2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b0d9f38c915a5d76084ed9745ac7a4bac7795129d45e00a86bfbbba9ff4eb4d7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET H2	200	sa.gif bi.dreame.com/	43 B 257 B	809ms 271ms	Image image/gif	52.45.58.139 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bi.dreame.com:9106/sa.gif?project=d_project&data=eyJpZGVudGl0aWVzIjp7IiRpZGVudGl0eV9jb29raWVfaWQiOiIxOWJjZDk4M2E0MTZmNS0wMzBiNzJiMGQ4ZTE0ZWUtMTM0NjJjNjktMTkyMDAwMC0xOWJjZDk4M2E0MjMzYSJ9LCJkaXN0aW5jdF9pZCI6IjE5YmNkOTgzYTQxNmY1LTAzMGI3MmIwZDhlMTRlZS0xMzQ2MmM2OS0xOTIwMDAwLTE5YmNkOTgzYTQyMzNhIiwibGliIjp7IiRsaWIiOiJqcyIsIiRsaWJfbWV0aG9kIjoiY29kZSIsIiRsaWJfdmVyc2lvbiI6IjEuMjMuNSJ9LCJwcm9wZXJ0aWVzIjp7ImZpcnN0X3NyY19wYWdlX3VybCI6Imh0dHBzOi8vbWt0LnpyZ25vdmVsLmNvbS9kcmVhbWUvYWRsYW5kaW5nLzkvNDA1NzQ2NDgzMi85NDI0L2ZiNzA0NzkvMjAyNjE1MTU0ODU2NDk5P3V0bV9zb3VyY2U9ZmFjZWJvb2tfYWRzJnV0bV9jYW1wYWlnbj17e2NhbXBhaWduLm5hbWV9fSZhZl9jX2lkPTEyMDIzNzY2NjQ0NDU3MDQ1MyZhZl9hZHNldD17e2Fkc2V0Lm5hbWV9fSZhZl9hZHNldF9pZD0xMjAyMzc2NjY0NDU1NzA0NTMmYWZfYWRfaWQ9e3thZC5pZH19JmFmX2FkPXt7YWQubmFtZX19JmFmX2NoYW5uZWw9e3tzaXRlX3NvdXJjZV9uYW1lfX0mcGxhY2VtZW50PXt7cGxhY2VtZW50fX0mcHg9MjA2ODU3OTIxMDU3MDQ3OSZyYW5kb209TVRJd01qTTNOalkyTkRRME5UY3dORFV6MTc2ODU2ODkwOTc2NjM1MCJ9LCJhbm9ueW1vdXNfaWQiOiIxOWJjZDk4M2E0MTZmNS0wMzBiNzJiMGQ4ZTE0ZWUtMTM0NjJjNjktMTkyMDAwMC0xOWJjZDk4M2E0MjMzYSIsInR5cGUiOiJwcm9maWxlX3NldF9vbmNlIiwidGltZSI6MTc2ODY4MDg2NDM0MSwiX3RyYWNrX2lkIjo2NjkxMjQzNDEsIl9mbHVzaF90aW1lIjoxNzY4NjgwODY0MzQxfQ%3D%3D&ext=crc%3D-1858621427 Requested by Host: mkt.zrgnovel.com URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237666444570453&af_adset={{adset.name}}&af_adset_id=120237666445570453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NjY2NDQ0NTcwNDUz1768568909766350 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.45.58.139 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-45-58-139.compute-1.amazonaws.com Software Sws / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Referer https://mkt.zrgnovel.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache expires Mon, 28 Sep 1970 05:00:00 GMT access-control-allow-origin * content-length 43 date Sat, 17 Jan 2026 20:14:25 GMT content-type image/gif last-modified Mon, 28 Sep 1970 06:00:00 GMT server Sws
GET H2	200	sa.gif bi.dreame.com/	43 B 258 B	808ms 270ms	Image image/gif	52.45.58.139 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bi.dreame.com:9106/sa.gif?project=d_project&data=eyJpZGVudGl0aWVzIjp7IiRpZGVudGl0eV9jb29raWVfaWQiOiIxOWJjZDk4M2E0MTZmNS0wMzBiNzJiMGQ4ZTE0ZWUtMTM0NjJjNjktMTkyMDAwMC0xOWJjZDk4M2E0MjMzYSJ9LCJkaXN0aW5jdF9pZCI6IjE5YmNkOTgzYTQxNmY1LTAzMGI3MmIwZDhlMTRlZS0xMzQ2MmM2OS0xOTIwMDAwLTE5YmNkOTgzYTQyMzNhIiwibGliIjp7IiRsaWIiOiJqcyIsIiRsaWJfbWV0aG9kIjoiY29kZSIsIiRsaWJfdmVyc2lvbiI6IjEuMjMuNSJ9LCJwcm9wZXJ0aWVzIjp7IiR0aW1lem9uZV9vZmZzZXQiOi00ODAsIiRzY3JlZW5faGVpZ2h0IjoxMjAwLCIkc2NyZWVuX3dpZHRoIjoxNjAwLCIkdmlld3BvcnRfaGVpZ2h0IjoxMjAwLCIkdmlld3BvcnRfd2lkdGgiOjE2MDAsIiRsaWIiOiJqcyIsIiRsaWJfdmVyc2lvbiI6IjEuMjMuNSIsIiRsYXRlc3RfdHJhZmZpY19zb3VyY2VfdHlwZSI6IuS7mOi0ueW5v%2BWRiua1gemHjyIsIiRsYXRlc3Rfc2VhcmNoX2tleXdvcmQiOiLmnKrlj5bliLDlgLxf55u05o6l5omT5byAIiwiJGxhdGVzdF9yZWZlcnJlciI6IiIsIiRsYXRlc3RfdXRtX3NvdXJjZSI6ImZhY2Vib29rX2FkcyIsIiRsYXRlc3RfdXRtX2NhbXBhaWduIjoie3tjYW1wYWlnbi5uYW1lfX0iLCJjaGFubmVsIjoiZHJlYW1lcG1pYW4tMTczIiwicG9ydCI6IndlYiIsIndhcF9waWQiOjk0MjQsIiRyZWZlcnJlciI6IiIsIiR1cmwiOiJodHRwczovL21rdC56cmdub3ZlbC5jb20vZHJlYW1lL2FkbGFuZGluZy85LzQwNTc0NjQ4MzIvOTQyNC9mYjcwNDc5LzIwMjYxNTE1NDg1NjQ5OT91dG1fc291cmNlPWZhY2Vib29rX2FkcyZ1dG1fY2FtcGFpZ249e3tjYW1wYWlnbi5uYW1lfX0mYWZfY19pZD0xMjAyMzc2NjY0NDQ1NzA0NTMmYWZfYWRzZXQ9e3thZHNldC5uYW1lfX0mYWZfYWRzZXRfaWQ9MTIwMjM3NjY2NDQ1NTcwNDUzJmFmX2FkX2lkPXt7YWQuaWR9fSZhZl9hZD17e2FkLm5hbWV9fSZhZl9jaGFubmVsPXt7c2l0ZV9zb3VyY2VfbmFtZX19JnBsYWNlbWVudD17e3BsYWNlbWVudH19JnB4PTIwNjg1NzkyMTA1NzA0NzkmcmFuZG9tPU1USXdNak0zTmpZMk5EUTBOVGN3TkRVejE3Njg1Njg5MDk3NjYzNTAiLCIkdXJsX3BhdGgiOiIvZHJlYW1lL2FkbGFuZGluZy85LzQwNTc0NjQ4MzIvOTQyNC9mYjcwNDc5LzIwMjYxNTE1NDg1NjQ5OSIsIiR0aXRsZSI6IlRvbyBMYXRlIFRvIE1pc3MgTWUgfCBEcmVhbWVTaG9ydCIsIiR1dG1fc291cmNlIjoiZmFjZWJvb2tfYWRzIiwiJHV0bV9jYW1wYWlnbiI6Int7Y2FtcGFpZ24ubmFtZX19IiwiJGlzX2ZpcnN0X2RheSI6dHJ1ZSwiJGlzX2ZpcnN0X3RpbWUiOnRydWUsIiRyZWZlcnJlcl9ob3N0IjoiIn0sImFub255bW91c19pZCI6IjE5YmNkOTgzYTQxNmY1LTAzMGI3MmIwZDhlMTRlZS0xMzQ2MmM2OS0xOTIwMDAwLTE5YmNkOTgzYTQyMzNhIiwidHlwZSI6InRyYWNrIiwiZXZlbnQiOiIkcGFnZXZpZXciLCJ0aW1lIjoxNzY4NjgwODY0MzQyLCJfdHJhY2tfaWQiOjcxMTAwNDM0MiwiX2ZsdXNoX3RpbWUiOjE3Njg2ODA4NjQzNDJ9&ext=crc%3D2098927017 Requested by Host: mkt.zrgnovel.com URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237666444570453&af_adset={{adset.name}}&af_adset_id=120237666445570453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NjY2NDQ0NTcwNDUz1768568909766350 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.45.58.139 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-45-58-139.compute-1.amazonaws.com Software Sws / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Referer https://mkt.zrgnovel.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache expires Mon, 28 Sep 1970 05:00:00 GMT access-control-allow-origin * content-length 43 date Sat, 17 Jan 2026 20:14:25 GMT content-type image/gif last-modified Mon, 28 Sep 1970 06:00:00 GMT server Sws
GET H2	200	sa.gif bi.dreame.com/	43 B 257 B	809ms 271ms	Image image/gif	52.45.58.139 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bi.dreame.com:9106/sa.gif?project=d_project&data=eyJpZGVudGl0aWVzIjp7IiRpZGVudGl0eV9jb29raWVfaWQiOiIxOWJjZDk4M2E0MTZmNS0wMzBiNzJiMGQ4ZTE0ZWUtMTM0NjJjNjktMTkyMDAwMC0xOWJjZDk4M2E0MjMzYSJ9LCJkaXN0aW5jdF9pZCI6IjE5YmNkOTgzYTQxNmY1LTAzMGI3MmIwZDhlMTRlZS0xMzQ2MmM2OS0xOTIwMDAwLTE5YmNkOTgzYTQyMzNhIiwibGliIjp7IiRsaWIiOiJqcyIsIiRsaWJfbWV0aG9kIjoiY29kZSIsIiRsaWJfdmVyc2lvbiI6IjEuMjMuNSJ9LCJwcm9wZXJ0aWVzIjp7IiRmaXJzdF92aXNpdF90aW1lIjoiMjAyNi0wMS0xOCAwNDoxNDoyNC4zNDMiLCIkZmlyc3RfcmVmZXJyZXIiOiIiLCIkZmlyc3RfYnJvd3Nlcl9sYW5ndWFnZSI6ImVuLWF1IiwiJGZpcnN0X2Jyb3dzZXJfY2hhcnNldCI6IlVURi04IiwiJGZpcnN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLku5jotLnlub%2FlkYrmtYHph48iLCIkZmlyc3Rfc2VhcmNoX2tleXdvcmQiOiLmnKrlj5bliLDlgLxf55u05o6l5omT5byAIiwiJHV0bV9zb3VyY2UiOiJmYWNlYm9va19hZHMiLCIkdXRtX2NhbXBhaWduIjoie3tjYW1wYWlnbi5uYW1lfX0ifSwiYW5vbnltb3VzX2lkIjoiMTliY2Q5ODNhNDE2ZjUtMDMwYjcyYjBkOGUxNGVlLTEzNDYyYzY5LTE5MjAwMDAtMTliY2Q5ODNhNDIzM2EiLCJ0eXBlIjoicHJvZmlsZV9zZXRfb25jZSIsInRpbWUiOjE3Njg2ODA4NjQzNDMsIl90cmFja19pZCI6NzY0MTQ0MzQzLCJfZmx1c2hfdGltZSI6MTc2ODY4MDg2NDM0M30%3D&ext=crc%3D-1677151969 Requested by Host: mkt.zrgnovel.com URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237666444570453&af_adset={{adset.name}}&af_adset_id=120237666445570453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NjY2NDQ0NTcwNDUz1768568909766350 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.45.58.139 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-45-58-139.compute-1.amazonaws.com Software Sws / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Referer https://mkt.zrgnovel.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache expires Mon, 28 Sep 1970 05:00:00 GMT access-control-allow-origin * content-length 43 date Sat, 17 Jan 2026 20:14:25 GMT content-type image/gif last-modified Mon, 28 Sep 1970 06:00:00 GMT server Sws
GET H2	200	7068b8eb844035f766ec349b6fa7ee96.jpg@400w.webp assets.dreame.com/dreame/image/	42 KB 42 KB	4ms 3ms	Image image/webp	18.67.93.59 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.dreame.com/dreame/image/7068b8eb844035f766ec349b6fa7ee96.jpg@400w.webp Requested by Host: mkt.zrgnovel.com URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237666444570453&af_adset={{adset.name}}&af_adset_id=120237666445570453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NjY2NDQ0NTcwNDUz1768568909766350 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.59 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-59.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash b143514474aea2e655076a5e42d5705c5ff023617ae11cd1cd2da1d7d3887b4d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Referer https://mkt.zrgnovel.com/ Response headers cache-control max-age=15552000 x-amz-version-id Xu5eLrshnkHS3tZx.Oib6iu3tT.mpsoO etag "7b69ba258a7211c7bae8fd267499b08d" age 1040212 via 1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 42742 x-amz-cf-id x-HdVqJreB4BQqEXLniCMGTuk7WOPi7ZezBZJ7OT5TqMEQr3qj9JxQ== date Mon, 05 Jan 2026 19:17:31 GMT content-type image/webp last-modified Mon, 05 Jan 2026 15:48:25 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 x-amz-server-side-encryption AES256
GET DATA	200 OK	truncated /	16 KB 16 KB		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a51dd6c0aad2614be9cfc34a834d9a714e7f9b5f8ab85744c5e9cfba2a7e9492 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET H2	200	getIp Show response api.dreame.com/api/	132 B 566 B	1083ms 560ms	XHR application/json	100.49.233.201 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.dreame.com/api/getIp Requested by Host: assets.dreame.com URL: https://assets.dreame.com/dreame/file/zepto.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 100.49.233.201 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-100-49-233-201.compute-1.amazonaws.com Software nginx / PHP/7.4.33 Resource Hash 75e7d96ef8b376033d24e7e51343e6c73ba8e41c221df51964e0d255b4f5ac03 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Accept application/json Referer https://mkt.zrgnovel.com/ Response headers content-encoding gzip access-control-allow-credentials true access-control-allow-methods POST,GET,PUT access-control-allow-origin https://mkt.zrgnovel.com date Sat, 17 Jan 2026 20:14:25 GMT content-type application/json;charset=utf-8 x-powered-by PHP/7.4.33 server nginx access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, Bearer-Token, X-Origin-Product, X-App-Language, X-App-OsType, X-App-DeviceId, X-App-DistinctId, X-App-VersionName, X-App-Channel, X-App-Platform, Paypal-Client-Metadata-Id
GET H2	200	/ Show response api.ipify.org/	24 B 161 B	230ms 222ms	XHR application/json	172.67.74.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=json Requested by Host: assets.dreame.com URL: https://assets.dreame.com/dreame/file/zepto.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.74.152 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 856ec10df6b9fa848525beaad4b22c37ef1f06c6ad14d726e8491b1d3bc7236d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Accept application/json Referer https://mkt.zrgnovel.com/ Response headers content-encoding br cf-cache-status DYNAMIC cf-ray 9bf884ca68a5e7c8-SYD access-control-allow-origin * date Sat, 17 Jan 2026 20:14:24 GMT content-type application/json vary Origin server cloudflare
GET H2	200	sa.gif bi.dreame.com/	43 B 257 B	1018ms 535ms	Image image/gif	52.45.58.139 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bi.dreame.com:9106/sa.gif?project=d_project&data=eyJpZGVudGl0aWVzIjp7IiRpZGVudGl0eV9jb29raWVfaWQiOiIxOWJjZDk4M2E0MTZmNS0wMzBiNzJiMGQ4ZTE0ZWUtMTM0NjJjNjktMTkyMDAwMC0xOWJjZDk4M2E0MjMzYSJ9LCJkaXN0aW5jdF9pZCI6IjE5YmNkOTgzYTQxNmY1LTAzMGI3MmIwZDhlMTRlZS0xMzQ2MmM2OS0xOTIwMDAwLTE5YmNkOTgzYTQyMzNhIiwibGliIjp7IiRsaWIiOiJqcyIsIiRsaWJfbWV0aG9kIjoiY29kZSIsIiRsaWJfdmVyc2lvbiI6IjEuMjMuNSJ9LCJwcm9wZXJ0aWVzIjp7IiR0aW1lem9uZV9vZmZzZXQiOi00ODAsIiRzY3JlZW5faGVpZ2h0IjoxMjAwLCIkc2NyZWVuX3dpZHRoIjoxNjAwLCIkdmlld3BvcnRfaGVpZ2h0IjoxMjAwLCIkdmlld3BvcnRfd2lkdGgiOjE2MDAsIiRsaWIiOiJqcyIsIiRsaWJfdmVyc2lvbiI6IjEuMjMuNSIsIiRsYXRlc3RfdHJhZmZpY19zb3VyY2VfdHlwZSI6IuS7mOi0ueW5v%2BWRiua1gemHjyIsIiRsYXRlc3Rfc2VhcmNoX2tleXdvcmQiOiLmnKrlj5bliLDlgLxf55u05o6l5omT5byAIiwiJGxhdGVzdF9yZWZlcnJlciI6IiIsIiRsYXRlc3RfdXRtX3NvdXJjZSI6ImZhY2Vib29rX2FkcyIsIiRsYXRlc3RfdXRtX2NhbXBhaWduIjoie3tjYW1wYWlnbi5uYW1lfX0iLCJjaGFubmVsIjoiZHJlYW1lcG1pYW4tMTczIiwicG9ydCI6IndlYiIsIndhcF9waWQiOjk0MjQsImVuY29kZV90eXBlIjoxLCJ3cml0ZV9zdGF0dXMiOjEsIiR1cmxfcGF0aCI6Imh0dHBzOi8vbWt0LnpyZ25vdmVsLmNvbS9kcmVhbWUvYWRsYW5kaW5nLzkvNDA1NzQ2NDgzMi85NDI0L2ZiNzA0NzkvMjAyNjE1MTU0ODU2NDk5IiwiJGlzX2ZpcnN0X2RheSI6dHJ1ZSwiJHVybCI6Imh0dHBzOi8vbWt0LnpyZ25vdmVsLmNvbS9kcmVhbWUvYWRsYW5kaW5nLzkvNDA1NzQ2NDgzMi85NDI0L2ZiNzA0NzkvMjAyNjE1MTU0ODU2NDk5P3V0bV9zb3VyY2U9ZmFjZWJvb2tfYWRzJnV0bV9jYW1wYWlnbj17e2NhbXBhaWduLm5hbWV9fSZhZl9jX2lkPTEyMDIzNzY2NjQ0NDU3MDQ1MyZhZl9hZHNldD17e2Fkc2V0Lm5hbWV9fSZhZl9hZHNldF9pZD0xMjAyMzc2NjY0NDU1NzA0NTMmYWZfYWRfaWQ9e3thZC5pZH19JmFmX2FkPXt7YWQubmFtZX19JmFmX2NoYW5uZWw9e3tzaXRlX3NvdXJjZV9uYW1lfX0mcGxhY2VtZW50PXt7cGxhY2VtZW50fX0mcHg9MjA2ODU3OTIxMDU3MDQ3OSZyYW5kb209TVRJd01qTTNOalkyTkRRME5UY3dORFV6MTc2ODU2ODkwOTc2NjM1MCIsIiR0aXRsZSI6IlRvbyBMYXRlIFRvIE1pc3MgTWUgfCBEcmVhbWVTaG9ydCJ9LCJhbm9ueW1vdXNfaWQiOiIxOWJjZDk4M2E0MTZmNS0wMzBiNzJiMGQ4ZTE0ZWUtMTM0NjJjNjktMTkyMDAwMC0xOWJjZDk4M2E0MjMzYSIsInR5cGUiOiJ0cmFjayIsImV2ZW50IjoiY2xpcGJvYXJkQ3JlYXRlIiwidGltZSI6MTc2ODY4MDg2NDM5NiwiX3RyYWNrX2lkIjo2MTk0ODQzOTcsIl9mbHVzaF90aW1lIjoxNzY4NjgwODY0Mzk3fQ%3D%3D&ext=crc%3D-533519367 Requested by Host: mkt.zrgnovel.com URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237666444570453&af_adset={{adset.name}}&af_adset_id=120237666445570453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NjY2NDQ0NTcwNDUz1768568909766350 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.45.58.139 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-45-58-139.compute-1.amazonaws.com Software Sws / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Referer https://mkt.zrgnovel.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache expires Mon, 28 Sep 1970 05:00:00 GMT access-control-allow-origin * content-length 43 date Sat, 17 Jan 2026 20:14:25 GMT content-type image/gif last-modified Mon, 28 Sep 1970 06:00:00 GMT server Sws
POST H2	200	addAttributionInfo api.dreameshort.com/ad/	0 0	1057ms 531ms	Ping application/json	100.52.153.217 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.dreameshort.com/ad/addAttributionInfo Requested by Host: assets.dreame.com URL: https://assets.dreame.com/dreame/file/staticLandingCommonScript.1.js?ts=1767628136400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 100.52.153.217 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-100-52-153-217.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Referer https://mkt.zrgnovel.com/ Response headers
GET H2	200	sa.gif bi.dreame.com/	43 B 257 B	893ms 535ms	Image image/gif	52.45.58.139 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bi.dreame.com:9106/sa.gif?project=d_project&data=eyJpZGVudGl0aWVzIjp7IiRpZGVudGl0eV9jb29raWVfaWQiOiIxOWJjZDk4M2E0MTZmNS0wMzBiNzJiMGQ4ZTE0ZWUtMTM0NjJjNjktMTkyMDAwMC0xOWJjZDk4M2E0MjMzYSJ9LCJkaXN0aW5jdF9pZCI6IjE5YmNkOTgzYTQxNmY1LTAzMGI3MmIwZDhlMTRlZS0xMzQ2MmM2OS0xOTIwMDAwLTE5YmNkOTgzYTQyMzNhIiwibGliIjp7IiRsaWIiOiJqcyIsIiRsaWJfbWV0aG9kIjoiY29kZSIsIiRsaWJfdmVyc2lvbiI6IjEuMjMuNSJ9LCJwcm9wZXJ0aWVzIjp7IndhcF9hbm9ueW1vdXNfaWQiOiIzNzJjMGNkOWM0MmJmNTgyYjI4YjMzNjVkOTJhZGYzMCJ9LCJhbm9ueW1vdXNfaWQiOiIxOWJjZDk4M2E0MTZmNS0wMzBiNzJiMGQ4ZTE0ZWUtMTM0NjJjNjktMTkyMDAwMC0xOWJjZDk4M2E0MjMzYSIsInR5cGUiOiJwcm9maWxlX3NldF9vbmNlIiwidGltZSI6MTc2ODY4MDg2NDUyMywiX3RyYWNrX2lkIjoxNDA5MjQ1MjMsIl9mbHVzaF90aW1lIjoxNzY4NjgwODY0NTIzfQ%3D%3D&ext=crc%3D1912410166 Requested by Host: mkt.zrgnovel.com URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237666444570453&af_adset={{adset.name}}&af_adset_id=120237666445570453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NjY2NDQ0NTcwNDUz1768568909766350 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.45.58.139 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-45-58-139.compute-1.amazonaws.com Software Sws / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Referer https://mkt.zrgnovel.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache expires Mon, 28 Sep 1970 05:00:00 GMT access-control-allow-origin * content-length 43 date Sat, 17 Jan 2026 20:14:25 GMT content-type image/gif last-modified Mon, 28 Sep 1970 06:00:00 GMT server Sws
GET H2	200	sa.gif bi.dreame.com/	43 B 257 B	472ms 271ms	Image image/gif	52.45.58.139 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bi.dreame.com:9106/sa.gif?project=d_project&data=eyJpZGVudGl0aWVzIjp7IiRpZGVudGl0eV9jb29raWVfaWQiOiIxOWJjZDk4M2E0MTZmNS0wMzBiNzJiMGQ4ZTE0ZWUtMTM0NjJjNjktMTkyMDAwMC0xOWJjZDk4M2E0MjMzYSJ9LCJkaXN0aW5jdF9pZCI6IjE5YmNkOTgzYTQxNmY1LTAzMGI3MmIwZDhlMTRlZS0xMzQ2MmM2OS0xOTIwMDAwLTE5YmNkOTgzYTQyMzNhIiwibGliIjp7IiRsaWIiOiJqcyIsIiRsaWJfbWV0aG9kIjoiY29kZSIsIiRsaWJfdmVyc2lvbiI6IjEuMjMuNSJ9LCJwcm9wZXJ0aWVzIjp7IiR0aW1lem9uZV9vZmZzZXQiOi00ODAsIiRzY3JlZW5faGVpZ2h0IjoxMjAwLCIkc2NyZWVuX3dpZHRoIjoxNjAwLCIkdmlld3BvcnRfaGVpZ2h0IjoxMjAwLCIkdmlld3BvcnRfd2lkdGgiOjE2MDAsIiRsaWIiOiJqcyIsIiRsaWJfdmVyc2lvbiI6IjEuMjMuNSIsIiRsYXRlc3RfdHJhZmZpY19zb3VyY2VfdHlwZSI6IuS7mOi0ueW5v%2BWRiua1gemHjyIsIiRsYXRlc3Rfc2VhcmNoX2tleXdvcmQiOiLmnKrlj5bliLDlgLxf55u05o6l5omT5byAIiwiJGxhdGVzdF9yZWZlcnJlciI6IiIsIiRsYXRlc3RfdXRtX3NvdXJjZSI6ImZhY2Vib29rX2FkcyIsIiRsYXRlc3RfdXRtX2NhbXBhaWduIjoie3tjYW1wYWlnbi5uYW1lfX0iLCJjaGFubmVsIjoiZHJlYW1lcG1pYW4tMTczIiwicG9ydCI6IndlYiIsIndhcF9waWQiOjk0MjQsIndpbmRvd19hbm9ueW1vdXNfaWQiOiIzNzJjMGNkOWM0MmJmNTgyYjI4YjMzNjVkOTJhZGYzMCIsInByb2dyZXNzUmF0aW8iOjAsImNoYXB0ZXJfaWQiOjAsInBhZ2VfaW5kZXgiOjAsIiRpc19maXJzdF9kYXkiOnRydWUsIiR1cmwiOiJodHRwczovL21rdC56cmdub3ZlbC5jb20vZHJlYW1lL2FkbGFuZGluZy85LzQwNTc0NjQ4MzIvOTQyNC9mYjcwNDc5LzIwMjYxNTE1NDg1NjQ5OT91dG1fc291cmNlPWZhY2Vib29rX2FkcyZ1dG1fY2FtcGFpZ249e3tjYW1wYWlnbi5uYW1lfX0mYWZfY19pZD0xMjAyMzc2NjY0NDQ1NzA0NTMmYWZfYWRzZXQ9e3thZHNldC5uYW1lfX0mYWZfYWRzZXRfaWQ9MTIwMjM3NjY2NDQ1NTcwNDUzJmFmX2FkX2lkPXt7YWQuaWR9fSZhZl9hZD17e2FkLm5hbWV9fSZhZl9jaGFubmVsPXt7c2l0ZV9zb3VyY2VfbmFtZX19JnBsYWNlbWVudD17e3BsYWNlbWVudH19JnB4PTIwNjg1NzkyMTA1NzA0NzkmcmFuZG9tPU1USXdNak0zTmpZMk5EUTBOVGN3TkRVejE3Njg1Njg5MDk3NjYzNTAiLCIkdGl0bGUiOiJUb28gTGF0ZSBUbyBNaXNzIE1lIHwgRHJlYW1lU2hvcnQifSwiYW5vbnltb3VzX2lkIjoiMTliY2Q5ODNhNDE2ZjUtMDMwYjcyYjBkOGUxNGVlLTEzNDYyYzY5LTE5MjAwMDAtMTliY2Q5ODNhNDIzM2EiLCJ0eXBlIjoidHJhY2siLCJldmVudCI6InBhZ2Vfdmlld19zbGlkZSIsInRpbWUiOjE3Njg2ODA4NjQ2NzksIl90cmFja19pZCI6NzA5MTA0NjgwLCJfZmx1c2hfdGltZSI6MTc2ODY4MDg2NDY4MH0%3D&ext=crc%3D-1711682395 Requested by Host: mkt.zrgnovel.com URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237666444570453&af_adset={{adset.name}}&af_adset_id=120237666445570453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NjY2NDQ0NTcwNDUz1768568909766350 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.45.58.139 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-45-58-139.compute-1.amazonaws.com Software Sws / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Referer https://mkt.zrgnovel.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache expires Mon, 28 Sep 1970 05:00:00 GMT access-control-allow-origin * content-length 43 date Sat, 17 Jan 2026 20:14:25 GMT content-type image/gif last-modified Mon, 28 Sep 1970 06:00:00 GMT server Sws
OPTIONS H2	200	installations firebaseinstallations.googleapis.com/v1/projects/stary-web-page/	0 0	197ms 99ms	Preflight text/html	142.250.195.106 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firebaseinstallations.googleapis.com/v1/projects/stary-web-page/installations Protocol H2 Security TLS 1.3, , AES_256_GCM Server 142.250.195.106 , United States, ASN15169 (GOOGLE, US), Reverse DNS tzsyda-ad-in-f10.1e100.net Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-firebase-client,x-goog-api-key Access-Control-Request-Method POST Origin https://mkt.zrgnovel.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type,x-firebase-client,x-goog-api-key access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://mkt.zrgnovel.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Sat, 17 Jan 2026 20:14:25 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
POST H2	200	installations Show response firebaseinstallations.googleapis.com/v1/projects/stary-web-page/	626 B 673 B	842ms 840ms	Fetch application/json	142.250.195.106 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firebaseinstallations.googleapis.com/v1/projects/stary-web-page/installations Requested by Host: assets.dreame.com URL: https://assets.dreame.com/dreame/file/staticLandingCommonScript.1.js?ts=1767628136400 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 142.250.195.106 , United States, ASN15169 (GOOGLE, US), Reverse DNS tzsyda-ad-in-f10.1e100.net Software ESF / Resource Hash 1a6fa2cbf33b2c76a16c0159186c91d5929f48c0fea0bb348a4afdf7bc571010 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers x-firebase-client eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjEzLjEgZmlyZS1jb3JlLWVzbTIwMTcvMC4xMy4xIGZpcmUtanMvIGZpcmUtanMtYWxsLWFwcC8xMS45LjEgZmlyZS1paWQvMC42LjE3IGZpcmUtaWlkLWVzbTIwMTcvMC42LjE3IGZpcmUtcGVyZi8wLjcuNiBmaXJlLXBlcmYtZXNtMjAxNy8wLjcuNiIsImRhdGVzIjpbIjIwMjYtMDEtMTciXX1dfQ x-goog-api-key AIzaSyCa5h90UFcwx9JG3Qq-JyvGejQB1nGEotQ Referer https://mkt.zrgnovel.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 accept application/json content-type application/json Response headers access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length content-encoding gzip x-content-type-options nosniff access-control-allow-origin https://mkt.zrgnovel.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 490 date Sat, 17 Jan 2026 20:14:26 GMT x-xss-protection 0 content-type application/json; charset=UTF-8 vary Origin, X-Origin, Referer server ESF x-frame-options SAMEORIGIN
GET H2	200	450bed6e206f7ed88e57deb9c09761aa.ico assets.dreame.com/dreame/file/	2 KB 3 KB	4ms 4ms	Other image/x-icon	18.67.93.59 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.dreame.com/dreame/file/450bed6e206f7ed88e57deb9c09761aa.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.59 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-59.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash d781981162cece64bde9113807889b10338e408a2b9a0eece4eca08371aed033 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Referer https://mkt.zrgnovel.com/ Response headers cache-control max-age=15552000 x-amz-version-id G.yCrz3qPS6wvRx5E0fF9qLDEAdhqwBJ etag "b33a0a1ee02ff392706a84f406abfb6a" age 3245389 via 1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 2370 x-amz-cf-id TLjncJRuRQ-nwFZ-5QJOHwEsy1i9Gr-1qaSQLFU5QubP-s633c-lVQ== date Thu, 11 Dec 2025 06:44:37 GMT content-type image/x-icon last-modified Mon, 08 Apr 2024 06:29:47 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 x-amz-server-side-encryption AES256
GET H3	200	2068579210570479 Show response connect.facebook.net/signals/config/	147 KB 35 KB	5ms 4ms	Script application/x-javascript	157.240.8.23 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/2068579210570479?v=2.9.250&r=stable&domain=mkt.zrgnovel.com&hme=842ba5a67bc11ec88742f1d93fdc2338abd91b60fc0531689cc660af96e193d9&ex_m=94%2C156%2C134%2C20%2C66%2C67%2C127%2C62%2C42%2C128%2C71%2C61%2C10%2C141%2C80%2C15%2C93%2C122%2C115%2C69%2C72%2C121%2C138%2C102%2C143%2C7%2C3%2C4%2C6%2C5%2C2%2C81%2C91%2C144%2C223%2C167%2C56%2C225%2C226%2C49%2C182%2C27%2C68%2C231%2C230%2C170%2C29%2C55%2C9%2C58%2C87%2C88%2C89%2C95%2C118%2C28%2C26%2C120%2C117%2C116%2C135%2C70%2C137%2C136%2C44%2C54%2C111%2C14%2C140%2C39%2C212%2C214%2C177%2C23%2C24%2C25%2C17%2C18%2C38%2C34%2C36%2C35%2C76%2C82%2C86%2C100%2C126%2C129%2C40%2C101%2C21%2C19%2C107%2C63%2C32%2C131%2C130%2C132%2C123%2C22%2C31%2C53%2C99%2C139%2C64%2C16%2C133%2C104%2C75%2C30%2C192%2C163%2C282%2C210%2C154%2C195%2C188%2C164%2C97%2C119%2C74%2C109%2C48%2C41%2C43%2C103%2C108%2C114%2C52%2C59%2C113%2C47%2C50%2C46%2C90%2C142%2C0%2C112%2C13%2C110%2C11%2C1%2C51%2C83%2C57%2C60%2C106%2C79%2C78%2C145%2C146%2C84%2C85%2C8%2C92%2C45%2C124%2C77%2C73%2C65%2C105%2C96%2C37%2C125%2C33%2C98%2C12%2C147 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-syd2.fbcdn.net Software / Resource Hash 4eabe055af5a45d5d01bbd15209b65758b4bce47cb76481559132b91daf114da Security Headers Name Value Content-Security-Policy default-src 'self' blob: *;script-src 'nonce-tROgZ3na' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Referer https://mkt.zrgnovel.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 17 Jan 2026 20:14:25 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' blob: *;script-src 'nonce-tROgZ3na' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=1, rtx=0, c=83, mss=1232, tbw=103483, tp=93, tpl=0, uplat=2, ullat=-1 pragma public x-fb-debug NNYq+jYjNC54I/UoTF1BXjBrEHwyQThbhko0h2hZSW16e+/e3A05w8DTva+xXGoRAVekN8FB/Bz2NvyYI8JDUQ== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top, include-js-call-stacks-in-crash-reports content-length 35491 x-xss-protection 0 origin-agent-cluster ?1
GET		dreameshort://af?af_js_web=true&is_retargeting=true&deep_link_value=dreameshort%3A%2F%2Fdreameshort.com%2Fplayer%3FbookId%3D1375%26jumpType%3D2001%26source%3DdeepLinks%26testGroup%3DBOTTOM_PLAY%26dubType%3Ddefvid&af_sub3=2068579210570479&ldy_ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F144.0.0.0+Safari%2F537.36&deep_link_sub1=media_source%253Dfacebook_ads%2526campaign%253D%25257B%25257Bcampaign.name%25257D%25257D%2526af_adset%253D%25257B%25257Badset.name%25257D%25257D%2526af_sub1%253D%2526af_sub2%253Dundefined%2526af_sub3%253D2068579210570479%2526af_sub4%253Dundefined&s2s=true&ldy_type=landing&cts=1768680864&product=56&timezone=Australia%2FPerth&af_c_id=120237666444570453&af_adset=%7B%7Badset.name%7D%7D&af_adset_id=120237666445570453&af_ad_id=%7B%7Bad.id%7D%7D&af_ad=%7B%7Bad.name%7D%7D&af_channel=%7B%7Bsite_source_name%7D%7D&placement=%7B%7Bplacement%7D%7D&px=2068579210570479&random=MTIwMjM3NjY2NDQ0NTcwNDUz1768568909766350&lp_url=https%3A%2F%2Fmkt.zrgnovel.com%2Fdreame%2Fadlanding%2F9%2F4057464832%2F9424%2Ffb70479%2F202615154856499&media_source=facebook_ads&campaign=%7B%7Bcampaign.name%7D%7D dreameshort://af?af_js_web=true&is_retargeting=true&deep_link_value=dreameshort%3A%2F%2Fdreameshort.com%2Fplayer%3FbookId%3D1375%26jumpType%3D2001%26source%3DdeepLinks%26testGroup%3DBOTTOM_PLAY%26dubType%3Ddefvid&af_sub3=2068579210570479&ldy_ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F144.0.0.0+Safari%2F537.36&deep_link_sub1=media_source%253Dfacebook_ads%2526campaign%253D%25257B%25257Bcampaign.name%25257D%25257D%2526af_adset%253D%25257B%25257Badset.name%25257D%25257D%2526af_sub1%253D%2526af_sub2%253Dundefined%2526af_sub3%253D2068579210570479%2526af_sub4%253Dundefined&s2s=true&ldy_type=landing&cts=1768680864&product=56&timezone=Australia%2FPerth&af_c_id=120237666444570453&af_adset=%7B%7Badset.name%7D%7D&af_adset_id=120237666445570453&af_ad_id=%7B%7Bad.id%7D%7D&af_ad=%7B%7Bad.name%7D%7D&af_channel=%7B%7Bsite_source_name%7D%7D&placement=%7B%7Bplacement%7D%7D&px=2068579210570479&random=MTIwMjM3NjY2NDQ0NTcwNDUz1768568909766350&lp_url=https%3A%2F%2Fmkt.zrgnovel.com%2Fdreame%2Fadlanding%2F9%2F4057464832%2F9424%2Ffb70479%2F202615154856499&media_source=facebook_ads&campaign=%7B%7Bcampaign.name%7D%7D	0 0
GET H2	200	sa.gif bi.dreame.com/	43 B 257 B	489ms 488ms	Image image/gif	52.45.58.139 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bi.dreame.com:9106/sa.gif?project=d_project&data=eyJpZGVudGl0aWVzIjp7IiRpZGVudGl0eV9jb29raWVfaWQiOiIxOWJjZDk4M2E0MTZmNS0wMzBiNzJiMGQ4ZTE0ZWUtMTM0NjJjNjktMTkyMDAwMC0xOWJjZDk4M2E0MjMzYSJ9LCJkaXN0aW5jdF9pZCI6IjE5YmNkOTgzYTQxNmY1LTAzMGI3MmIwZDhlMTRlZS0xMzQ2MmM2OS0xOTIwMDAwLTE5YmNkOTgzYTQyMzNhIiwibGliIjp7IiRsaWIiOiJqcyIsIiRsaWJfbWV0aG9kIjoiY29kZSIsIiRsaWJfdmVyc2lvbiI6IjEuMjMuNSJ9LCJwcm9wZXJ0aWVzIjp7IiR0aW1lem9uZV9vZmZzZXQiOi00ODAsIiRzY3JlZW5faGVpZ2h0IjoxMjAwLCIkc2NyZWVuX3dpZHRoIjoxNjAwLCIkdmlld3BvcnRfaGVpZ2h0IjoxMjAwLCIkdmlld3BvcnRfd2lkdGgiOjE2MDAsIiRsaWIiOiJqcyIsIiRsaWJfdmVyc2lvbiI6IjEuMjMuNSIsIiRsYXRlc3RfdHJhZmZpY19zb3VyY2VfdHlwZSI6IuS7mOi0ueW5v%2BWRiua1gemHjyIsIiRsYXRlc3Rfc2VhcmNoX2tleXdvcmQiOiLmnKrlj5bliLDlgLxf55u05o6l5omT5byAIiwiJGxhdGVzdF9yZWZlcnJlciI6IiIsIiRsYXRlc3RfdXRtX3NvdXJjZSI6ImZhY2Vib29rX2FkcyIsIiRsYXRlc3RfdXRtX2NhbXBhaWduIjoie3tjYW1wYWlnbi5uYW1lfX0iLCJjaGFubmVsIjoiZHJlYW1lcG1pYW4tMTczIiwicG9ydCI6IndlYiIsIndhcF9waWQiOjk0MjQsIndpbmRvd19hbm9ueW1vdXNfaWQiOiIzNzJjMGNkOWM0MmJmNTgyYjI4YjMzNjVkOTJhZGYzMCIsIiR0aXRsZSI6IlRvbyBMYXRlIFRvIE1pc3MgTWUgfCBEcmVhbWVTaG9ydCIsIiR1cmwiOiJodHRwczovL21rdC56cmdub3ZlbC5jb20vZHJlYW1lL2FkbGFuZGluZy85LzQwNTc0NjQ4MzIvOTQyNC9mYjcwNDc5LzIwMjYxNTE1NDg1NjQ5OT91dG1fc291cmNlPWZhY2Vib29rX2FkcyZ1dG1fY2FtcGFpZ249e3tjYW1wYWlnbi5uYW1lfX0mYWZfY19pZD0xMjAyMzc2NjY0NDQ1NzA0NTMmYWZfYWRzZXQ9e3thZHNldC5uYW1lfX0mYWZfYWRzZXRfaWQ9MTIwMjM3NjY2NDQ1NTcwNDUzJmFmX2FkX2lkPXt7YWQuaWR9fSZhZl9hZD17e2FkLm5hbWV9fSZhZl9jaGFubmVsPXt7c2l0ZV9zb3VyY2VfbmFtZX19JnBsYWNlbWVudD17e3BsYWNlbWVudH19JnB4PTIwNjg1NzkyMTA1NzA0NzkmcmFuZG9tPU1USXdNak0zTmpZMk5EUTBOVGN3TkRVejE3Njg1Njg5MDk3NjYzNTAiLCIkdXJsX3BhdGgiOiIvZHJlYW1lL2FkbGFuZGluZy85LzQwNTc0NjQ4MzIvOTQyNC9mYjcwNDc5LzIwMjYxNTE1NDg1NjQ5OSIsIiRyZWZlcnJlcl9ob3N0IjoiIiwiJHJlZmVycmVyIjoiIiwiJHZpZXdwb3J0X3Bvc2l0aW9uIjowLCJldmVudF9kdXJhdGlvbiI6MC4wODQsIiRpc19maXJzdF9kYXkiOnRydWV9LCJhbm9ueW1vdXNfaWQiOiIxOWJjZDk4M2E0MTZmNS0wMzBiNzJiMGQ4ZTE0ZWUtMTM0NjJjNjktMTkyMDAwMC0xOWJjZDk4M2E0MjMzYSIsInR5cGUiOiJ0cmFjayIsImV2ZW50IjoiJFdlYlBhZ2VMZWF2ZSIsInRpbWUiOjE3Njg2ODA4NjU1MDYsIl90cmFja19pZCI6MzM5ODQ1NTA3LCJfZmx1c2hfdGltZSI6MTc2ODY4MDg2NTUwN30%3D&ext=crc%3D1102531009 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.45.58.139 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-45-58-139.compute-1.amazonaws.com Software Sws / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Referer https://mkt.zrgnovel.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache expires Mon, 28 Sep 1970 05:00:00 GMT access-control-allow-origin * content-length 43 date Sat, 17 Jan 2026 20:14:25 GMT content-type image/gif last-modified Mon, 28 Sep 1970 06:00:00 GMT server Sws
GET H3	200	/ www.facebook.com/privacy_sandbox/topics/registration/	67 B 0	198ms 191ms	Fetch image/png	157.240.8.35 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/privacy_sandbox/topics/registration/?id=2068579210570479 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/signals/config/2068579210570479?v=2.9.250&r=stable&domain=mkt.zrgnovel.com&hme=842ba5a67bc11ec88742f1d93fdc2338abd91b60fc0531689cc660af96e193d9&ex_m=94%2C156%2C134%2C20%2C66%2C67%2C127%2C62%2C42%2C128%2C71%2C61%2C10%2C141%2C80%2C15%2C93%2C122%2C115%2C69%2C72%2C121%2C138%2C102%2C143%2C7%2C3%2C4%2C6%2C5%2C2%2C81%2C91%2C144%2C223%2C167%2C56%2C225%2C226%2C49%2C182%2C27%2C68%2C231%2C230%2C170%2C29%2C55%2C9%2C58%2C87%2C88%2C89%2C95%2C118%2C28%2C26%2C120%2C117%2C116%2C135%2C70%2C137%2C136%2C44%2C54%2C111%2C14%2C140%2C39%2C212%2C214%2C177%2C23%2C24%2C25%2C17%2C18%2C38%2C34%2C36%2C35%2C76%2C82%2C86%2C100%2C126%2C129%2C40%2C101%2C21%2C19%2C107%2C63%2C32%2C131%2C130%2C132%2C123%2C22%2C31%2C53%2C99%2C139%2C64%2C16%2C133%2C104%2C75%2C30%2C192%2C163%2C282%2C210%2C154%2C195%2C188%2C164%2C97%2C119%2C74%2C109%2C48%2C41%2C43%2C103%2C108%2C114%2C52%2C59%2C113%2C47%2C50%2C46%2C90%2C142%2C0%2C112%2C13%2C110%2C11%2C1%2C51%2C83%2C57%2C60%2C106%2C79%2C78%2C145%2C146%2C84%2C85%2C8%2C92%2C45%2C124%2C77%2C73%2C65%2C105%2C96%2C37%2C125%2C33%2C98%2C12%2C147 Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-syd2.facebook.com Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-VC9Fxmsn' blob: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com *.instagram.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Referer https://mkt.zrgnovel.com/ Response headers access-control-expose-headers X-FB-Debug, X-Loader-Length, X-Stack, Error-MID content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7596426474005230210&cpp=C3&cv=1032139176&st=1768680865704"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff observe-browsing-topics ?1 expires Sat, 01 Jan 2000 00:00:00 GMT access-control-allow-methods OPTIONS alt-svc h3=":443"; ma=86400 date Sat, 17 Jan 2026 20:14:25 GMT content-type image/png vary Origin, Accept-Encoding x-fb-debug cgM8C9hPrjwsaj7TZ9BQXIIWnMBb4K3alWOutCMeW+hZj0rxVWVhQDa+M7v6xJTb3Yzqaq3NKyPtphCZPGVaxQ== priority u=1,i strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7596426474005230210&cpp=C3&cv=1032139176&st=1768680865704", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-VC9Fxmsn' blob: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com *.instagram.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality EXCELLENT; q=0.9, rtt=4, rtx=0, c=24, mss=1232, tbw=4982, tp=9, tpl=0, uplat=187, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy same-origin access-control-allow-credentials true permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self "https://www.fbsbx.com"), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top, include-js-call-stacks-in-crash-reports access-control-allow-origin * x-xss-protection 0 origin-agent-cluster ?1
POST H2	200	eventPush api.dreame.com/api/	32 B 477 B	1083ms 539ms	Ping text/html	100.49.233.201 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.dreame.com/api/eventPush Requested by Host: assets.dreame.com URL: https://assets.dreame.com/dreame/file/staticLandingCommonScript.1.js?ts=1767628136400 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 100.49.233.201 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-100-49-233-201.compute-1.amazonaws.com Software nginx / PHP/7.4.33 Resource Hash a3ca9511084802f73ba055cd1475adbb89e8a147382d93b03fc0ab98063de03d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Content-Type application/json Referer https://mkt.zrgnovel.com/ Response headers content-encoding gzip access-control-allow-credentials true access-control-allow-methods POST,GET,PUT access-control-allow-origin https://mkt.zrgnovel.com date Sat, 17 Jan 2026 20:14:26 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.4.33 server nginx access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, Bearer-Token, X-Origin-Product, X-App-Language, X-App-OsType, X-App-DeviceId, X-App-DistinctId, X-App-VersionName, X-App-Channel, X-App-Platform, Paypal-Client-Metadata-Id
GET H3	200	/ www.facebook.com/tr/	0 16 B	10ms 4ms	Image text/plain	157.240.8.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2068579210570479&ev=PageView&dl=https%3A%2F%2Fmkt.zrgnovel.com%2Fdreame%2Fadlanding%2F9%2F4057464832%2F9424%2Ffb70479%2F202615154856499%3Futm_source%3Dfacebook_ads%26utm_campaign%3D%7B%7Bcampaign.name%7D%7D%26af_c_id%3D120237666444570453%26af_adset%3D%7B%7Badset.name%7D%7D%26af_adset_id%3D120237666445570453%26af_ad_id%3D%7B%7Bad.id%7D%7D%26af_ad%3D%7B%7Bad.name%7D%7D%26af_channel%3D%7B%7Bsite_source_name%7D%7D%26placement%3D%7B%7Bplacement%7D%7D%26px%3D2068579210570479%26random%3DMTIwMjM3NjY2NDQ0NTcwNDUz1768568909766350&rl=&if=false&ts=1768680865587&sw=1600&sh=1200&cud[external_id]=%23%23%23*%23**%23*%23%23**%23%23%23*%23%23*%23%23%23%23*%23%23***%23%23&ncud[external_id]=%23%23%23*%23**%23*%23%23**%23%23%23*%23%23*%23%23%23%23*%23%23***%23%23&ud[external_id]=372c0cd9c42bf582b28b3365d92adf30&aud[external_id]=372c0cd9c42bf582b28b3365d92adf30&v=2.9.250&r=stable&ec=0&o=4126&fbp=fb.1.1768680865583.568258064871202548&ler=empty&cdl=API_unavailable&pmd[title]=Too%20Late%20To%20Miss%20Me%20%7C%20DreameShort&pmd[description]=A%20wonderland%20for%20all%20kinds%20of%20book%20lovers%3B%20Embrace%20a%20whole%20new%20world%20of%20gripping%20stories.&plt=358.79999923706055&it=1768680865478&coo=false&expv2[0]=pl1&expv2[1]=el3&expv2[2]=bc1&expv2[3]=mr2&expv2[4]=ct3&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-syd2.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Referer https://mkt.zrgnovel.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=5034, tp=10, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sat, 17 Jan 2026 20:14:25 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 198 B	325ms 319ms	Image image/png	157.240.8.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2068579210570479&ev=PageView&dl=https%3A%2F%2Fmkt.zrgnovel.com%2Fdreame%2Fadlanding%2F9%2F4057464832%2F9424%2Ffb70479%2F202615154856499%3Futm_source%3Dfacebook_ads%26utm_campaign%3D%7B%7Bcampaign.name%7D%7D%26af_c_id%3D120237666444570453%26af_adset%3D%7B%7Badset.name%7D%7D%26af_adset_id%3D120237666445570453%26af_ad_id%3D%7B%7Bad.id%7D%7D%26af_ad%3D%7B%7Bad.name%7D%7D%26af_channel%3D%7B%7Bsite_source_name%7D%7D%26placement%3D%7B%7Bplacement%7D%7D%26px%3D2068579210570479%26random%3DMTIwMjM3NjY2NDQ0NTcwNDUz1768568909766350&rl=&if=false&ts=1768680865587&sw=1600&sh=1200&cud[external_id]=%23%23%23*%23**%23*%23%23**%23%23%23*%23%23*%23%23%23%23*%23%23***%23%23&ncud[external_id]=%23%23%23*%23**%23*%23%23**%23%23%23*%23%23*%23%23%23%23*%23%23***%23%23&ud[external_id]=372c0cd9c42bf582b28b3365d92adf30&aud[external_id]=372c0cd9c42bf582b28b3365d92adf30&v=2.9.250&r=stable&ec=0&o=4126&fbp=fb.1.1768680865583.568258064871202548&ler=empty&cdl=API_unavailable&pmd[title]=Too%20Late%20To%20Miss%20Me%20%7C%20DreameShort&pmd[description]=A%20wonderland%20for%20all%20kinds%20of%20book%20lovers%3B%20Embrace%20a%20whole%20new%20world%20of%20gripping%20stories.&plt=358.79999923706055&it=1768680865478&coo=false&expv2[0]=pl1&expv2[1]=el3&expv2[2]=bc1&expv2[3]=mr2&expv2[4]=ct3&rqm=FGET Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-syd2.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-ffI9izJh' blob: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com *.instagram.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Referer https://mkt.zrgnovel.com/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7596426474270856349&cpp=C3&cv=1032139176&st=1768680865826"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 17 Jan 2026 20:14:25 GMT content-type image/png vary Accept-Encoding x-fb-debug A6IMqDNdzErJczRUBnkwssREHs8aUOTA6EjKArfuik7vYLwTm/Ge9M9PTzQF7Wpscg2gPWw685LPEhGBRAQtpA== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7596426474270856349&cpp=C3&cv=1032139176&st=1768680865826", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-ffI9izJh' blob: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com *.instagram.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality EXCELLENT; q=0.9, rtt=1, rtx=0, c=24, mss=1232, tbw=5402, tp=13, tpl=0, uplat=315, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self "https://www.fbsbx.com"), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top, include-js-call-stacks-in-crash-reports x-xss-protection 0 origin-agent-cluster ?1
OPTIONS H2	204	eventPush api.dreame.com/api/	0 0	387ms 387ms	Preflight	100.49.233.201 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.dreame.com/api/eventPush Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 100.49.233.201 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-100-49-233-201.compute-1.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://mkt.zrgnovel.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, Bearer-Token, X-Origin-Product, X-App-Language, X-App-OsType, X-App-DeviceId, X-App-DistinctId, X-App-VersionName, X-App-Channel, X-App-Platform, Paypal-Client-Metadata-Id access-control-allow-methods POST,GET,PUT access-control-allow-origin https://mkt.zrgnovel.com date Sat, 17 Jan 2026 20:14:25 GMT server nginx
POST H3	200	fireperf:fetch Show response firebaseremoteconfig.googleapis.com/v1/projects/stary-web-page/namespaces/	1 KB 500 B	144ms 143ms	Fetch application/json	142.250.195.106 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firebaseremoteconfig.googleapis.com/v1/projects/stary-web-page/namespaces/fireperf:fetch?key=AIzaSyCa5h90UFcwx9JG3Qq-JyvGejQB1nGEotQ Requested by Host: assets.dreame.com URL: https://assets.dreame.com/dreame/file/staticLandingCommonScript.1.js?ts=1767628136400 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.195.106 , United States, ASN15169 (GOOGLE, US), Reverse DNS tzsyda-ad-in-f10.1e100.net Software ESF / Resource Hash 097a10e1341f8f9deb21da3ebb919e6a55a686cf6acafbeaa789ad00606d96ef Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Authorization FIREBASE_INSTALLATIONS_AUTH eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHBJZCI6IjE6MjQ5MjU2MjAyNzY0OndlYjoyYzk5NmYwZDk5ZjNmOTdiZDA1NDI5IiwiZXhwIjoxNzY5Mjg1NjY2LCJmaWQiOiJkeFo4YWFldzJPQVlGZC10TThiTV9fIiwicHJvamVjdE51bWJlciI6MjQ5MjU2MjAyNzY0fQ.AB2LPV8wRgIhAPxdQFvhXA7Nrck2mrY5P_2WPc3oqx5NuZ6DqU-D6NRkAiEArXizAHvD_zsMrtTHJRI5hPAVuAdxoUfsGch-DM7Al58 Referer https://mkt.zrgnovel.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-expose-headers etag,vary,vary,vary,content-encoding,date,server,content-length content-encoding gzip etag etag-stary-web-page-fireperf-fetch--1738851743 x-content-type-options nosniff access-control-allow-origin https://mkt.zrgnovel.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 477 date Sat, 17 Jan 2026 20:14:26 GMT x-xss-protection 0 content-type application/json; charset=UTF-8 vary Origin, X-Origin, Referer server ESF x-frame-options SAMEORIGIN
OPTIONS H2	200	fireperf:fetch firebaseremoteconfig.googleapis.com/v1/projects/stary-web-page/namespaces/	0 0	136ms 135ms	Preflight text/html	142.250.195.106 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firebaseremoteconfig.googleapis.com/v1/projects/stary-web-page/namespaces/fireperf:fetch?key=AIzaSyCa5h90UFcwx9JG3Qq-JyvGejQB1nGEotQ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 142.250.195.106 , United States, ASN15169 (GOOGLE, US), Reverse DNS tzsyda-ad-in-f10.1e100.net Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers authorization Access-Control-Request-Method POST Origin https://mkt.zrgnovel.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Response headers access-control-allow-headers authorization access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://mkt.zrgnovel.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Sat, 17 Jan 2026 20:14:26 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

af

URL

dreameshort://af?af_js_web=true&is_retargeting=true&deep_link_value=dreameshort%3A%2F%2Fdreameshort.com%2Fplayer%3FbookId%3D1375%26jumpType%3D2001%26source%3DdeepLinks%26testGroup%3DBOTTOM_PLAY%26dubType%3Ddefvid&af_sub3=2068579210570479&ldy_ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F144.0.0.0+Safari%2F537.36&deep_link_sub1=media_source%253Dfacebook_ads%2526campaign%253D%25257B%25257Bcampaign.name%25257D%25257D%2526af_adset%253D%25257B%25257Badset.name%25257D%25257D%2526af_sub1%253D%2526af_sub2%253Dundefined%2526af_sub3%253D2068579210570479%2526af_sub4%253Dundefined&s2s=true&ldy_type=landing&cts=1768680864&product=56&timezone=Australia%2FPerth&af_c_id=120237666444570453&af_adset=%7B%7Badset.name%7D%7D&af_adset_id=120237666445570453&af_ad_id=%7B%7Bad.id%7D%7D&af_ad=%7B%7Bad.name%7D%7D&af_channel=%7B%7Bsite_source_name%7D%7D&placement=%7B%7Bplacement%7D%7D&px=2068579210570479&random=MTIwMjM3NjY2NDQ0NTcwNDUz1768568909766350&lp_url=https%3A%2F%2Fmkt.zrgnovel.com%2Fdreame%2Fadlanding%2F9%2F4057464832%2F9424%2Ffb70479%2F202615154856499&media_source=facebook_ads&campaign=%7B%7Bcampaign.name%7D%7D

375 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

function| setPageFontsize function| Zepto function| $ function| HuntClipboard object| FingerprintJS function| fbq function| _fbq object| JSON3 object| SensorsDataWebJSSDKPlugin object| sensorsDataAnalytic201505 object| params object| sensors object| config number| wap_pid function| sensorsdata_app_call_js function| sensorsdata_app_js_bridge_call_js object| OnelinkScript object| platform object| pageData function| _0x521b03 function| _0x4aa7 object| e object| t object| n object| r object| a function| o function| s function| c function| u function| f function| p function| d function| h function| v function| m function| g function| _0x5c1d function| y function| b function| w function| _ function| k function| I function| S function| E function| T function| C function| x function| D function| A function| O function| L object| P function| j object| M number| N object| R function| B function| U function| F function| V function| q function| z function| W function| J function| G function| K function| Q function| Z object| X function| Y function| ee object| te function| ne function| re object| ae function| ie function| oe function| se function| ce function| ue function| le function| fe function| pe function| de function| he function| ve object| me function| ge function| ye function| be string| we function| _e object| ke function| Ie object| Se object| Ee object| Te number| Ce object| xe function| De function| Ae function| Oe object| Le object| Pe object| je object| Me object| Ne object| Re function| Be function| Ue function| Fe function| Ve function| $e object| He object| qe object| ze function| We function| Je string| Ge string| Ke object| Qe string| Ze object| Xe object| Ye object| et object| tt function| nt function| rt function| at object| it object| ot function| st function| ct function| ut string| lt number| ft string| pt object| dt function| ht function| vt function| mt function| gt function| yt function| bt number| wt function| _t function| kt function| It function| Et function| Tt function| Ct object| Dt function| At function| Ot function| Lt function| Pt number| jt function| Mt function| Nt function| Rt function| Bt function| Ut function| Ft function| Vt function| $t number| Ht function| qt function| zt function| Wt function| Jt function| Gt function| Kt object| Qt object| Zt function| Xt number| en function| nn function| rn function| an object| on object| sn object| un function| ln function| fn object| pn function| dn object| hn object| vn object| gn object| yn number| bn function| wn function| _n function| kn function| In function| Sn object| En object| Tn function| Cn string| xn string| Dn number| An string| On string| Ln string| Pn number| jn object| Mn object| Nn function| Rn function| Bn function| Un function| Fn function| Vn function| $n function| Hn function| qn function| zn function| Wn function| Jn function| Gn object| Kn function| Zn function| Xn object| Yn function| er function| tr string| rr number| ar string| ir object| or function| sr function| cr function| ur function| lr function| fr function| pr function| dr function| hr function| vr function| mr function| gr function| yr function| br function| wr function| _r function| kr function| Ir function| Sr function| Er function| Tr function| Cr function| xr function| Dr function| Ar function| Or function| Lr function| Pr function| jr function| Mr function| Nr function| Rr function| Br function| Ur function| Fr string| Vr string| $r function| Hr function| qr object| zr object| Wr string| Jr string| Gr string| Kr string| Qr string| Zr string| Xr string| Yr string| ea string| ta string| na string| ra string| aa string| ia object| oa object| sa object| ca string| ua object| la function| fa function| pa function| da object| ha function| va object| ma object| ga number| ya number| ba function| wa function| _a function| ka function| Ia string| Sa object| Ea string| Ta function| Ca string| xa function| Da function| Aa object| Oa number| La function| Pa function| ja number| Na number| Ra number| Ba number| Ua number| Fa object| Va boolean| $a function| Ha function| qa function| za function| Wa function| Ja function| Ga function| Ka function| Qa function| Za function| Xa number| Ya string| ei object| ti function| ri object| ai function| oi function| si function| ci function| ui function| li object| fi number| pi function| wi string| _i object| Si string| Ti object| Ci function| xi function| Ai number| Oi number| Li function| Pi string| ji number| Mi object| Ni function| Ri function| Bi function| Ui function| Fi string| Vi object| $i string| Hi number| qi function| zi function| Wi function| Ji function| Gi function| Ki function| Qi function| ttqTrack function| jump function| writeCBWehear function| getASLink function| jumpFunc

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.zrgnovel.com/	1970-01-21 11:19:11	Name: sajssdk_2015_cross_new_user Value: 1
			.zrgnovel.com/	1970-01-21 20:54:00	Name: sensorsdata2015jssdkcross Value: %7B%22distinct_id%22%3A%2219bcd983a416f5-030b72b0d8e14ee-13462c69-1920000-19bcd983a4233a%22%2C%22first_id%22%3A%22%22%2C%22props%22%3A%7B%22%24latest_traffic_source_type%22%3A%22%E4%BB%98%E8%B4%B9%E5%B9%BF%E5%91%8A%E6%B5%81%E9%87%8F%22%2C%22%24latest_search_keyword%22%3A%22%E6%9C%AA%E5%8F%96%E5%88%B0%E5%80%BC_%E7%9B%B4%E6%8E%A5%E6%89%93%E5%BC%80%22%2C%22%24latest_referrer%22%3A%22%22%2C%22%24latest_utm_source%22%3A%22facebook_ads%22%2C%22%24latest_utm_campaign%22%3A%22%7B%7Bcampaign.name%7D%7D%22%7D%2C%22identities%22%3A%22eyIkaWRlbnRpdHlfY29va2llX2lkIjoiMTliY2Q5ODNhNDE2ZjUtMDMwYjcyYjBkOGUxNGVlLTEzNDYyYzY5LTE5MjAwMDAtMTliY2Q5ODNhNDIzM2EifQ%3D%3D%22%2C%22history_login_id%22%3A%7B%22name%22%3A%22%22%2C%22value%22%3A%22%22%7D%2C%22%24device_id%22%3A%2219bcd983a416f5-030b72b0d8e14ee-13462c69-1920000-19bcd983a4233a%22%7D
			.zrgnovel.com/	1970-01-21 13:27:36	Name: _fbp Value: fb.1.1768680865583.568258064871202548

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237666444570453&af_adset={{adset.name}}&af_adset_id=120237666445570453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NjY2NDQ0NTcwNDUz1768568909766350 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0101900A4130000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237666444570453&af_adset={{adset.name}}&af_adset_id=120237666445570453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NjY2NDQ0NTcwNDUz1768568909766350 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0605100A4130000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
other	error	URL: https://mkt.zrgnovel.com/dreame/adlanding/9/4057464832/9424/fb70479/202615154856499?utm_source=facebook_ads&utm_campaign={{campaign.name}}&af_c_id=120237666444570453&af_adset={{adset.name}}&af_adset_id=120237666445570453&af_ad_id={{ad.id}}&af_ad={{ad.name}}&af_channel={{site_source_name}}&placement={{placement}}&px=2068579210570479&random=MTIwMjM3NjY2NDQ0NTcwNDUz1768568909766350 Message: Not allowed to launch 'dreameshort://af?af_js_web=true&is_retargeting=true&deep_link_value=dreameshort%3A%2F%2Fdreameshort.com%2Fplayer%3FbookId%3D1375%26jumpType%3D2001%26source%3DdeepLinks%26testGroup%3DBOTTOM_PLAY%26dubType%3Ddefvid&af_sub3=2068579210570479&ldy_ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F144.0.0.0+Safari%2F537.36&deep_link_sub1=media_source%253Dfacebook_ads%2526campaign%253D%25257B%25257Bcampaign.name%25257D%25257D%2526af_adset%253D%25257B%25257Badset.name%25257D%25257D%2526af_sub1%253D%2526af_sub2%253Dundefined%2526af_sub3%253D2068579210570479%2526af_sub4%253Dundefined&s2s=true&ldy_type=landing&cts=1768680864&product=56&timezone=Australia%2FPerth&af_c_id=120237666444570453&af_adset=%7B%7Badset.name%7D%7D&af_adset_id=120237666445570453&af_ad_id=%7B%7Bad.id%7D%7D&af_ad=%7B%7Bad.name%7D%7D&af_channel=%7B%7Bsite_source_name%7D%7D&placement=%7B%7Bplacement%7D%7D&px=2068579210570479&random=MTIwMjM3NjY2NDQ0NTcwNDUz1768568909766350&lp_url=https%3A%2F%2Fmkt.zrgnovel.com%2Fdreame%2Fadlanding%2F9%2F4057464832%2F9424%2Ffb70479%2F202615154856499&media_source=facebook_ads&campaign=%7B%7Bcampaign.name%7D%7D' because a user gesture is required.