showdream.org Open in urlscan Pro
77.87.193.121 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://showdream.org/
Effective URL:
https://showdream.org/
Submission: On March 10 via api (March 10th 2023, 8:43:29 am UTC) from US — Scanned from DE

Summary HTTP 129 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 29 IPs in 6 countries across 20 domains to perform 129 HTTP transactions. The main IP is 77.87.193.121, located in Ukraine and belongs to MIROHOST, UA. The main domain is showdream.org.
TLS certificate: Issued by R3 on January 12th 2023. Valid for: 3 months.

This is the only time showdream.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 40	77.87.193.121 77.87.193.121	25393 (MIROHOST) (MIROHOST)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
3	212.124.125.229 212.124.125.229	47328 (TRI-AS Tr...) (TRI-AS True Records Inc.)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
8	136.243.84.75 136.243.84.75	24940 (HETZNER-AS) (HETZNER-AS)
6	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
7	159.69.174.226 159.69.174.226	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	159.69.174.229 159.69.174.229	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2404:6800:400... 2404:6800:4003:c03::78	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:4c::6	15169 (GOOGLE) (GOOGLE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
129	29

40 77.87.193.121 (Ukraine) 1 redirects

ASN25393 (MIROHOST, UA)
PTR: vs664.mirohost.net

showdream.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.124.125.229 (Reston, United States)

ASN47328 (TRI-AS True Records Inc., VG)

aj1616.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 136.243.84.75 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.75.84.243.136.clients.your-server.de

go.rcvlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
st11.rcvlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 159.69.174.226 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.226.174.69.159.clients.your-server.de

ua.redtram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.redtram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.69.174.229 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.229.174.69.159.clients.your-server.de

fixidle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c03::78 (Singapore)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:4c::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5e6nzs.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	showdream.org 1 redirects showdream.org	2 MB
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 134	275 KB
12	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 googleads.g.doubleclick.net — Cisco Umbrella Rank: 32 stats.g.doubleclick.net — Cisco Umbrella Rank: 76	170 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	134 KB
8	rcvlink.com go.rcvlink.com — Cisco Umbrella Rank: 60128 st11.rcvlink.com — Cisco Umbrella Rank: 76967	63 KB
7	redtram.com ua.redtram.com — Cisco Umbrella Rank: 699302 img.redtram.com — Cisco Umbrella Rank: 627413	47 KB
6	adpartner.pro a4p.adpartner.pro — Cisco Umbrella Rank: 10012	9 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 386 mug.criteo.com — Cisco Umbrella Rank: 2753	7 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	fixidle.com fixidle.com — Cisco Umbrella Rank: 274859	8 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	40 KB
3	aj1616.online aj1616.online	15 KB
2	gvt1.com 1 redirects redirector.gvt1.com — Cisco Umbrella Rank: 3824 r1---sn-4g5e6nzs.gvt1.com — Cisco Umbrella Rank: 894161	670 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8720	696 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	2 KB
1	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 384	32 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 629	13 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	605 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	44 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	27 KB
129	20

	Domain	Requested by
40	showdream.org	1 redirects showdream.org
9	tpc.googlesyndication.com	b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
9	pagead2.googlesyndication.com	showdream.org pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com showdream.org
6	ua.redtram.com	showdream.org ua.redtram.com
6	a4p.adpartner.pro	showdream.org a4p.adpartner.pro
5	csi.gstatic.com	www.gstatic.com
5	go.rcvlink.com	showdream.org go.rcvlink.com
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com
3	www.gstatic.com	b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com
3	st11.rcvlink.com	showdream.org
3	fixidle.com	ua.redtram.com fixidle.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com a4p.adpartner.pro
3	fonts.gstatic.com	fonts.googleapis.com
3	aj1616.online	showdream.org aj1616.online
2	gum.criteo.com	1 redirects static.criteo.net
2	b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	fonts.googleapis.com	showdream.org b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	mug.criteo.com	showdream.org
1	r1---sn-4g5e6nzs.gvt1.com	b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com
1	redirector.gvt1.com	1 redirects
1	cdn.ampproject.org	b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	img.redtram.com	showdream.org
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	showdream.org
1	www.googletagservices.com	showdream.org
129	31

This site contains links to these domains. Also see Links.

Domain
client.redtram.com
ua.redtram.com

Subject Issuer	Validity	Valid
showdream.org R3	`2023-01-12` - `2023-04-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
aj1616.online R3	`2023-01-29` - `2023-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.rcvlink.com Thawte RSA CA 2018	`2022-09-25` - `2023-10-01`	a year	crt.sh
adpartner.pro R3	`2023-02-24` - `2023-05-25`	3 months	crt.sh
*.redtram.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-14`	a year	crt.sh
fixidle.com R3	`2023-03-04` - `2023-06-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://showdream.org/
Frame ID: 557FAF672038D7BDDE23C80A2069EDAD
Requests: 83 HTTP requests in this frame

Frame: https://go.rcvlink.com/static/main.js
Frame ID: D9EAD3E6E6B974C51C65E748DA8A8452
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20190131/zrt_lookup.html
Frame ID: 1379D45284A09C5BF58B413068EB30CF
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=df9ce17d-0ef9-4743-b295-98fcedd2b13e&site_visited=1&location=https%3A%2F%2Fshowdream.org%2F&referer=
Frame ID: 25DDE27632C50AF63A86193939ABCCBB
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/branding/ls?branding=3671&bannerNum=65223319401039336&apuid=cfd692e1-a233-4a5e-a6dc-f369289e7eed&session_pageview=1&session_id=df9ce17d-0ef9-4743-b295-98fcedd2b13e&site_visited=1&location=https%3A%2F%2Fshowdream.org%2F
Frame ID: FF77BFE346D2F449721AA4F2D62E6E5E
Requests: 3 HTTP requests in this frame

Frame: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2416F1FA3FD2A75525B741CC05E93A17
Requests: 1 HTTP requests in this frame

Frame: https://go.rcvlink.com/static/iframe.htm
Frame ID: 71DE975F981D3D975DC04F9B5E23AEB6
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3687089522093229&output=html&adk=1812271804&adf=1573534164&lmt=1678437803&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fshowdream.org%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678437803531&bpp=5&bdt=372&idt=271&shv=r20230308&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7261039949032&frm=20&pv=2&ga_vid=1981130495.1678437804&ga_sid=1678437804&ga_hid=2100610580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777876%2C44759927%2C44759876%2C31071870%2C31071260&oid=2&pvsid=2555783015235800&tmod=1394523612&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=297
Frame ID: 960D7FD9C19771697A1E93125FE8EAA5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3687089522093229&output=html&h=400&slotname=7158806150&adk=383544240&adf=2894711699&pi=t.ma~as.7158806150&w=240&lmt=1678437803&format=240x400&url=https%3A%2F%2Fshowdream.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678437803536&bpp=1&bdt=377&idt=304&shv=r20230308&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7261039949032&frm=20&pv=1&ga_vid=1981130495.1678437804&ga_sid=1678437804&ga_hid=2100610580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=1045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777876%2C44759927%2C44759876%2C31071870%2C31071260&oid=2&pvsid=2555783015235800&tmod=1394523612&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=n1K4LlkRHZ&p=https%3A//showdream.org&dtd=313
Frame ID: DD5BDAFABEEA8B4C6304A48137828EBE
Requests: 1 HTTP requests in this frame

Frame: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DD12C64C8AAD194C5F93431E37625A44
Requests: 26 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=showdream.org
Frame ID: DB6C7DEC78D5BE0680CB7F6FC0B881C9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B14DE66A26563FCDAB56DC8607041EDF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 18770629E70922CB24FC3EEFC9F4688B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Звезды, стиль и здоровье

Page URL History Show full URLs

http://showdream.org/ HTTP 301
https://showdream.org/ Page URL

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

129
Requests

97 %
HTTPS

76 %
IPv6

20
Domains

31
Subdomains

29
IPs

6
Countries

3701 kB
Transfer

5232 kB
Size

18
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://client.redtram.com/uk/systema-prosuvannya-publikacij/?ref_id=33899

Search URL Search Domain Scan URL

URL: https://ua.redtram.com/cp/613396153/n4p/41262/?q=0780707c95f6d4bdc5d50a85ef34a58203cf8e9283a1a52021ddeb38a05c94c8&tmload=1678437803&pos=1&ref=https%253A%252F%252Fshowdream.org%252F&ref2=&rtuid=8e18d3057377ef84848ffb0b0c4e727c

Search URL Search Domain Scan URL

URL: https://ua.redtram.com/cp/613486658/n4p/41262/?q=0780707c95f6d4bdc5d50a85ef34a58203cf8e9283a1a52021ddeb38a05c94c8&tmload=1678437803&pos=2&ref=https%253A%252F%252Fshowdream.org%252F&ref2=&rtuid=8e18d3057377ef84848ffb0b0c4e727c

Search URL Search Domain Scan URL

URL: https://ua.redtram.com/cp/613440320/n4p/41262/?q=0780707c95f6d4bdc5d50a85ef34a58203cf8e9283a1a52021ddeb38a05c94c8&tmload=1678437803&pos=3&ref=https%253A%252F%252Fshowdream.org%252F&ref2=&rtuid=8e18d3057377ef84848ffb0b0c4e727c

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://showdream.org/ HTTP 301
https://showdream.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 108

https://redirector.gvt1.com/videoplayback?id=0dc4516a74485ee0&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1678445003&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=16359202307F52885CF66970E513CFB993A539E4.1F64203C86A1D32F2B1870ADCCB72BE32E7E8AEE&key=ck2 HTTP 302
https://r1---sn-4g5e6nzs.gvt1.com/videoplayback?id=0dc4516a74485ee0&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1678445003&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=43882EAE9B263AA65B127FDAC081EDABA6BB421A.0EF27ED4F21B16F82B8B2F10606B3ACF8ADC94C9&key=cms1&cms_redirect=yes&mh=i9&mip=2001:ac8:20:3c00:1012:eae6:3ba1:f962&mm=28&mn=sn-4g5e6nzs&ms=nvh&mt=1678437622&mv=m&mvi=1&pl=50

Request Chain 111

https://gum.criteo.com/sid/json?origin=publishertagids&domain=showdream.org&sn=ChromeSyncframe&so=0&topUrl=showdream.org&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=o5BLG3w4c3RCcWY0VEt6a3QxTTAzMjZsMVBVdytNTTFYT2ROU0xUWkhoNEY0QWZzN21EZ2w2YmJ6NXFPbW1GNGtxL1hUTVNSZHgxbjFWdkZwanFMalc2RVZuVk8yZktld0I2WnljM0QrZFR5alpVdGxpY0pvdVd1VzJadkZnOVljUHRTTjBGV3NoRkhmZFFOelVFb0VWT3pyYzVJRlJwaVRHVWFNKzRnUzVpdmhxUnZzMzF6U0J4ZFAwME5LWlp4Ny9ydXNMd0hmZ3NpME9sSWNQclp3bldob1NpY29SWkg1ZENhM2ZjT2hmVUNnbmtaZ2p4UzhnU3RVVk5tM0htQ1B0Nnh2UExDNFptQlNKTGd6MmZNNkFxaU51cFJJNzd3ZUU3cXIyUHN4RVA2TWJncz18&cppv=2

129 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
showdream.org/
Redirect Chain

http://showdream.org/
https://showdream.org/

43 KB
10 KB

416ms
337ms

Document
text/html

77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://showdream.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),

Reverse DNS

vs664.mirohost.net

Software

nginx /

Resource Hash

589c37f3dcde1eb5e8fb138c3eeacb24217679ae02d3dd3ce10f0ee909e1d45d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 9856
content-type: text/html; charset=utf-8
date: Fri, 10 Mar 2023 08:43:23 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
front-end-https: on
pragma: no-cache
server: nginx
strict-transport-security: max-age=300;
vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 10 Mar 2023 08:43:22 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: https://showdream.org/
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H2 200 index.php Show response
showdream.org/engine/classes/min/ 206 KB
61 KB 78ms
77ms Script
application/x-javascript 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://showdream.org/engine/classes/min/index.php?charset=utf-8&g=general&v=22

Requested by

Host: showdream.org
URL: https://showdream.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),

Reverse DNS

vs664.mirohost.net

Software

nginx /

Resource Hash

e25cac6f60a3bbe662d321d307e26c831c89217c10973605c66c9715b610575b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
content-encoding: gzip
strict-transport-security: max-age=300;
last-modified: Wed, 02 Mar 2022 07:39:42 GMT
server: nginx
etag: "pub1646206782;gz"
vary: Accept-Encoding
front-end-https: on
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=31536000
content-length: 62377
expires: Sat, 09 Mar 2024 08:43:23 GMT

GET
H2 200 style.css
showdream.org/templates/Freestyle/css/ 104 KB
30 KB 42ms
41ms Stylesheet
text/css 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://showdream.org/templates/Freestyle/css/style.css
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: 381780fe4b266a90b982e15fe667537ebd1d0dda136af96ab3b22171877a6b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
content-encoding: gzip
last-modified: Mon, 15 Aug 2022 19:42:54 GMT
server: nginx
etag: W/"62faa1be-1a05b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=950400, public, must-revalidate, proxy-revalidate
expires: Tue, 21 Mar 2023 08:43:23 GMT

GET
H2 200 rwdgrid.css
showdream.org/templates/Freestyle/css/ 22 KB
5 KB 76ms
76ms Stylesheet
text/css 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://showdream.org/templates/Freestyle/css/rwdgrid.css
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: 017d7aa39aab0f9a54071181ea666f0acb37fbd568333dbccbbbbe5cf9c00413

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 07:40:05 GMT
server: nginx
etag: W/"621f1f55-5628"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=950400, public, must-revalidate, proxy-revalidate
expires: Tue, 21 Mar 2023 08:43:23 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
954 B 37ms
16ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Vollkorn

Requested by

Host: showdream.org
URL: https://showdream.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1ac2a15d8cde0a9d51c87a83edf6c77e1260aa1d6b05022aeca1b900688a51c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 08:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 08:41:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 08:43:23 GMT

GET
H2 200 social-likes_birman.css
showdream.org/templates/Freestyle/css/ 13 KB
5 KB 77ms
76ms Stylesheet
text/css 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://showdream.org/templates/Freestyle/css/social-likes_birman.css
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: 183fb83835ba2925e8c4ce9831cbd632dfbf121b12face805ee227ecd71e5602

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 07:40:05 GMT
server: nginx
etag: W/"621f1f55-35bb"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=950400, public, must-revalidate, proxy-revalidate
expires: Tue, 21 Mar 2023 08:43:23 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
48 KB 101ms
71ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: showdream.org
URL: https://showdream.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04db99a3bd1ba4fa06c1cccb0033b47e7ec69fe0c61b84b84a746e084e3c20a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48466
x-xss-protection: 0
server: cafe
etag: 11133283522247042820
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 08:43:23 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 48ms
16ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: showdream.org
URL: https://showdream.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8df11986771754af178fba4f59b6d15d08d86008e48d58a30a3b51aa9a748a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27424
x-xss-protection: 0
server: sffe
etag: "1506 / 236 of 1000 / last-modified: 1678403375"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 10 Mar 2023 08:43:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 50ms
20ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-123084842-1

Requested by

Host: showdream.org
URL: https://showdream.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27a1b39b94c3fe2a49fda43f7655c1bd747b8b30c66a5a137a8d093f78dd8570

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44784
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Mar 2023 08:43:23 GMT

GET
H/1.1 200 8eb939b7.js Show response
aj1616.online/ 36 KB
13 KB 2603ms
1924ms Script
application/javascript 212.124.125.229
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1616.online/8eb939b7.js
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.125.229 Reston, United States, ASN47328 (TRI-AS True Records Inc., VG),
Reverse DNS
Software: /
Resource Hash: 20047a80dc11dab8fc3d86e70bc30318f33f4a4c05aee820f7232449c1284c10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:25 GMT
content-encoding: gzip
accept-ranges: bytes
etag: "03a7a49d63669f3046d1c44de1de0c3b3"
transfer-encoding: chunked
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 spacer.gif
showdream.org/templates/Freestyle/images/ 43 B
258 B 44ms
34ms Image
image/gif 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/templates/Freestyle/images/spacer.gif
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Wed, 02 Mar 2022 07:40:11 GMT
server: nginx
etag: "621f1f5b-2b"
content-type: image/gif
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 43
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 1678371449_101f196b5162d8639497f30ab314061c_resize_crop_1xquality_100xallow_enlarge_0xw_0xh_0.jpg
showdream.org/uploads/posts/2023-03/ 53 KB
53 KB 44ms
35ms Image
image/jpeg 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/uploads/posts/2023-03/1678371449_101f196b5162d8639497f30ab314061c_resize_crop_1xquality_100xallow_enlarge_0xw_0xh_0.jpg
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: 9c496c4d2503c92e4850380e3016629f664c5fb78e3771fb7a2f3cd16ed7595b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Thu, 09 Mar 2023 14:17:03 GMT
server: nginx
etag: "6409ea5f-d2e3"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 53987
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 1678265700_screenshot_1.jpg
showdream.org/uploads/posts/2023-03/medium/ 62 KB
62 KB 45ms
36ms Image
image/jpeg 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/uploads/posts/2023-03/medium/1678265700_screenshot_1.jpg
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: db20165c3ba6b7b2abab5bcc04b5319619f88c844196a8227d7c7fb0796d9a93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Wed, 08 Mar 2023 08:54:43 GMT
server: nginx
etag: "64084d53-f7f8"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 63480
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 1678177485_7191ea69040e57ca9b26ac261b9dc5fb.jpeg
showdream.org/uploads/posts/2023-03/medium/ 80 KB
81 KB 78ms
68ms Image
image/jpeg 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/uploads/posts/2023-03/medium/1678177485_7191ea69040e57ca9b26ac261b9dc5fb.jpeg
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: 9b95b9418a1ba3e1b55e8a09cbbd87f006ad8013717728cb7223e0b27320fa68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Tue, 07 Mar 2023 08:23:21 GMT
server: nginx
etag: "6406f479-141d2"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 82386
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 1678343986_km-beysnger-vrazila-shanuvalnikv-oblichchyam-pslya-plastichnih-operacy.jpg
showdream.org/uploads/posts/2023-03/ 59 KB
60 KB 78ms
69ms Image
image/jpeg 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/uploads/posts/2023-03/1678343986_km-beysnger-vrazila-shanuvalnikv-oblichchyam-pslya-plastichnih-operacy.jpg
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: 18c317eae10207aa15d489b44b620a31e2bda771f0a2dde16864f92b6ada2da1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Thu, 09 Mar 2023 06:38:58 GMT
server: nginx
etag: "64097f02-ecf5"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 60661
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 1678370722_screenshot_1.jpg
showdream.org/uploads/posts/2023-03/medium/ 98 KB
98 KB 79ms
70ms Image
image/jpeg 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/uploads/posts/2023-03/medium/1678370722_screenshot_1.jpg
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: 58b598792cfb87d152f7db4857f2a0e88866d5054c8405d87b6ee801b88e95ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Thu, 09 Mar 2023 14:04:53 GMT
server: nginx
etag: "6409e785-187c7"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 100295
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 1678368986_7d756257f9c5e187e781d1298289901f-quality_75xresize_crop_1xallow_enlarge_0xw_790xh_445.jpg
showdream.org/uploads/posts/2023-03/ 66 KB
67 KB 79ms
70ms Image
image/jpeg 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/uploads/posts/2023-03/1678368986_7d756257f9c5e187e781d1298289901f-quality_75xresize_crop_1xallow_enlarge_0xw_790xh_445.jpg
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: 1953b10ead91811364b97a444cc5c595220229a1a86087d5929dbc61e361013a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Thu, 09 Mar 2023 13:35:30 GMT
server: nginx
etag: "6409e0a2-1093e"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 67902
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 1678368121_9bd00d0f641aa87e45a9b02726ccf584.jpeg
showdream.org/uploads/posts/2023-03/medium/ 159 KB
160 KB 79ms
71ms Image
image/jpeg 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/uploads/posts/2023-03/medium/1678368121_9bd00d0f641aa87e45a9b02726ccf584.jpeg
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: f40d3c141e4a8113c2776b8bf925b29bf0daf540bb0dbb7ea28a717dd4a8cf55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Thu, 09 Mar 2023 13:21:09 GMT
server: nginx
etag: "6409dd45-27cb9"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 163001
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 1678367681_9e63e29-5.jpg
showdream.org/uploads/posts/2023-03/medium/ 98 KB
98 KB 80ms
71ms Image
image/jpeg 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/uploads/posts/2023-03/medium/1678367681_9e63e29-5.jpg
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: 2181bde0d0ed400534486395bcc401c374656f09dab4fe16b2e3531ac896a6d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Thu, 09 Mar 2023 13:13:09 GMT
server: nginx
etag: "6409db65-18675"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 99957
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 banner_728x90.jpg
showdream.org/templates/Freestyle/images/ 89 KB
89 KB 80ms
72ms Image
image/jpeg 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/templates/Freestyle/images/banner_728x90.jpg
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: a42ec0e5c749102a8f66568ffa8846cc0c4af899195489b2753d80776a53e84c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Wed, 02 Mar 2022 07:40:10 GMT
server: nginx
etag: "621f1f5a-16309"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 90889
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 1678370030_golubtsy-z-kvashenou-kapystou-ta-rebramy_sitewebukr-img-1000x600.jpg
showdream.org/uploads/posts/2023-03/medium/ 176 KB
176 KB 80ms
72ms Image
image/jpeg 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/uploads/posts/2023-03/medium/1678370030_golubtsy-z-kvashenou-kapystou-ta-rebramy_sitewebukr-img-1000x600.jpg
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: 40dad8b56608c7e91a10a599a7b22a954339ed9dd4a9195741757fca634a9daa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Thu, 09 Mar 2023 13:53:17 GMT
server: nginx
etag: "6409e4cd-2bed0"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 179920
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 1678369619_screenshot_1.jpg
showdream.org/uploads/posts/2023-03/medium/ 52 KB
52 KB 81ms
73ms Image
image/jpeg 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/uploads/posts/2023-03/medium/1678369619_screenshot_1.jpg
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: 8edab311c99898f1718491231cd0000c52dbdd92b1b80a6baa5b4a4130babf75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Thu, 09 Mar 2023 13:46:25 GMT
server: nginx
etag: "6409e331-d002"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 53250
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 1678365820_sup-z-frikadelkami-abo-italiyskiy-vesilniy-sup_siteweb-kopiya.jpg
showdream.org/uploads/posts/2023-03/medium/ 122 KB
122 KB 81ms
73ms Image
image/jpeg 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/uploads/posts/2023-03/medium/1678365820_sup-z-frikadelkami-abo-italiyskiy-vesilniy-sup_siteweb-kopiya.jpg
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: a0c416e5579262673c946bc41fc39df46b36e90642b9bc2f09ac18edac22b65c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Thu, 09 Mar 2023 12:42:40 GMT
server: nginx
etag: "6409d440-1e736"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 124726
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 1678364457_bograch_sitewebukr.jpg
showdream.org/uploads/posts/2023-03/medium/ 146 KB
147 KB 81ms
74ms Image
image/jpeg 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/uploads/posts/2023-03/medium/1678364457_bograch_sitewebukr.jpg
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: 708580a8c7f8267e45b116ee0ef38a07770928701c5876c14627a7505bca16e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Thu, 09 Mar 2023 12:20:48 GMT
server: nginx
etag: "6409cf20-248f6"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 149750
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 1678363506_barenchyk_sitewebukr-1000x600.jpg
showdream.org/uploads/posts/2023-03/medium/ 114 KB
114 KB 82ms
74ms Image
image/jpeg 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/uploads/posts/2023-03/medium/1678363506_barenchyk_sitewebukr-1000x600.jpg
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: a8dc672ce8df944431ffd007323a891816e279b61863f8157076d3565463992a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Thu, 09 Mar 2023 12:03:26 GMT
server: nginx
etag: "6409cb0e-1c69f"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 116383
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 1678261801_kartoplyan-zrazi-z-yaycem.jpg
showdream.org/uploads/posts/2023-03/ 90 KB
90 KB 82ms
74ms Image
image/jpeg 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/uploads/posts/2023-03/1678261801_kartoplyan-zrazi-z-yaycem.jpg
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: f3fed9bb3bbd71930a3b962ae437b38150f5eb771983282a61bda84b44d053f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Wed, 08 Mar 2023 07:49:16 GMT
server: nginx
etag: "64083dfc-16883"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 92291
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 1678265004_screenshot_2.jpg
showdream.org/uploads/posts/2023-03/medium/ 105 KB
105 KB 82ms
75ms Image
image/jpeg 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/uploads/posts/2023-03/medium/1678265004_screenshot_2.jpg
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: 8da569a24b06c64a9903d50ffc8f11b452dc57f35df3abc4b04207fdab8d516d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Wed, 08 Mar 2023 08:42:23 GMT
server: nginx
etag: "64084a6f-1a41c"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 107548
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 1678264372_screenshot_1.jpg
showdream.org/uploads/posts/2023-03/medium/ 51 KB
51 KB 82ms
75ms Image
image/jpeg 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/uploads/posts/2023-03/medium/1678264372_screenshot_1.jpg
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: 888fb427bd087d60ad91635c1de8c83debb566c0a37dc64460e6359d5d4d6cfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Wed, 08 Mar 2023 08:32:16 GMT
server: nginx
etag: "64084810-cb2f"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 52015
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 1678257571_screenshot_1.jpg
showdream.org/uploads/posts/2023-03/medium/ 106 KB
106 KB 82ms
75ms Image
image/jpeg 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/uploads/posts/2023-03/medium/1678257571_screenshot_1.jpg
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: 1584393a95874e40c5c6ef28c4a98d25727033d4f0087db2955906d973411f99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Wed, 08 Mar 2023 06:38:47 GMT
server: nginx
etag: "64082d77-1a683"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 108163
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 1678256254_solyanka-z-grybamy_sitewebukr-img-1004x600.jpg
showdream.org/uploads/posts/2023-03/medium/ 154 KB
154 KB 82ms
76ms Image
image/jpeg 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/uploads/posts/2023-03/medium/1678256254_solyanka-z-grybamy_sitewebukr-img-1004x600.jpg
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: be1372e3426a60d187f932233c686b1b1e5b940b614a82d8c666ed2a7e486b68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Wed, 08 Mar 2023 06:16:06 GMT
server: nginx
etag: "64082826-26616"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 157206
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 fb_group.png
showdream.org/templates/Freestyle/images/ 59 KB
59 KB 82ms
76ms Image
image/png 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/templates/Freestyle/images/fb_group.png
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: 679be6469abfd055f5881af5a1284bf1422701440d7e614d18b2d62a88bc5dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Wed, 02 Mar 2022 07:40:09 GMT
server: nginx
etag: "621f1f59-ea24"
content-type: image/png
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 59940
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 mobilyslider.js Show response
showdream.org/templates/Freestyle/js/ 4 KB
2 KB 35ms
35ms Script
application/javascript 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://showdream.org/templates/Freestyle/js/mobilyslider.js
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: d9d33b7e51f8cfa4d050016f3022d22a5be259e7bf25f1c9a648a429bd18fe46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 07:40:12 GMT
server: nginx
etag: W/"621f1f5c-11e4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=950400, public, must-revalidate, proxy-revalidate
expires: Tue, 21 Mar 2023 08:43:23 GMT

GET
H2 200 libs.js Show response
showdream.org/templates/Freestyle/js/ 3 KB
1 KB 35ms
35ms Script
application/javascript 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://showdream.org/templates/Freestyle/js/libs.js
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: 03ac33d450c2a330a7dff7d63438023d0b4f3c80c1f1e77d8c9b192c3c46a2c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 07:40:12 GMT
server: nginx
etag: W/"621f1f5c-ba5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=950400, public, must-revalidate, proxy-revalidate
expires: Tue, 21 Mar 2023 08:43:23 GMT

GET
H2 200 jquery.backstretch.min.js Show response
showdream.org/templates/Freestyle/js/ 4 KB
2 KB 44ms
44ms Script
application/javascript 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://showdream.org/templates/Freestyle/js/jquery.backstretch.min.js
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: 579d9d9773858e863e7d802489f84b27b7f557b99900a3c6090a16ce8431ac45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 07:40:12 GMT
server: nginx
etag: W/"621f1f5c-1089"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=950400, public, must-revalidate, proxy-revalidate
expires: Tue, 21 Mar 2023 08:43:23 GMT

GET
H2 200 social-likes.min.js Show response
showdream.org/templates/Freestyle/js/ 9 KB
4 KB 41ms
32ms Script
application/javascript 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://showdream.org/templates/Freestyle/js/social-likes.min.js
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: c37475a7a4f31878c57750adb6ab9ec24bb9a38249f18138ffb39136af5b6910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 07:40:13 GMT
server: nginx
etag: W/"621f1f5d-24f9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=950400, public, must-revalidate, proxy-revalidate
expires: Tue, 21 Mar 2023 08:43:23 GMT

GET css
fonts.googleapis.com/ 0
0

GET
H2 200 head_brush.png
showdream.org/templates/Freestyle/images/ 2 KB
2 KB 122ms
121ms Image
image/png 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/templates/Freestyle/images/head_brush.png
Requested by: Host: showdream.org
URL: https://showdream.org/templates/Freestyle/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: 27cbc622e66f9f919cf1b08bb2c708a309414fc67a679c86773a29dfbf3ed86b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/templates/Freestyle/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Wed, 02 Mar 2022 07:40:09 GMT
server: nginx
etag: "621f1f59-7aa"
content-type: image/png
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 1962
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 logo.png
showdream.org/templates/Freestyle/images/ 22 KB
23 KB 122ms
121ms Image
image/png 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/templates/Freestyle/images/logo.png
Requested by: Host: showdream.org
URL: https://showdream.org/templates/Freestyle/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: 35675bfca1d347d42655715d07a6b61158bf47624e44186964c430ba12296606

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/templates/Freestyle/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Wed, 02 Mar 2022 07:40:10 GMT
server: nginx
etag: "621f1f5a-5978"
content-type: image/png
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 22904
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 login.png
showdream.org/templates/Freestyle/images/ 4 KB
4 KB 124ms
124ms Image
image/png 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/templates/Freestyle/images/login.png
Requested by: Host: showdream.org
URL: https://showdream.org/templates/Freestyle/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: 72c2816f30885d5d1b5f3f122c57f9b19202addecc9bdbd95a7142872543c109

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/templates/Freestyle/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Wed, 02 Mar 2022 07:40:10 GMT
server: nginx
etag: "621f1f5a-1041"
content-type: image/png
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 4161
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 icons.png
showdream.org/templates/Freestyle/images/ 6 KB
6 KB 124ms
123ms Image
image/png 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/templates/Freestyle/images/icons.png
Requested by: Host: showdream.org
URL: https://showdream.org/templates/Freestyle/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: 60ff38edd44be2c5efdac343e045aa05d3692f92e2ec65e6ef6e16249642c502

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/templates/Freestyle/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Wed, 02 Mar 2022 07:40:09 GMT
server: nginx
etag: "621f1f59-176f"
content-type: image/png
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 5999
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 0ybgGDoxxrvAnPhYGzMlQLzuMasz6Df2MHGeGmmcIbA.woff2
fonts.gstatic.com/s/vollkorn/v21/ 14 KB
14 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/vollkorn/v21/0ybgGDoxxrvAnPhYGzMlQLzuMasz6Df2MHGeGmmcIbA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Vollkorn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d05cd1f2823eeff6349da10bbbb7b6da3ea56dedde5dfd8a0f7ca12c50c710da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://showdream.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:18:13 GMT
x-content-type-options: nosniff
age: 48310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14224
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 18:39:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 19:18:13 GMT

GET
H2 200 0ybgGDoxxrvAnPhYGzMlQLzuMasz6Df2MHGeHmmc.woff2
fonts.gstatic.com/s/vollkorn/v21/ 22 KB
22 KB 26ms
9ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/vollkorn/v21/0ybgGDoxxrvAnPhYGzMlQLzuMasz6Df2MHGeHmmc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Vollkorn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c03f89a4bb5ef2d874f5befdc386a59b0a25309e231979c51e06bd4fcece3fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://showdream.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:30:22 GMT
x-content-type-options: nosniff
age: 198781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22868
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 18:27:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 01:30:22 GMT

GET
H2 200 main.js Show response
go.rcvlink.com/static/ Frame D9EA 6 KB
3 KB 72ms
10ms Script
application/javascript 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/static/main.js
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: eb1c5e9e76ae38cd4e3bea5aea2200d12ebe71149eb964b183c5abbb30c3d647

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
content-encoding: gzip
last-modified: Sun, 05 Mar 2023 07:50:00 GMT
server: nginx
etag: W/"640449a8-1909"
content-type: application/javascript
cache-control: max-age=86400
expires: Sat, 11 Mar 2023 08:43:23 GMT

GET
H2 410 jsunit
a4p.adpartner.pro/ 0
0 107ms
28ms Script
application/javascript 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/jsunit?id=2422&ref=&0.9466019472920904
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
server: nginx
content-length: 19
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
ua.redtram.com/j/41262/ 22 KB
6 KB 65ms
12ms Script
application/javascript 159.69.174.226
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.redtram.com/j/41262/?v=1

Requested by

Host: showdream.org
URL: https://showdream.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.69.174.226 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.226.174.69.159.clients.your-server.de

Software

nginx/1.18.0 /

Resource Hash

79f788b0f0397c273433048771a9ea793f12276ca69861e0c54972888ecf7a73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 08 Feb 2023 14:45:03 GMT
server: nginx/1.18.0
etag: W/"63e3b56f-59a9"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
expires: Sat, 11 Mar 2023 08:43:23 GMT

GET
H2 404 play_icon_small.png
showdream.org/templates/Freestyle/images/ 196 B
196 B 120ms
119ms Image
text/html 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://showdream.org/templates/Freestyle/images/play_icon_small.png

Requested by

Host: showdream.org
URL: https://showdream.org/templates/Freestyle/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),

Reverse DNS

vs664.mirohost.net

Software

nginx /

Resource Hash

80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Security Headers

Name	Value
Strict-Transport-Security	max-age=300;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/templates/Freestyle/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
strict-transport-security: max-age=300;
server: nginx
content-length: 196
content-type: text/html; charset=iso-8859-1

GET
H2 200 foot_brush.png
showdream.org/templates/Freestyle/images/ 32 KB
32 KB 191ms
190ms Image
image/png 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/templates/Freestyle/images/foot_brush.png
Requested by: Host: showdream.org
URL: https://showdream.org/templates/Freestyle/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: 7eabeb9d9678cddc9aab394df33b224bb0959a9301ab6ff41340d496241e2257

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/templates/Freestyle/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Wed, 02 Mar 2022 07:40:09 GMT
server: nginx
etag: "621f1f59-80e9"
content-type: image/png
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 33001
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 branding Show response
a4p.adpartner.pro/ 11 KB
3 KB 61ms
27ms Script
text/html 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/branding?id=3671&0.8268388769920201
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: d99dd45e1f7290cf7232d0bbae5d63bfc9fe28ee0f0c9adf0be7a5b491cab987

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
cache-control: no-store no-transform
content-encoding: br
server: nginx
content-type: text/html; charset=utf-8

GET
H2 200 pubads_impl_2023030601.js Show response
securepubads.g.doubleclick.net/gpt/ 393 KB
133 KB 58ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072916

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

835c46f680eda60ae7a5ebe49e9a7c9187e98bdb7f859226cdee3a03f178c8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48061
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135664
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 09:35:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 08 Mar 2024 19:22:22 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 70 B
600 B 90ms
41ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=showdream.org

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4517b85e15c8ced416975696710df85216a3bf009e543304f9ab3d4d62cf10a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58
x-xss-protection: 0
expires: Fri, 10 Mar 2023 08:43:23 GMT

GET
H2 200 sl_arrows.png
showdream.org/templates/Freestyle/images/ 3 KB
3 KB 131ms
130ms Image
image/png 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/templates/Freestyle/images/sl_arrows.png
Requested by: Host: showdream.org
URL: https://showdream.org/templates/Freestyle/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: cf8ae9e6fd43a036f0093a392034316bfb58e8e1d4c0930035726146b9fdb99a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/templates/Freestyle/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Wed, 02 Mar 2022 07:40:11 GMT
server: nginx
etag: "621f1f5b-bbd"
content-type: image/png
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 3005
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 adduser.png
showdream.org/templates/Freestyle/images/ 3 KB
3 KB 128ms
127ms Image
image/png 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/templates/Freestyle/images/adduser.png
Requested by: Host: showdream.org
URL: https://showdream.org/templates/Freestyle/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: bf0b9470f2e43fee2a6ec7add70df6983837101279d25efde83e2f1558660f72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/templates/Freestyle/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Wed, 02 Mar 2022 07:40:08 GMT
server: nginx
etag: "621f1f58-bca"
content-type: image/png
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 3018
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 lock.png
showdream.org/templates/Freestyle/images/ 3 KB
3 KB 128ms
128ms Image
image/png 77.87.193.121
MIROHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://showdream.org/templates/Freestyle/images/lock.png
Requested by: Host: showdream.org
URL: https://showdream.org/templates/Freestyle/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.87.193.121 , Ukraine, ASN25393 (MIROHOST, UA),
Reverse DNS: vs664.mirohost.net
Software: nginx /
Resource Hash: a5f15a045d8aa4e016843d37e3ce72220e3f3f293d5f4fc4163938a41b2cbb2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/templates/Freestyle/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Wed, 02 Mar 2022 07:40:10 GMT
server: nginx
etag: "621f1f5a-b85"
content-type: image/png
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 2949
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 35ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-123084842-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Mar 2023 07:19:39 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5024
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 10 Mar 2023 09:19:39 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ 360 KB
119 KB 71ms
69ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3687089522093229&plah=showdream.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff5b0b23671a6e64095fcb3f0ddf56a672af3cd2c8fc51a01a73e3d567c61ba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121459
x-xss-protection: 0
server: cafe
etag: 1481874106378558089
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 08:43:23 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230308/r20190131/ Frame 1379 10 KB
5 KB 31ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230308/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://showdream.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35797
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 22:46:46 GMT
etag: 2378337311435320485
expires: Thu, 23 Mar 2023 22:46:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fp.min.js Show response
fixidle.com/js/ 16 KB
6 KB 123ms
12ms Script
application/javascript 159.69.174.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fixidle.com/js/fp.min.js
Requested by: Host: ua.redtram.com
URL: https://ua.redtram.com/j/41262/?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.229 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 53afed2c670325e37bded1469dd92bfa27b25c647f880d3f9a4a821bbff2c62b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
content-encoding: gzip
server: nginx/1.18.0
content-type: application/javascript

GET
H2 200 branding.min.js Show response
a4p.adpartner.pro/apstc/ 13 KB
3 KB 26ms
26ms Script
application/javascript 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.439
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=3671&0.8268388769920201
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
cache-control: no-store no-transform
content-encoding: br
last-modified: Tue, 14 Feb 2023 09:38:34 GMT
server: nginx
etag: W/"63eb569a-35bf"
content-type: application/javascript

GET
H2 204 tt
a4p.adpartner.pro/ Frame 25DD 0
0 136ms
135ms Document
text/plain 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=df9ce17d-0ef9-4743-b295-98fcedd2b13e&site_visited=1&location=https%3A%2F%2Fshowdream.org%2F&referer=
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=3671&0.8268388769920201
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash

Request headers

Referer: https://showdream.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store no-transform
date: Fri, 10 Mar 2023 08:43:23 GMT
server: nginx

GET
H2 200 ls Show response
a4p.adpartner.pro/branding/ Frame FF77 5 KB
2 KB 27ms
26ms Document
text/html 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/branding/ls?branding=3671&bannerNum=65223319401039336&apuid=cfd692e1-a233-4a5e-a6dc-f369289e7eed&session_pageview=1&session_id=df9ce17d-0ef9-4743-b295-98fcedd2b13e&site_visited=1&location=https%3A%2F%2Fshowdream.org%2F
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=3671&0.8268388769920201
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 8048de511d7e44a2720e70ccdc950c86eeec12a7115befbbda4c763d1f103d1b

Request headers

Referer: https://showdream.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store no-transform
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 10 Mar 2023 08:43:23 GMT
server: nginx

GET
H2 200 1 Show response
go.rcvlink.com/cs/1/ Frame D9EA 34 B
237 B 14ms
13ms Script
text/javascript 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/cs/1/1
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 039c6e503ff45554769eacdfb99f38bcddfcec2f54edf55374cacc7944ed4289

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
hn: b15
cache-control: private, max-age=315360000
expires: Mon, 07 Mar 2033 10:43:23 +0200

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 42ms
16ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=showdream.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072916

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 37ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=showdream.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072916

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 101 KB
29 KB 346ms
345ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2555783015235800&correlator=1661232925240563&eid=31072019%2C31072854%2C31072878%2C31072887%2C31072916&output=ldjh&gdfp_req=1&vrg=2023030601&ptt=17&impl=fifs&iu_parts=43356090%2CShowdream.org_240x400&enc_prev_ius=%2F0%2F1&prev_iu_szs=240x400&ifi=3&adks=1840953263&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1678437803647&lmt=1678437803&dlt=1678437803159&idt=452&adxs=1110&adys=185&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fshowdream.org%2F&frm=20&vis=1&psz=280x410&msz=240x-1&fws=0&ohw=0&ga_vid=1981130495.1678437804&ga_sid=1678437804&ga_hid=2100610580&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072916

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7660cb0be97963f7f07af568e1f8cfd6e1d5face6fcc075779785a19f12b379

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29102
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://showdream.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2416 6 KB
3 KB 85ms
14ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072916

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://showdream.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 08:43:23 GMT
expires: Sat, 09 Mar 2024 08:43:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 15ms
15ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2100610580&t=pageview&_s=1&dl=https%3A%2F%2Fshowdream.org%2F&ul=en-us&de=UTF-8&dt=%D0%97%D0%B2%D0%B5%D0%B7%D0%B4%D1%8B%2C%20%D1%81%D1%82%D0%B8%D0%BB%D1%8C%20%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1974319020&gjid=1807498113&cid=1981130495.1678437804&tid=UA-123084842-1&_gid=1516006168.1678437804&_r=1&gtm=457e3360&z=49432475

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://showdream.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 08:43:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://showdream.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame FF77 49 KB
20 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=3671&bannerNum=65223319401039336&apuid=cfd692e1-a233-4a5e-a6dc-f369289e7eed&session_pageview=1&session_id=df9ce17d-0ef9-4743-b295-98fcedd2b13e&site_visited=1&location=https%3A%2F%2Fshowdream.org%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a4p.adpartner.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Mar 2023 07:19:39 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5024
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 10 Mar 2023 09:19:39 GMT

POST
H2 410 branding Show response
a4p.adpartner.pro/ Frame FF77 19 B
120 B 27ms
27ms XHR
text/plain 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://a4p.adpartner.pro/branding?id=3671&session_id=df9ce17d-0ef9-4743-b295-98fcedd2b13e&session_pageview=1&site_visited=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.83.220.94 , France, ASN16276 (OVH, FR),

Reverse DNS

app-ngx-pl-03.adpartner.pro

Software

nginx /

Resource Hash

c6976f4c1b7a4098a795f0a9eb2087aa2f658748131b6bc8c29465cdcd7c02c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://a4p.adpartner.pro/branding/ls?branding=3671&bannerNum=65223319401039336&apuid=cfd692e1-a233-4a5e-a6dc-f369289e7eed&session_pageview=1&session_id=df9ce17d-0ef9-4743-b295-98fcedd2b13e&site_visited=1&location=https%3A%2F%2Fshowdream.org%2F
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: text/plain

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
x-content-type-options: nosniff
server: nginx
content-length: 19
content-type: text/plain; charset=utf-8

GET
H2 200 iframe.htm Show response
go.rcvlink.com/static/ Frame 71DE 19 KB
9 KB 12ms
10ms Document
text/html 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/static/iframe.htm
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 414d5b10339a2111db5766b8bc03b2f9b2c41499e9d44116c58855de517bbedc

Request headers

Referer: https://showdream.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Fri, 10 Mar 2023 08:43:23 GMT
etag: W/"640449a8-4cf9"
expires: Sat, 11 Mar 2023 08:43:23 GMT
last-modified: Sun, 05 Mar 2023 07:50:00 GMT
server: nginx

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
344 B 63ms
21ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-123084842-1&cid=1981130495.1678437804&jid=1974319020&gjid=1807498113&_gid=1516006168.1678437804&_u=YAhAAUAAAAAAACAAI~&z=939446867

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://showdream.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 10 Mar 2023 08:43:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://showdream.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collector.js Show response
fixidle.com/js/ 9 KB
2 KB 11ms
11ms Script
application/javascript 159.69.174.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fixidle.com/js/collector.js?rtuid=8e18d3057377ef84848ffb0b0c4e727c&code=news&v=1678437803790
Requested by: Host: ua.redtram.com
URL: https://ua.redtram.com/j/41262/?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.229 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e1e8d696ba74e8a23805b14729660fd985964adeb213071216b2d467ce572f4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
content-encoding: gzip
server: nginx/1.18.0
content-type: application/javascript

GET
H2 200 13393.gif
ua.redtram.com/px/ 43 B
287 B 11ms
11ms Image
image/gif 159.69.174.226
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ua.redtram.com/px/13393.gif?referrer=https%3A%2F%2Fshowdream.org%2F&ref2=&rtuid=8e18d3057377ef84848ffb0b0c4e727c&v=1678437803791

Requested by

Host: showdream.org
URL: https://showdream.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.69.174.226 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.226.174.69.159.clients.your-server.de

Software

nginx/1.18.0 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 08:43:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.18.0
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 25 Apr 1986 22:23:46 GMT

GET
H2 200 logo_text.svg
img.redtram.com/redtram/ 4 KB
4 KB 22ms
11ms Image
image/svg+xml 159.69.174.226
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.redtram.com/redtram/logo_text.svg
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.226 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.226.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 9ce61b5124c26ecd33fa1bb71f1b506610e41fbcd9f15b321af4706c6ddd42ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Wed, 16 Dec 2020 10:35:46 GMT
server: nginx/1.18.0
etag: "5fd9e302-e36"
content-type: image/svg+xml
cache-control: max-age=2592000, private
accept-ranges: bytes
content-length: 3638
expires: Sun, 09 Apr 2023 08:43:23 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
605 B 62ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=showdream.org&callback=_gfp_s_&client=ca-pub-3687089522093229

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3687089522093229&plah=showdream.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7ed03676a878f0c034d9b46100a90515d810805f3d31d6aee4be53f2c138dfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 19ms
17ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=showdream.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 19ms
18ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=showdream.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
39ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: showdream.org
URL: https://showdream.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 08:43:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: showdream.org
URL: https://showdream.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 08:43:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 960D 0
179 B 75ms
74ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3687089522093229&output=html&adk=1812271804&adf=1573534164&lmt=1678437803&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fshowdream.org%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678437803531&bpp=5&bdt=372&idt=271&shv=r20230308&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7261039949032&frm=20&pv=2&ga_vid=1981130495.1678437804&ga_sid=1678437804&ga_hid=2100610580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777876%2C44759927%2C44759876%2C31071870%2C31071260&oid=2&pvsid=2555783015235800&tmod=1394523612&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=297

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://showdream.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 08:43:23 GMT
expires: Fri, 10 Mar 2023 08:43:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DD5B 436 B
236 B 257ms
257ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3687089522093229&output=html&h=400&slotname=7158806150&adk=383544240&adf=2894711699&pi=t.ma~as.7158806150&w=240&lmt=1678437803&format=240x400&url=https%3A%2F%2Fshowdream.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678437803536&bpp=1&bdt=377&idt=304&shv=r20230308&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7261039949032&frm=20&pv=1&ga_vid=1981130495.1678437804&ga_sid=1678437804&ga_hid=2100610580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=1045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777876%2C44759927%2C44759876%2C31071870%2C31071260&oid=2&pvsid=2555783015235800&tmod=1394523612&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=n1K4LlkRHZ&p=https%3A//showdream.org&dtd=313

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fe137a0992a92cb261288b418e788cb7392fe99201becc9888c4c3f84d0628e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://showdream.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 08:43:24 GMT
expires: Fri, 10 Mar 2023 08:43:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
ua.redtram.com/i/ 8 KB
3 KB 23ms
22ms Script
application/x-javascript 159.69.174.226
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.redtram.com/i/?i=41262&ver=2&srv=76&f=3&idn=oadt&ref2=&rtuid=8e18d3057377ef84848ffb0b0c4e727c&wl=https%3A%2F%2Fshowdream.org%2F

Requested by

Host: ua.redtram.com
URL: https://ua.redtram.com/j/41262/?v=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.69.174.226 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.226.174.69.159.clients.your-server.de

Software

nginx/1.18.0 /

Resource Hash

33dd1289403dce2e4641af5a0a1fcf04e818c18c3823b828578bb92595c08b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 08:43:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx/1.18.0
content-type: application/x-javascript; charset=UTF-8
x-upstream: 10.1.4.74:7403
cache-control: no-cache, must-revalidate
expires: Mon, 25 Apr 1986 22:23:46 GMT

POST
H2 200 / Show response
fixidle.com/ 61 B
153 B 86ms
57ms XHR
application/json 159.69.174.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fixidle.com/?v=16784378038690.35774386140310654
Requested by: Host: fixidle.com
URL: https://fixidle.com/js/collector.js?rtuid=8e18d3057377ef84848ffb0b0c4e727c&code=news&v=1678437803790
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.229 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e35b5a38bfe4ad943e0b2930cbbe02bf8666f31637d90b4fe2f13783833bf347

Request headers

Referer: https://showdream.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 10 Mar 2023 08:43:23 GMT
server: nginx/1.18.0
content-type: application/json;

GET
H2 200 / Show response
go.rcvlink.com/bdto/bkPb3qv5mL/ Frame 71DE 4 KB
2 KB 17ms
17ms XHR
application/json 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/bdto/bkPb3qv5mL/?cache=tp_Z49LYvmb-2hA&ver=230305-0950&w=280&h=0&vw=1600&ms=567.14&me=0&ref=https%3A%2F%2Fshowdream.org%2F
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/iframe.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 8d6156ec79c43f29ecf544bf9eb4ef9f80e956c754ec7ff4cb6bb8f257e5275e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/static/iframe.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 08:43:23 GMT
content-encoding: gzip
last-modified: Fri, 10 Mar 2023 08:43:23 GMT
server: nginx
p3p: CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
content-type: application/json
hn: b19
cache-control: no-cache, no-store, no-transform, must-revalidate
access-control-allow-origin: *
expires: Fri, 10 Mar 2023 10:43:23 +0200

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4fa0a4b4b34a13abefc36d1dc8305ceb
st11.rcvlink.com/2/304/ Frame 71DE 16 KB
16 KB 17ms
10ms Image
image/webp 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st11.rcvlink.com/2/304/4fa0a4b4b34a13abefc36d1dc8305ceb
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 66af5d85560f25b8857229580d11c023509c32793df28162eca34790f007ea48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Fri, 03 Jun 2022 09:50:28 GMT
server: nginx
etag: "6299d964-1bf89"
content-type: image/webp
access-control-allow-origin: *, *
cache-control: max-age=7776000
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 16508
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 23ab73b5404b62449e662fa5be6d9182
st11.rcvlink.com/2/304/ Frame 71DE 10 KB
10 KB 22ms
15ms Image
image/webp 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st11.rcvlink.com/2/304/23ab73b5404b62449e662fa5be6d9182
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 571861bffcbb11702a9a254709f0adb704c56b645d070d20760a62e2173dd678

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Wed, 10 Aug 2022 11:20:01 GMT
server: nginx
etag: "62f39461-11e0d"
content-type: image/webp
access-control-allow-origin: *, *
cache-control: max-age=7776000
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 9834
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 e8973919ddece9d7f0496f80e91a5f54
st11.rcvlink.com/2/304/ Frame 71DE 16 KB
16 KB 27ms
21ms Image
image/webp 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st11.rcvlink.com/2/304/e8973919ddece9d7f0496f80e91a5f54
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 182dbc6c626c936352a67024be598d5d4811fa763bcec32045a9dfc030d6b627

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Thu, 05 Jan 2023 09:10:52 GMT
server: nginx
etag: "63b6941c-2abe2"
content-type: image/webp
access-control-allow-origin: *, *
cache-control: max-age=7776000
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 16346
expires: Thu, 08 Jun 2023 08:43:23 GMT

GET
H2 200 logo160.png
go.rcvlink.com/img/ Frame 71DE 6 KB
6 KB 10ms
10ms Image
image/png 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.rcvlink.com/img/logo160.png
Requested by: Host: showdream.org
URL: https://showdream.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/static/iframe.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:23 GMT
last-modified: Mon, 21 Jan 2019 15:07:51 GMT
server: nginx
etag: "5c45e047-1869"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 6249
expires: Fri, 17 Mar 2023 08:43:23 GMT

GET
H2 200 613396153.jpg
ua.redtram.com/img300/ 7 KB
8 KB 12ms
11ms Image
image/jpeg 159.69.174.226
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ua.redtram.com/img300/613396153.jpg?v=0

Requested by

Host: showdream.org
URL: https://showdream.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.69.174.226 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.226.174.69.159.clients.your-server.de

Software

nginx/1.18.0 /

Resource Hash

9a2bc5f13aa1bf843fb18398d67e0d1347468d0b7073a2e2201083e7d9fc7b95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-server-rt: img03
date: Fri, 10 Mar 2023 08:43:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Sat, 25 Feb 2023 15:27:03 GMT
server: nginx/1.18.0
etag: "63fa28c7-1d49"
x-cache-status: HIT
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, private
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 7497
expires: Fri, 17 Mar 2023 08:43:23 GMT

GET
H2 200 613486658.jpg
ua.redtram.com/img300/ 10 KB
11 KB 22ms
21ms Image
image/jpeg 159.69.174.226
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ua.redtram.com/img300/613486658.jpg?v=0

Requested by

Host: showdream.org
URL: https://showdream.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.69.174.226 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.226.174.69.159.clients.your-server.de

Software

nginx/1.18.0 /

Resource Hash

6f6d67ba0e38ce82d634e5088f351d1cee69a655bcbf55294a3e540db4f0aab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-server-rt: img03
date: Fri, 10 Mar 2023 08:43:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Fri, 10 Mar 2023 08:39:01 GMT
server: nginx/1.18.0
etag: "640aeca5-2915"
x-cache-status: HIT
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, private
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 10517
expires: Fri, 17 Mar 2023 08:43:23 GMT

GET
H2 200 613440320.jpg
ua.redtram.com/img300/ 16 KB
16 KB 22ms
22ms Image
image/jpeg 159.69.174.226
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ua.redtram.com/img300/613440320.jpg?v=1677851805

Requested by

Host: showdream.org
URL: https://showdream.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.69.174.226 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.226.174.69.159.clients.your-server.de

Software

nginx/1.18.0 /

Resource Hash

089b822bd2dfdb4a9cf6dd25f8bdaab372a984d1ac0b84b692496a907edf8822

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-server-rt: img03
date: Fri, 10 Mar 2023 08:43:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Fri, 03 Mar 2023 13:56:45 GMT
server: nginx/1.18.0
etag: "6401fc9d-3f2b"
x-cache-status: HIT
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, private
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 16171
expires: Fri, 17 Mar 2023 08:43:23 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 45ms
15ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072916

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-9c21"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Mar 2023 08:43:24 GMT

GET
H2 200 container.html Show response
b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DD12 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072916

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://showdream.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 08:43:23 GMT
expires: Sat, 09 Mar 2024 08:43:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 89d7ca8249da9b1fce758df22cf4efd3.js Show response
www.gstatic.com/mysidia/ Frame DD12 10 KB
5 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/89d7ca8249da9b1fce758df22cf4efd3.js?tag=client_fast_engine_2019

Requested by

Host: b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com
URL: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2500cea629c6bbfc4ab85693f21ac707f0a92d02f32781a2bea98f7065e4fbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 08:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4405
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 08:28:18 GMT

GET
H2 200 d75240fb8529c2aa117b8bfc086252e7.js Show response
www.gstatic.com/mysidia/ Frame DD12 135 KB
50 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d75240fb8529c2aa117b8bfc086252e7.js?tag=video_mra/web_raspberry_ms

Requested by

Host: b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com
URL: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af03659637be1c1928195d6e5a784317d067b5f107e61fbc56ecfa55e8e15b4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 09:44:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51218
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 20:31:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 09:44:28 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DD12 8 KB
991 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com
URL: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 08:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 08:00:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 08:43:24 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ Frame DD12 110 KB
32 KB 52ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com
URL: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35f40a61c72095405fd83a90437875d48eb5d4148622d95064157adf8021068a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 10 Mar 2023 08:43:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32018
x-xss-protection: 0
server: sffe
etag: "bea55ffaa7714b6a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 10 Mar 2023 08:43:24 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame DD12 2 KB
818 B 16ms
10ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com
URL: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54070
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 17:42:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/ Frame DD12 22 KB
9 KB 46ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/abg_lite_fy2021.js

Requested by

Host: b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com
URL: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:39:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 17:39:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame DD12 3 KB
1 KB 17ms
11ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Host: b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com
URL: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54070
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 17:42:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame DD12 20 KB
8 KB 47ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com
URL: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54070
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 17:42:14 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame DD12 34 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com
URL: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 08:24:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 08:24:18 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame DB6C 15 KB
6 KB 55ms
18ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=showdream.org

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://showdream.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 08:43:23 GMT
server: Kestrel
server-processing-duration-in-ticks: 642092
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 rda_video_bg_pattern.png
googleads.g.doubleclick.net/pagead/images/ Frame DD12 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/rda_video_bg_pattern.png

Requested by

Host: b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com
URL: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 23:04:50 GMT
x-content-type-options: nosniff
server: cafe
age: 34714
etag: 9923804599063086578
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2033
x-xss-protection: 0
expires: Fri, 10 Mar 2023 23:04:50 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/7956181494932112989/ Frame DD12 4 KB
4 KB 18ms
14ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7956181494932112989/14763004658117789537?w=100&h=100

Requested by

Host: b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com
URL: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f19d54f4ddc466c0a39b4ec70c7bb7b591ad8a549851bee87dc8ffc64f76a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:38:36 GMT
x-content-type-options: nosniff
age: 115488
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4240
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 16:55:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 08 Mar 2024 00:38:36 GMT

GET
DATA 200
OK truncated
/ Frame DD12 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 csi
csi.gstatic.com/ Frame DD12 0
234 B 993ms
346ms Ping
image/gif 2404:6800:4003:c03::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lf2aj68b&c=1652241065637&slotId=826120532818.5&qqid=CMqyxIj80P0CFTqCgwcdn3QOIw&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d75240fb8529c2aa117b8bfc086252e7.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c03::78 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 08:43:24 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/11141351386691813044/ Frame DD12 42 KB
42 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11141351386691813044/14763004658117789537

Requested by

Host: b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com
URL: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b96819b76509f1e513fab5441f9f4cb2246a57e4fe8cb22ec23b81b8876fd160

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 10:35:13 GMT
x-content-type-options: nosniff
age: 511691
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43020
x-xss-protection: 0
last-modified: Sun, 19 Feb 2023 12:57:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Mar 2024 10:35:13 GMT

GET
H3

206

videoplayback
r1---sn-4g5e6nzs.gvt1.com/ Frame DD12
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=0dc4516a74485ee0&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1678445003&sparams=ip,ipbits,expire,id,...
https://r1---sn-4g5e6nzs.gvt1.com/videoplayback?id=0dc4516a74485ee0&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1678445003&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

670 KB
670 KB

17ms
6ms

Media
video/mp4

2a00:1450:4001:4c::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5e6nzs.gvt1.com/videoplayback?id=0dc4516a74485ee0&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1678445003&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=43882EAE9B263AA65B127FDAC081EDABA6BB421A.0EF27ED4F21B16F82B8B2F10606B3ACF8ADC94C9&key=cms1&cms_redirect=yes&mh=i9&mip=2001:ac8:20:3c00:1012:eae6:3ba1:f962&mm=28&mn=sn-4g5e6nzs&ms=nvh&mt=1678437622&mv=m&mvi=1&pl=50

Requested by

Host: b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com
URL: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:4c::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

4df9b0e2f1e8c4502487f6f3b2facd080c293e58bff38298b3bd6efae7c8f15d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 10 Mar 2023 08:43:24 GMT
x-content-type-options: nosniff
last-modified: Mon, 20 Feb 2023 19:40:12 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-685816/685817
cache-control: private, max-age=6899
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 685817
expires: Fri, 10 Mar 2023 08:43:24 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Mar 2023 08:43:24 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r1---sn-4g5e6nzs.gvt1.com/videoplayback?id=0dc4516a74485ee0&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1678445003&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=43882EAE9B263AA65B127FDAC081EDABA6BB421A.0EF27ED4F21B16F82B8B2F10606B3ACF8ADC94C9&key=cms1&cms_redirect=yes&mh=i9&mip=2001:ac8:20:3c00:1012:eae6:3ba1:f962&mm=28&mn=sn-4g5e6nzs&ms=nvh&mt=1678437622&mv=m&mvi=1&pl=50
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 723
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DD12 0
0 51ms
50ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ClEoVq-0KZIqxKrqEjuwPn-m5mAL2-vGzb9m00NapEcCNtwEQASDizvAoYJXikIKgB6AB-bGvoinIAQngAgCoAwHIAwqqBOABT9CR8LmOnJbG78FPb3tpgcgXnbEIKBBx-gYewzj51J9er7jeyzpp-IIq_3wu_Qpa3eyQtkHzmMwJS_blPhEspLwU_QQIZe_4it9UU-JRXHn4ybg7yexuKZ9XNUijL6UzzPAPrdyot4Eevxna68T9udi7d7Jo2wH_po8P0Nfl3GaCxk6V2LZbYUncVcDNqFX6S7GZFEK9EQz4MsL6MGh8YczIJqPhFo864CzwfpVwhOawimrvCFuZjCyw_KsY1pFUO_auhgjSJD2z3YicXxPhlqGcHbSeyXNWplh2yUQButPABOyM5eKmBOAEAZIFBAgEGAGSBQQIBRgEoAYugAf56f-BBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEPAu0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwG4E5wb2BMM0BUBgBcBshceChwIABIUcHViLTU0NDcwNzExMDEzNjI2MjMYwpoi&sigh=owJWavsL2IM&uach_m=[UACH]&cid=CAQSTADUE5ymxCn5LA1jVZfY7tfRzH98vNJBedY3vgpX0_NLbGYcC_sJn8xgzGdtC65meIW3ozvpsOlVvDDV__38sMKXXF9Gw0Js3WCWe4cYAQ&template_id=3484
Requested by: Host: b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com
URL: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame DD12 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e32c53ae612d3f91643f58428a075fc2e8c1fdbea6272cee33a85ffb00759c5e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sid Show response
mug.criteo.com/ Frame DB6C
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=showdream.org&sn=ChromeSyncframe&so=0&topUrl=showdream.org&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=o5BLG3w4c3RCcWY0VEt6a3QxTTAzMjZsMVBVdytNTTFYT2ROU0xUWkhoNEY0QWZzN21EZ2w2YmJ6NXFPbW1GNGtxL1hUTVNSZHgxbjFWdkZwanFMalc2RVZuVk8yZktld0I2WnljM0QrZFR5alpVdGxpY0pvdVd1VzJadk...

436 B
654 B

528ms
136ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=o5BLG3w4c3RCcWY0VEt6a3QxTTAzMjZsMVBVdytNTTFYT2ROU0xUWkhoNEY0QWZzN21EZ2w2YmJ6NXFPbW1GNGtxL1hUTVNSZHgxbjFWdkZwanFMalc2RVZuVk8yZktld0I2WnljM0QrZFR5alpVdGxpY0pvdVd1VzJadkZnOVljUHRTTjBGV3NoRkhmZFFOelVFb0VWT3pyYzVJRlJwaVRHVWFNKzRnUzVpdmhxUnZzMzF6U0J4ZFAwME5LWlp4Ny9ydXNMd0hmZ3NpME9sSWNQclp3bldob1NpY29SWkg1ZENhM2ZjT2hmVUNnbmtaZ2p4UzhnU3RVVk5tM0htQ1B0Nnh2UExDNFptQlNKTGd6MmZNNkFxaU51cFJJNzd3ZUU3cXIyUHN4RVA2TWJncz18&cppv=2

Requested by

Host: showdream.org
URL: https://showdream.org/

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

10e1a52a3ce8719eba4e61398b8b27049e4a2dd3984fc92dee4346f308ea743e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 08:43:23 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1685508
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 10 Mar 2023 08:43:23 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=o5BLG3w4c3RCcWY0VEt6a3QxTTAzMjZsMVBVdytNTTFYT2ROU0xUWkhoNEY0QWZzN21EZ2w2YmJ6NXFPbW1GNGtxL1hUTVNSZHgxbjFWdkZwanFMalc2RVZuVk8yZktld0I2WnljM0QrZFR5alpVdGxpY0pvdVd1VzJadkZnOVljUHRTTjBGV3NoRkhmZFFOelVFb0VWT3pyYzVJRlJwaVRHVWFNKzRnUzVpdmhxUnZzMzF6U0J4ZFAwME5LWlp4Ny9ydXNMd0hmZ3NpME9sSWNQclp3bldob1NpY29SWkg1ZENhM2ZjT2hmVUNnbmtaZ2p4UzhnU3RVVk5tM0htQ1B0Nnh2UExDNFptQlNKTGd6MmZNNkFxaU51cFJJNzd3ZUU3cXIyUHN4RVA2TWJncz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 732753
content-length: 0
expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
39ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=383544240&adf=2894711699&fmt=240x400&str=false&ad_y=1040&vph=1200&r_nh=0&r_ifr=true&qid=CM3Az4j80P0CFV6CUAYdACcPqg&w=240&h=400&err=1&url=https%3A%2F%2Fshowdream.org%2F&eid=44759837%2C44777876%2C44759927%2C44759876%2C31071870%2C31071260

Requested by

Host: showdream.org
URL: https://showdream.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 08:43:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame DD12 28 KB
28 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 17:05:31 GMT
x-content-type-options: nosniff
age: 142673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 17:05:31 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame DD12 0
54 B 937ms
353ms Ping
image/gif 2404:6800:4003:c03::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lf2aj68o&c=1652241065637&slotId=826120532818.5&qqid=CMqyxIj80P0CFTqCgwcdn3QOIw&umsem=0&ape=1&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F89d7ca8249da9b1fce758df22cf4efd3.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d75240fb8529c2aa117b8bfc086252e7.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c03::78 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 08:43:24 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame DD12 0
54 B 933ms
350ms Ping
image/gif 2404:6800:4003:c03::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lf2aj6af&c=1652241065637&slotId=826120532818.5&qqid=CMqyxIj80P0CFTqCgwcdn3QOIw&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Fd75240fb8529c2aa117b8bfc086252e7.js%253Ftag%253Dvideo_mra%252Fweb_raspberry_ms&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d75240fb8529c2aa117b8bfc086252e7.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c03::78 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 08:43:24 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame DD12 0
54 B 932ms
350ms Ping
image/gif 2404:6800:4003:c03::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lf2aj6ag&c=1652241065637&slotId=826120532818.5&qqid=CMqyxIj80P0CFTqCgwcdn3QOIw&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F887cfa9374a0c130d54aa7fe143e0312.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d75240fb8529c2aa117b8bfc086252e7.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c03::78 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 08:43:24 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame DD12 42 B
64 B 44ms
43ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C_QtMq-0KZIqxKrqEjuwPn-m5mAL2-vGzb9m00NapEcCNtwEQASDizvAoYJXikIKgB6AB-bGvoinIAQngAgCoAwHIAwqqBOMBT9CR8LmOnJbG78FPb3tpgcgXnbEIKBBx-gYewzj51J9er7jeyzpp-IIq_3wu_Qpa3eyQtkHzmMwJS_blPhEspLwU_QQIZe_4it9UU-JRXHn4ybg7yexuKZ9XNUijL6UzzPAPrdyot4Eevxna68T9udi7d7Jo2wH_po8P0Nfl3GaCxk6V2LZbYUncVcDNqFX6S7GZFEK9EQz4MsL6MGh8YczIJqPhFo864CzwfpVwhOawimrvCFuZjCywvqk5RETupZYVGHBBxTggFNy9VY3quLlLgDL-cs_hjHRuBvP4v0BiTbDABOyM5eKmBOAEAaAGLoAH-en_gQSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECxCZ32YQLQKSQIgAoDmAsByAsBgAwBuAwBuBOcG9gTDNAVAfgWAYAXAQ&sigh=glHJBaqPZv4&cid=CAQSTADUE5ymxCn5LA1jVZfY7tfRzH98vNJBedY3vgpX0_NLbGYcC_sJn8xgzGdtC65meIW3ozvpsOlVvDDV__38sMKXXF9Gw0Js3WCWe4c&label=adresume

Requested by

Host: showdream.org
URL: https://showdream.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 08:43:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame DD12 42 B
64 B 45ms
44ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: showdream.org
URL: https://showdream.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 08:43:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame DD12 0
54 B 354ms
353ms Ping
image/gif 2404:6800:4003:c03::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~lf2aj6ag&c=1652241065637&slotId=826120532818.5&qqid=CMqyxIj80P0CFTqCgwcdn3QOIw&dm=15000&event_name=first_play&asset_bytes=104513&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=12&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=3&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.lf2aj6ii
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d75240fb8529c2aa117b8bfc086252e7.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c03::78 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 08:43:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 zr_iMhVdLHjYuy5c8rcJfRKVcH4JJkNsjo0mD0wJqM3qBgGSRYKIGMvvSuM3q35ckA6QOZ_e4HrnywqOl1OdE1z_7CD7EhPfxkwF0qIBUFe16uu2Pz68jcuMVnSzKZVEIVpCuE_r58cuC5DRjMbIZuVrSMho7kqQpihuz3_mhrXJjEzG6bWry6KPntR-RVb6q61vB... Show response
aj1616.online/ 603 B
1 KB 97ms
97ms XHR
application/json 212.124.125.229
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1616.online/zr_iMhVdLHjYuy5c8rcJfRKVcH4JJkNsjo0mD0wJqM3qBgGSRYKIGMvvSuM3q35ckA6QOZ_e4HrnywqOl1OdE1z_7CD7EhPfxkwF0qIBUFe16uu2Pz68jcuMVnSzKZVEIVpCuE_r58cuC5DRjMbIZuVrSMho7kqQpihuz3_mhrXJjEzG6bWry6KPntR-RVb6q61vBJc3PzVvZhVXQQoNY7AilvCX9_gDwJrTCoW5qVdUZ4ngkExCsb9ABL8WRdTMKmu-SylXk_1IxM0VJ_GUvis0F3zEEAPx0PY8RmfhFLSVJPhgM9urJBCGsXYOLymVAoO91HYvDPBR60MtptqjAzsLmASZCtKGInR93ia9cGQGefwgqYO3ZWlvA0AuMyMBtt2npABQOSgC6PwV4Hi0ZxF5PLbmEYmg6EGMOpraa_5NH8jjhG-IHYJQ?
Requested by: Host: aj1616.online
URL: https://aj1616.online/8eb939b7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.125.229 Reston, United States, ASN47328 (TRI-AS True Records Inc., VG),
Reverse DNS
Software: /
Resource Hash: ea9f0a8726905c0e751230627a551a9fe10b9f54f6f7e3f65d4386c1ae954e6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 08:43:25 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://showdream.org
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 603
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 69ms
55ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023030601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072916

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af8acbc2767c737f4d6bbbc867129ea266a2c45204868c6317a3a8e2936092a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11323
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 158ms
157ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072916

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 10 Mar 2023 08:43:26 GMT

GET
H/1.1 200 zSbPPDfZlgKVClm_PAWNiI-fbTZ9L018IThWzvwPGEf5la82QmxBcfoNUopmKGXPAqtbsu65gY3Tn1lCxZfAoWx713a4ZAU3zGxDuftdAQ0mxpCcpSC-NvDDGrcBDTKHP_Od_VaWp5A3a6x6Jnt3pT0nlx2vWJkleyku2Gxz75JFj3bbqU0h6LJlbo2uusDhooLU_...
aj1616.online/ 49 B
512 B 94ms
94ms Image
image/gif 212.124.125.229
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1616.online/zSbPPDfZlgKVClm_PAWNiI-fbTZ9L018IThWzvwPGEf5la82QmxBcfoNUopmKGXPAqtbsu65gY3Tn1lCxZfAoWx713a4ZAU3zGxDuftdAQ0mxpCcpSC-NvDDGrcBDTKHP_Od_VaWp5A3a6x6Jnt3pT0nlx2vWJkleyku2Gxz75JFj3bbqU0h6LJlbo2uusDhooLU_S2CwNfZ0hKmuc9_NTPpeMjiZ2qJPHMi8qrSiPkfN2vRAbaI4ThMwWDlhAb-tG4xMYpjosYFy78XCLZz125y-y0qEM9AL-1RCzsV-ASNTY1U3FoZQrZbDUw5uNY8HeCiFUZ7PeoZiwXEjDNw_yxm0R4dTj4taB--Szqx63-zbsmbjAbpjPaoy19Q5ZdyrrgU?DC=DO
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.125.229 Reston, United States, ASN47328 (TRI-AS True Records Inc., VG),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 08:43:25 GMT
last-modified: Thu, 26 Jan 2023 10:09:08 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1674727748000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B14D 13 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://showdream.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 940
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 08:27:46 GMT
expires: Sat, 09 Mar 2024 08:27:46 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1877 783 B
1 KB 48ms
17ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6ffa9c2ca53f2b49f3bb7198622eed85d8927be1e109b5c38c29af0cd3b6db87

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-r3M9lJ4XYRsNED3gdWgIZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://showdream.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-r3M9lJ4XYRsNED3gdWgIZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 08:43:26 GMT
expires: Fri, 10 Mar 2023 08:43:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js Show response
pagead2.googlesyndication.com/bg/ Frame B14D 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b2816980afc376b618fe8c176a242883e90199278e6bbbbe1c7c932f5ad50b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:27:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14129
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Mar 2024 08:27:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1877 0
0 39ms
39ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023030601&jk=2555783015235800&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B14D 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?P9HzSw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:43:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023030601&jk=2555783015235800&bg=!o6CloPTNAAZKh9k7aoc7ADkAdvg8WmhatXSYOpRTE4jFD7O3UBGNM1Jc63GMZMP8xOgiEMnQ0BMML7vnVp8s-o7RBJQBAnqd8S4CAAAAZFIAAAADaAEHmQLc4OLp1whv-FzDEK5oyozF44gn0Bm15bf19b9eP3Sf2GdxF7v7APvC2DPXS6QLcxmXA4b9snrSnMAiUbRkTVBKe_K1FENCzRx7r7g9THD5Q18xGOToHSMuxAO0rfFBLwUIR6i84bUXlRiHDIZZLS-MHimS3wkjIdBL3tNf_CEkJ9Wlv_J3NB6rFUrdxIg_sH_gFnYxSMAi1lnN8hzDokwRg2edJWMRP9xAGlg6ipM0tWXrZCEo3xtZaGgVgeLs4DVBWxhnNvYFY-mJ9v56YKhKnM_yFVfgp1XuMpnjdrITGwocKxQ4awcPiJvIrkNiXK3rD9pJVr6PfzkTvI2CJUonqHgb6nvrGAY98wxWOIE_QyLWHYnGMQ6x0BYcvYFd-ioqldyy8kQGelW4I8ysNgm43_l2MqzmRsYyTX1CAAJOhPMfbK9oSZZo4ZHdVsXCcdcnblcN-M0cyanhnevZklfjZ1PaKNnZ5wcn1iTj5zySDg64cDqOkTZKp8Bbhpz_sMKxoNqTY-kIEYaFK6EA6yYyb_3bSbDW43Haa_PBnE445fn3OpnzVs28Hg_yyxNCwaGA6W-6lf0i1DzFwAowMud0QepPreFDJsGaf-ZfNPG0uqY2l6gp9bHz7iCWp6s6z1WbyXFC5HBbk-v_TCSiM9-muZzrKvmMxpcKcatGvvkCx7k7zmAWteK4qAa7lXpU87WQSc0FtjqbxkZhCuMB2BeL8m5TFcW9XtMZYos_uZKllRjVLKJlSF0Mrh7L02PnZfILqgiWnEcsY_Q5FT79UPmkczUrdR2Dq1lqQnU8McjNupzYeG22uNLZwJJb0oBG2uJLrHUJVzwu0EKljBj4q_g7m5-eZzNW9VNIKEufCjoPsioBEsojWQ1tttzX8rSJ2eUkMACP40fYW0DPgDykpyUTABvZP1cpKtuwU4pscatE1LFkw7K1jU8NmyDMlzMTOzpuT1SXC7fwuDJ2TxsG
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://showdream.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame DD12 42 B
64 B 45ms
44ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 08:43:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=PT+Sans&subset=cyrillic

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:600,400&subset=cyrillic-ext

Verdicts & Comments Add Verdict or Comment

183 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
showdream.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: f13605b992491421fcd778fc84db2b8b
showdream.org/	1970-01-20 10:13:59	Name: session_id Value: df9ce17d-0ef9-4743-b295-98fcedd2b13e
showdream.org/	1970-01-20 10:13:59	Name: session_pageview Value: 1678437804.1
showdream.org/	1970-01-20 10:57:09	Name: site_visited Value: 1678524204.1
showdream.org/	1970-01-20 19:49:57	Name: lapuid Value: cfd692e1-a233-4a5e-a6dc-f369289e7eed
.showdream.org/	1970-01-20 19:49:57	Name: _ga Value: GA1.2.1981130495.1678437804
.showdream.org/	1970-01-20 10:15:24	Name: _gid Value: GA1.2.1516006168.1678437804
.showdream.org/	1970-01-20 10:13:57	Name: _gat_gtag_UA_123084842_1 Value: 1
a4p.adpartner.pro/	1970-01-20 19:49:57	Name: apuid Value: cfd692e1-a233-4a5e-a6dc-f369289e7eed
a4p.adpartner.pro/	1970-01-20 19:49:57	Name: apudmg Value: 1
.ua.redtram.com/	1970-01-20 10:14:19	Name: rt_page Value: 4
.go.rcvlink.com/	1970-01-20 19:49:57	Name: cache Value: tp_Z49LYvmb-2hA
.showdream.org/	1970-01-20 19:35:33	Name: __gads Value: ID=ade34e3a8dabea8b:T=1678437803:S=ALNI_Ma8rw3luhsoShRNRzsn3ItxdiIoYw
.showdream.org/	1970-01-20 19:35:33	Name: __gpi Value: UID=00000bc2d2943b79:T=1678437803:RT=1678437803:S=ALNI_MZo0qNGE0P2oi03n62qx7HoJ9vX3A
.criteo.com/	1970-01-20 19:35:33	Name: uid Value: fe9e783f-7e0e-4c07-9e5f-0f8327de5516
.doubleclick.net/	1970-01-20 19:35:33	Name: IDE Value: AHWqTUkvvJlP-hpHFkpwwtPc_ThxYoQSOuQrYLe4nGW_pITpd-4KnMKGoABpoqv-gCs
.showdream.org/	1970-01-20 19:35:33	Name: cto_bundle Value: 695EEV8wWEIlMkJaMkpkeWklMkZDQUN0OXpsdmdoclU0dWlNdFBlNGhUZ2hiN2p4SFI2S2ZuUElsTno1JTJCSVd0RHJxWTVrdzBsbmtaQUJMSlFvTnhRZFp3Y0N2bHBMUThVa0ZjdVV1JTJGZ21pblVPUWMzaUFrcCUyRldFSWdId0JtVlo2VGNRU0tsUXJFSHklMkZoNXRidmlHUzF2dVpSZnU4bEElM0QlM0Q
.aj1616.online/	1970-01-20 19:49:57	Name: UUID Value: 5a7b783d-c97d-5037-bf78-3b09128675aa

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://showdream.org/(Line 19) Message: Mixed Content: The page at 'https://showdream.org/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=PT+Sans&subset=cyrillic'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://showdream.org/(Line 20) Message: Mixed Content: The page at 'https://showdream.org/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Open+Sans:600,400&subset=cyrillic-ext'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://a4p.adpartner.pro/jsunit?id=2422&ref=&0.9466019472920904 Message: Failed to load resource: the server responded with a status of 410 ()
network	error	URL: https://showdream.org/templates/Freestyle/images/play_icon_small.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://a4p.adpartner.pro/branding?id=3671&session_id=df9ce17d-0ef9-4743-b295-98fcedd2b13e&session_pageview=1&site_visited=1 Message: Failed to load resource: the server responded with a status of 410 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
adservice.google.com
adservice.google.de
aj1616.online
b2c299fc36e5b3eddf5e0a0cd0f7aa0a.safeframe.googlesyndication.com
cdn.ampproject.org
csi.gstatic.com
fixidle.com
fonts.googleapis.com
fonts.gstatic.com
go.rcvlink.com
googleads.g.doubleclick.net
gum.criteo.com
img.redtram.com
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
r1---sn-4g5e6nzs.gvt1.com
redirector.gvt1.com
securepubads.g.doubleclick.net
showdream.org
st11.rcvlink.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
ua.redtram.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
fonts.googleapis.com
136.243.84.75
159.69.174.226
159.69.174.229
178.250.1.11
212.124.125.229
2404:6800:4003:c03::78
2a00:1450:4001:4c::6
2a00:1450:4001:800::200a
2a00:1450:4001:803::2003
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2001
2a00:1450:400c:c07::9c
2a02:2638:3::3
2a02:2638::1c
51.83.220.94
77.87.193.121
017d7aa39aab0f9a54071181ea666f0acb37fbd568333dbccbbbbe5cf9c00413
039c6e503ff45554769eacdfb99f38bcddfcec2f54edf55374cacc7944ed4289
03ac33d450c2a330a7dff7d63438023d0b4f3c80c1f1e77d8c9b192c3c46a2c2
04db99a3bd1ba4fa06c1cccb0033b47e7ec69fe0c61b84b84a746e084e3c20a2
089b822bd2dfdb4a9cf6dd25f8bdaab372a984d1ac0b84b692496a907edf8822
10e1a52a3ce8719eba4e61398b8b27049e4a2dd3984fc92dee4346f308ea743e
1584393a95874e40c5c6ef28c4a98d25727033d4f0087db2955906d973411f99
182dbc6c626c936352a67024be598d5d4811fa763bcec32045a9dfc030d6b627
183fb83835ba2925e8c4ce9831cbd632dfbf121b12face805ee227ecd71e5602
18c317eae10207aa15d489b44b620a31e2bda771f0a2dde16864f92b6ada2da1
1953b10ead91811364b97a444cc5c595220229a1a86087d5929dbc61e361013a
20047a80dc11dab8fc3d86e70bc30318f33f4a4c05aee820f7232449c1284c10
2181bde0d0ed400534486395bcc401c374656f09dab4fe16b2e3531ac896a6d9
2500cea629c6bbfc4ab85693f21ac707f0a92d02f32781a2bea98f7065e4fbd2
27a1b39b94c3fe2a49fda43f7655c1bd747b8b30c66a5a137a8d093f78dd8570
27cbc622e66f9f919cf1b08bb2c708a309414fc67a679c86773a29dfbf3ed86b
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33dd1289403dce2e4641af5a0a1fcf04e818c18c3823b828578bb92595c08b51
35675bfca1d347d42655715d07a6b61158bf47624e44186964c430ba12296606
35f40a61c72095405fd83a90437875d48eb5d4148622d95064157adf8021068a
381780fe4b266a90b982e15fe667537ebd1d0dda136af96ab3b22171877a6b5f
3fe137a0992a92cb261288b418e788cb7392fe99201becc9888c4c3f84d0628e
40dad8b56608c7e91a10a599a7b22a954339ed9dd4a9195741757fca634a9daa
414d5b10339a2111db5766b8bc03b2f9b2c41499e9d44116c58855de517bbedc
4517b85e15c8ced416975696710df85216a3bf009e543304f9ab3d4d62cf10a5
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4df9b0e2f1e8c4502487f6f3b2facd080c293e58bff38298b3bd6efae7c8f15d
53afed2c670325e37bded1469dd92bfa27b25c647f880d3f9a4a821bbff2c62b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
571861bffcbb11702a9a254709f0adb704c56b645d070d20760a62e2173dd678
579d9d9773858e863e7d802489f84b27b7f557b99900a3c6090a16ce8431ac45
589c37f3dcde1eb5e8fb138c3eeacb24217679ae02d3dd3ce10f0ee909e1d45d
58b598792cfb87d152f7db4857f2a0e88866d5054c8405d87b6ee801b88e95ee
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b2816980afc376b618fe8c176a242883e90199278e6bbbbe1c7c932f5ad50b2
60ff38edd44be2c5efdac343e045aa05d3692f92e2ec65e6ef6e16249642c502
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
66af5d85560f25b8857229580d11c023509c32793df28162eca34790f007ea48
679be6469abfd055f5881af5a1284bf1422701440d7e614d18b2d62a88bc5dde
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
6f6d67ba0e38ce82d634e5088f351d1cee69a655bcbf55294a3e540db4f0aab9
6ffa9c2ca53f2b49f3bb7198622eed85d8927be1e109b5c38c29af0cd3b6db87
708580a8c7f8267e45b116ee0ef38a07770928701c5876c14627a7505bca16e7
72c2816f30885d5d1b5f3f122c57f9b19202addecc9bdbd95a7142872543c109
79f788b0f0397c273433048771a9ea793f12276ca69861e0c54972888ecf7a73
7eabeb9d9678cddc9aab394df33b224bb0959a9301ab6ff41340d496241e2257
8048de511d7e44a2720e70ccdc950c86eeec12a7115befbbda4c763d1f103d1b
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
80f19d54f4ddc466c0a39b4ec70c7bb7b591ad8a549851bee87dc8ffc64f76a3
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1
835c46f680eda60ae7a5ebe49e9a7c9187e98bdb7f859226cdee3a03f178c8b4
888fb427bd087d60ad91635c1de8c83debb566c0a37dc64460e6359d5d4d6cfa
8d6156ec79c43f29ecf544bf9eb4ef9f80e956c754ec7ff4cb6bb8f257e5275e
8da569a24b06c64a9903d50ffc8f11b452dc57f35df3abc4b04207fdab8d516d
8df11986771754af178fba4f59b6d15d08d86008e48d58a30a3b51aa9a748a98
8edab311c99898f1718491231cd0000c52dbdd92b1b80a6baa5b4a4130babf75
9a2bc5f13aa1bf843fb18398d67e0d1347468d0b7073a2e2201083e7d9fc7b95
9b95b9418a1ba3e1b55e8a09cbbd87f006ad8013717728cb7223e0b27320fa68
9c496c4d2503c92e4850380e3016629f664c5fb78e3771fb7a2f3cd16ed7595b
9ce61b5124c26ecd33fa1bb71f1b506610e41fbcd9f15b321af4706c6ddd42ef
a0c416e5579262673c946bc41fc39df46b36e90642b9bc2f09ac18edac22b65c
a42ec0e5c749102a8f66568ffa8846cc0c4af899195489b2753d80776a53e84c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc
a5f15a045d8aa4e016843d37e3ce72220e3f3f293d5f4fc4163938a41b2cbb2e
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a8dc672ce8df944431ffd007323a891816e279b61863f8157076d3565463992a
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
af03659637be1c1928195d6e5a784317d067b5f107e61fbc56ecfa55e8e15b4e
af8acbc2767c737f4d6bbbc867129ea266a2c45204868c6317a3a8e2936092a3
b1ac2a15d8cde0a9d51c87a83edf6c77e1260aa1d6b05022aeca1b900688a51c
b96819b76509f1e513fab5441f9f4cb2246a57e4fe8cb22ec23b81b8876fd160
be1372e3426a60d187f932233c686b1b1e5b940b614a82d8c666ed2a7e486b68
bf0b9470f2e43fee2a6ec7add70df6983837101279d25efde83e2f1558660f72
c03f89a4bb5ef2d874f5befdc386a59b0a25309e231979c51e06bd4fcece3fd2
c37475a7a4f31878c57750adb6ab9ec24bb9a38249f18138ffb39136af5b6910
c6976f4c1b7a4098a795f0a9eb2087aa2f658748131b6bc8c29465cdcd7c02c9
c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf8ae9e6fd43a036f0093a392034316bfb58e8e1d4c0930035726146b9fdb99a
d05cd1f2823eeff6349da10bbbb7b6da3ea56dedde5dfd8a0f7ca12c50c710da
d99dd45e1f7290cf7232d0bbae5d63bfc9fe28ee0f0c9adf0be7a5b491cab987
d9d33b7e51f8cfa4d050016f3022d22a5be259e7bf25f1c9a648a429bd18fe46
db20165c3ba6b7b2abab5bcc04b5319619f88c844196a8227d7c7fb0796d9a93
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1e8d696ba74e8a23805b14729660fd985964adeb213071216b2d467ce572f4b
e25cac6f60a3bbe662d321d307e26c831c89217c10973605c66c9715b610575b
e32c53ae612d3f91643f58428a075fc2e8c1fdbea6272cee33a85ffb00759c5e
e35b5a38bfe4ad943e0b2930cbbe02bf8666f31637d90b4fe2f13783833bf347
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
e7660cb0be97963f7f07af568e1f8cfd6e1d5face6fcc075779785a19f12b379
e7ed03676a878f0c034d9b46100a90515d810805f3d31d6aee4be53f2c138dfe
ea9f0a8726905c0e751230627a551a9fe10b9f54f6f7e3f65d4386c1ae954e6d
eb1c5e9e76ae38cd4e3bea5aea2200d12ebe71149eb964b183c5abbb30c3d647
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3fed9bb3bbd71930a3b962ae437b38150f5eb771983282a61bda84b44d053f5
f40d3c141e4a8113c2776b8bf925b29bf0daf540bb0dbb7ea28a717dd4a8cf55
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
ff5b0b23671a6e64095fcb3f0ddf56a672af3cd2c8fc51a01a73e3d567c61ba1

showdream.org Open in urlscan Pro 77.87.193.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

129 Requests

97 %HTTPS

76 %IPv6

20 Domains

31 Subdomains

29 IPs

6 Countries

3701 kBTransfer

5232 kBSize

18 Cookies

4 Outgoing links

Page URL History

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

showdream.org Open in urlscan Pro
77.87.193.121 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

97 %
HTTPS

76 %
IPv6

20
Domains

31
Subdomains

29
IPs

6
Countries

3701 kB
Transfer

5232 kB
Size

18
Cookies

129 HTTP transactions
3 data transactions