urlscan.io logo urlscan.io
SecurityTrails logo

content.dreamproducts.com Open in urlscan Pro
13.57.150.131  Public Scan

Go To Rescan Add Verdict Report
URL: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Submission: On September 22 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 30 HTTP transactions. The main IP is 13.57.150.131, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is content.dreamproducts.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 12th 2023. Valid for: a year.
This is the only time content.dreamproducts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 13.57.150.131 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
11 11 23.53.43.24 20940 (AKAMAI-ASN1)
8 11 3.224.183.176 14618 (AMAZON-AES)
6 2600:9000:223... 16509 (AMAZON-02)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 44.205.93.51 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
30 7
14    13.57.150.131 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-57-150-131.us-west-1.compute.amazonaws.com
content.dreamproducts.com
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
11    23.53.43.24 (United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-43-24.deploy.static.akamaitechnologies.com
secureli.dreamproducts.com
11    3.224.183.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-183-176.compute-1.amazonaws.com
p.liadm.com
6    2600:9000:223f:dc00:16:3fe3:5f80:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.licasd.com
1    2600:1f18:ed:550e:7788:20d6:1dfc:d414 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
1    44.205.93.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-93-51.compute-1.amazonaws.com
i.liadm.com
3    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
25 dreamproducts.com
content.dreamproducts.com
secureli.dreamproducts.com
319 KB
13 liadm.com
p.liadm.com — Cisco Umbrella Rank: 9763
i6.liadm.com — Cisco Umbrella Rank: 4419
i.liadm.com — Cisco Umbrella Rank: 1067
3 KB
6 licasd.com
c.licasd.com — Cisco Umbrella Rank: 11447
264 KB
3 gstatic.com
fonts.gstatic.com
56 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
2 KB
30 5
Domain Requested by
14 content.dreamproducts.com content.dreamproducts.com
11 p.liadm.com 8 redirects content.dreamproducts.com
11 secureli.dreamproducts.com 11 redirects
6 c.licasd.com content.dreamproducts.com
3 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com content.dreamproducts.com
1 i.liadm.com content.dreamproducts.com
1 i6.liadm.com content.dreamproducts.com
30 8

This site contains no links.

Subject Issuer Validity Valid
content.dreamproducts.com
Amazon RSA 2048 M02		 2023-04-12 -
2024-05-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Frame ID: AC8C6EA5D81EFF0C30367A8F5735E644
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dream Products

Page Statistics

30
Requests

63 %
HTTPS

50 %
IPv6

5
Domains

8
Subdomains

7
IPs

2
Countries

629 kB
Transfer

672 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://secureli.dreamproducts.com/imp?s=804799&li=21257&e=marcy-lawless@utulsa.edu&p=2023-09-22;09:56:31&stpe=default HTTP 301
  • https://p.liadm.com/imp?s=804799&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=default&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=974daa341afe32f026ea55d3d486c2e6&msu=974daa341afe32f026ea55d3d486c2e6&mold=75ff26f94af1f0f11bee848b83e88c65&sh=3c4baa0f0d7955c28c25f2114357105295b94e83&sh2=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2o=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ol=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ou=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2su=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2old=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&dom=utulsa.edu&_lc2_fpi=f8212f901491--01hayx4nk2hs1pfnx19abhj4p3 HTTP 302
  • https://c.licasd.com/ads/0b35b37a096011e584fa1231392ea33d/3393a5c121a84562b7fa2d99bbd74841.jpg
Request Chain 9
  • https://secureli.dreamproducts.com/imp?s=804800&li=21257&e=marcy-lawless@utulsa.edu&p=2023-09-22;09:56:31&stpe=static HTTP 301
  • https://p.liadm.com/imp?s=804800&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=static&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=974daa341afe32f026ea55d3d486c2e6&msu=974daa341afe32f026ea55d3d486c2e6&mold=75ff26f94af1f0f11bee848b83e88c65&sh=3c4baa0f0d7955c28c25f2114357105295b94e83&sh2=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2o=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ol=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ou=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2su=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2old=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&dom=utulsa.edu&_lc2_fpi=f8212f901491--01hayx4nb3m2x87k7ypcf8y2e5 HTTP 302
  • https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png
Request Chain 10
  • https://secureli.dreamproducts.com/imp?s=804802&li=21257&e=marcy-lawless@utulsa.edu&p=2023-09-22;09:56:31&stpe=static HTTP 301
  • https://p.liadm.com/imp?s=804802&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=static&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=974daa341afe32f026ea55d3d486c2e6&msu=974daa341afe32f026ea55d3d486c2e6&mold=75ff26f94af1f0f11bee848b83e88c65&sh=3c4baa0f0d7955c28c25f2114357105295b94e83&sh2=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2o=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ol=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ou=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2su=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2old=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&dom=utulsa.edu&_lc2_fpi=f8212f901491--01hayx4nbddkr2scjcbvhbvjh0 HTTP 302
  • https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/27e30bebaaece921293946f3c75ca02b.png
Request Chain 11
  • https://secureli.dreamproducts.com/imp?s=804803&li=21257&e=marcy-lawless@utulsa.edu&p=2023-09-22;09:56:31&stpe=default HTTP 301
  • https://p.liadm.com/imp?s=804803&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=default&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=974daa341afe32f026ea55d3d486c2e6&msu=974daa341afe32f026ea55d3d486c2e6&mold=75ff26f94af1f0f11bee848b83e88c65&sh=3c4baa0f0d7955c28c25f2114357105295b94e83&sh2=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2o=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ol=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ou=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2su=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2old=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&dom=utulsa.edu&_lc2_fpi=f8212f901491--01hayx4ncv0hk0zema4mm5d5v9 HTTP 302
  • https://c.licasd.com/ads/ca3aeba04cb011eea89c0afccbe42e93/0f440ccdca49413051c8eeaf02c6e7da.jpg
Request Chain 12
  • https://secureli.dreamproducts.com/imp?s=804804&li=21257&e=marcy-lawless@utulsa.edu&p=2023-09-22;09:56:31&stpe=static HTTP 301
  • https://p.liadm.com/imp?s=804804&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=static&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=974daa341afe32f026ea55d3d486c2e6&msu=974daa341afe32f026ea55d3d486c2e6&mold=75ff26f94af1f0f11bee848b83e88c65&sh=3c4baa0f0d7955c28c25f2114357105295b94e83&sh2=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2o=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ol=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ou=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2su=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2old=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&dom=utulsa.edu&_lc2_fpi=f8212f901491--01hayx4nefkw6whasmz389cnbk HTTP 302
  • https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png
Request Chain 13
  • https://secureli.dreamproducts.com/imp?s=804806&li=21257&e=marcy-lawless@utulsa.edu&p=2023-09-22;09:56:31&stpe=static HTTP 301
  • https://p.liadm.com/imp?s=804806&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=static&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=974daa341afe32f026ea55d3d486c2e6&msu=974daa341afe32f026ea55d3d486c2e6&mold=75ff26f94af1f0f11bee848b83e88c65&sh=3c4baa0f0d7955c28c25f2114357105295b94e83&sh2=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2o=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ol=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ou=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2su=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2old=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&dom=utulsa.edu&_lc2_fpi=f8212f901491--01hayx4ng07d98vrj6p8gth04q HTTP 302
  • https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/27e30bebaaece921293946f3c75ca02b.png
Request Chain 20
  • https://secureli.dreamproducts.com/imp?s=126429800&li=21257&e=marcy-lawless@utulsa.edu&p=2023-09-22;09:56:31&stpe=pixel HTTP 301
  • https://p.liadm.com/imp?s=126429800&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=pixel&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=974daa341afe32f026ea55d3d486c2e6&msu=974daa341afe32f026ea55d3d486c2e6&mold=75ff26f94af1f0f11bee848b83e88c65&sh=3c4baa0f0d7955c28c25f2114357105295b94e83&sh2=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2o=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ol=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ou=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2su=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2old=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&dom=utulsa.edu&_lc2_fpi=f8212f901491--01hayx4nk2hs1pfnx19abhj4p3 HTTP 302
  • https://i6.liadm.com/s/section/126429800?m=75ff26f94af1f0f11bee848b83e88c65&sh1=3c4baa0f0d7955c28c25f2114357105295b94e83&sh2=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&source=safe_rtb
Request Chain 21
  • https://secureli.dreamproducts.com/imp?s=126429801&li=21257&e=marcy-lawless@utulsa.edu&p=2023-09-22;09:56:31&stpe=pixel HTTP 301
  • https://p.liadm.com/imp?s=126429801&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=pixel&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=974daa341afe32f026ea55d3d486c2e6&msu=974daa341afe32f026ea55d3d486c2e6&mold=75ff26f94af1f0f11bee848b83e88c65&sh=3c4baa0f0d7955c28c25f2114357105295b94e83&sh2=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2o=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ol=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ou=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2su=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2old=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&dom=utulsa.edu&_lc2_fpi=f8212f901491--01hayx4nk2hs1pfnx19abhj4p3 HTTP 302
  • https://i.liadm.com/s/section/126429801?m=75ff26f94af1f0f11bee848b83e88c65&sh1=3c4baa0f0d7955c28c25f2114357105295b94e83&sh2=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&source=safe_rtb
Request Chain 22
  • https://secureli.dreamproducts.com/imp?s=126429802&li=21257&e=marcy-lawless@utulsa.edu&p=2023-09-22;09:56:31&stpe=pixel HTTP 301
  • https://p.liadm.com/imp?s=126429802&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=pixel&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=974daa341afe32f026ea55d3d486c2e6&msu=974daa341afe32f026ea55d3d486c2e6&mold=75ff26f94af1f0f11bee848b83e88c65&sh=3c4baa0f0d7955c28c25f2114357105295b94e83&sh2=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2o=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ol=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ou=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2su=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2old=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&dom=utulsa.edu&_lc2_fpi=f8212f901491--01hayx4nk2hs1pfnx19abhj4p3
Request Chain 23
  • https://secureli.dreamproducts.com/imp?s=126429803&li=21257&e=marcy-lawless@utulsa.edu&p=2023-09-22;09:56:31&stpe=pixel HTTP 301
  • https://p.liadm.com/imp?s=126429803&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=pixel&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=974daa341afe32f026ea55d3d486c2e6&msu=974daa341afe32f026ea55d3d486c2e6&mold=75ff26f94af1f0f11bee848b83e88c65&sh=3c4baa0f0d7955c28c25f2114357105295b94e83&sh2=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2o=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ol=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ou=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2su=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2old=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&dom=utulsa.edu&_lc2_fpi=f8212f901491--01hayx4nk2hs1pfnx19abhj4p3
Request Chain 24
  • https://secureli.dreamproducts.com/imp?s=126429804&li=21257&e=marcy-lawless@utulsa.edu&p=2023-09-22;09:56:31&stpe=pixel HTTP 301
  • https://p.liadm.com/imp?s=126429804&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=pixel&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=974daa341afe32f026ea55d3d486c2e6&msu=974daa341afe32f026ea55d3d486c2e6&mold=75ff26f94af1f0f11bee848b83e88c65&sh=3c4baa0f0d7955c28c25f2114357105295b94e83&sh2=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2o=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ol=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ou=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2su=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2old=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&dom=utulsa.edu&_lc2_fpi=f8212f901491--01hayx4nk2hs1pfnx19abhj4p3

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
content.dreamproducts.com/ 		56 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.57.150.131 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-150-131.us-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0a302292e31b7b8c4caf59435c14200d786d32694d908bc3c351c83c3b7ddca7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
11792
content-transfer-encoding
8bit
content-type
text/html; charset=utf-8
date
Fri, 22 Sep 2023 16:56:31 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500,600,700
Requested by
Host: content.dreamproducts.com
URL: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fcd07d21f21002d006e7e9a4797896bb12f00ea503ccbfed143527826c61694e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.dreamproducts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 22 Sep 2023 16:56:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 15:25:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Sep 2023 16:56:32 GMT
css
fonts.googleapis.com/ 		750 B
454 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Courgette:400
Requested by
Host: content.dreamproducts.com
URL: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bce2a44775c55b7a8695d51665f589c3599f665ebaf2914747e416196008f701
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.dreamproducts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 22 Sep 2023 16:56:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 16:56:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Sep 2023 16:56:32 GMT
dp_logo235_67.jpg
content.dreamproducts.com/images/449/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.dreamproducts.com/images/449/dp_logo235_67.jpg
Requested by
Host: content.dreamproducts.com
URL: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.57.150.131 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-150-131.us-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6cfd1e83c88d958b0ee45a40803e4ac31154c69b90da0cf9b869a8f6e4ea60bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 16:56:32 GMT
last-modified
Fri, 15 Sep 2023 18:15:40 GMT
server
Microsoft-IIS/10.0
etag
"16834a20e8d91:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
12168
oneacross_img1.jpg
content.dreamproducts.com/images/449/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.dreamproducts.com/images/449/oneacross_img1.jpg
Requested by
Host: content.dreamproducts.com
URL: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.57.150.131 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-150-131.us-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
78df5ca7d331a10920100aa68374248084be83719f9b4f6df7b887266cf24f19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 16:56:32 GMT
last-modified
Fri, 15 Sep 2023 18:15:40 GMT
server
Microsoft-IIS/10.0
etag
"998d76a20e8d91:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
40227
oneacross_img2.jpg
content.dreamproducts.com/images/449/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.dreamproducts.com/images/449/oneacross_img2.jpg
Requested by
Host: content.dreamproducts.com
URL: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.57.150.131 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-150-131.us-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6027413c59c5e5cb903fb531167866eddb351f7cf628d93479248733b51f38ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 16:56:32 GMT
last-modified
Fri, 15 Sep 2023 18:15:40 GMT
server
Microsoft-IIS/10.0
etag
"19f47ea20e8d91:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
56774
oneacross_img3.jpg
content.dreamproducts.com/images/449/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.dreamproducts.com/images/449/oneacross_img3.jpg
Requested by
Host: content.dreamproducts.com
URL: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.57.150.131 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-150-131.us-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
22bf26e489639e09e9266ec6c59aeb287c84e2ef2f70812b4d0da4758e0d21ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 16:56:32 GMT
last-modified
Fri, 15 Sep 2023 18:15:40 GMT
server
Microsoft-IIS/10.0
etag
"d28e86a20e8d91:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
36992
oneacross_img4.jpg
content.dreamproducts.com/images/449/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.dreamproducts.com/images/449/oneacross_img4.jpg
Requested by
Host: content.dreamproducts.com
URL: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.57.150.131 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-150-131.us-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bc7ccc323fec061ea9a1d609bd59f0c8e023b8fcd197ac9b203f7cc26444b7b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 16:56:32 GMT
last-modified
Fri, 15 Sep 2023 18:15:40 GMT
server
Microsoft-IIS/10.0
etag
"f6418da20e8d91:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
42593
specialoffers_bn.jpg
content.dreamproducts.com/images/449/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.dreamproducts.com/images/449/specialoffers_bn.jpg
Requested by
Host: content.dreamproducts.com
URL: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.57.150.131 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-150-131.us-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d4c18407f69ebe1acb5122b67cdcdbf6a3896fe814b9fe9165d0c64b60b7b7ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 16:56:32 GMT
last-modified
Fri, 15 Sep 2023 18:15:40 GMT
server
Microsoft-IIS/10.0
etag
"c8d95a20e8d91:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
47373
3393a5c121a84562b7fa2d99bbd74841.jpg
c.licasd.com/ads/0b35b37a096011e584fa1231392ea33d/
Redirect Chain
  • https://secureli.dreamproducts.com/imp?s=804799&li=21257&e=marcy-lawless@utulsa.edu&p=2023-09-22;09:56:31&stpe=default
  • https://p.liadm.com/imp?s=804799&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=default&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=97...
  • https://c.licasd.com/ads/0b35b37a096011e584fa1231392ea33d/3393a5c121a84562b7fa2d99bbd74841.jpg
93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.licasd.com/ads/0b35b37a096011e584fa1231392ea33d/3393a5c121a84562b7fa2d99bbd74841.jpg
Requested by
Host: content.dreamproducts.com
URL: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Protocol
H3
Server
2600:9000:223f:dc00:16:3fe3:5f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ad6c8e20432ec53561bbbfbb1a7a39e89378a449940bf3b0e51b1cbcc403775
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.dreamproducts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-amz-version-id
UZy3MFrphdi_BzQmS_kvG4WcrxwF4F1z
via
1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
date
Fri, 22 Sep 2023 05:56:09 GMT
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
39625
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
95122
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 12 Apr 2023 20:27:57 GMT
server
AmazonS3
etag
"a224e67e4204571afcbb964303529b4c"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
ywxmeEDl2YspfG2aEfETacCfz3hx9RJ19TNvzY7OkCOPARlrelqRGQ==

Redirect headers

Location
https://c.licasd.com/ads/0b35b37a096011e584fa1231392ea33d/3393a5c121a84562b7fa2d99bbd74841.jpg
Date
Fri, 22 Sep 2023 16:56:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
94c8cd36dc1428947beeb6283056d111.png
c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/
Redirect Chain
  • https://secureli.dreamproducts.com/imp?s=804800&li=21257&e=marcy-lawless@utulsa.edu&p=2023-09-22;09:56:31&stpe=static
  • https://p.liadm.com/imp?s=804800&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=static&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=974...
  • https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png
Requested by
Host: content.dreamproducts.com
URL: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Protocol
H3
Server
2600:9000:223f:dc00:16:3fe3:5f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7df42999b17c3dd8039a37c41774eaa804db05245669e742e2e686b8da507bff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.dreamproducts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-amz-version-id
HN11YLzIVq66javzGXi4S3QzgCBPAuc7
via
1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
date
Fri, 22 Sep 2023 05:50:14 GMT
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
61020
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1255
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 12 Apr 2023 19:40:36 GMT
server
AmazonS3
etag
"6956da20f9d008ec379926ee358e5594"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
Q5jQo8GhZNIn3V9QmB_rG9K9ihKdnpV-CGngxNhoNzQSaY1rOJChSw==

Redirect headers

Location
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png
Date
Fri, 22 Sep 2023 16:56:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
27e30bebaaece921293946f3c75ca02b.png
c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/
Redirect Chain
  • https://secureli.dreamproducts.com/imp?s=804802&li=21257&e=marcy-lawless@utulsa.edu&p=2023-09-22;09:56:31&stpe=static
  • https://p.liadm.com/imp?s=804802&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=static&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=974...
  • https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/27e30bebaaece921293946f3c75ca02b.png
15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/27e30bebaaece921293946f3c75ca02b.png
Requested by
Host: content.dreamproducts.com
URL: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Protocol
H3
Server
2600:9000:223f:dc00:16:3fe3:5f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5417ebe6c4d945b5780b26bff7af7b190dd85ebd80a273f91bfb18c948eb20ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.dreamproducts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-amz-version-id
iQ1zkSQH9f2qB5gRl4IvHcVzH6cXJBvh
via
1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
date
Fri, 22 Sep 2023 03:02:33 GMT
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
50041
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
15721
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 12 Apr 2023 19:42:22 GMT
server
AmazonS3
etag
"c56fae17aa690ac40e2a23fbf5796b60"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
pC2NtbiKnHpyx8oFu8ZIj5x1GR38jgrCVRNnbqYgFLpiGa-7giTsZQ==

Redirect headers

Location
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/27e30bebaaece921293946f3c75ca02b.png
Date
Fri, 22 Sep 2023 16:56:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
0f440ccdca49413051c8eeaf02c6e7da.jpg
c.licasd.com/ads/ca3aeba04cb011eea89c0afccbe42e93/
Redirect Chain
  • https://secureli.dreamproducts.com/imp?s=804803&li=21257&e=marcy-lawless@utulsa.edu&p=2023-09-22;09:56:31&stpe=default
  • https://p.liadm.com/imp?s=804803&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=default&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=97...
  • https://c.licasd.com/ads/ca3aeba04cb011eea89c0afccbe42e93/0f440ccdca49413051c8eeaf02c6e7da.jpg
135 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.licasd.com/ads/ca3aeba04cb011eea89c0afccbe42e93/0f440ccdca49413051c8eeaf02c6e7da.jpg
Requested by
Host: content.dreamproducts.com
URL: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Protocol
H2
Server
2600:9000:223f:dc00:16:3fe3:5f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7dac914feaabd8a6c88f01d1cf05d83627f41f4bfcfea5d18871a373429cc3ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.dreamproducts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id
QVqRgJnQfmWuEIhMX6FezeOK16QnqKqd
date
Fri, 22 Sep 2023 05:57:03 GMT
via
1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P5
age
39571
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
138318
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 15 Sep 2023 14:52:11 GMT
server
AmazonS3
etag
"67a8d9461e899a23b1ce3ffd36ad2079"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
MQOdhkm-Fanqde2v8v3gSVq3k4jpR2pDufs9UdHdzP4f_xZ_2939Ow==

Redirect headers

Location
https://c.licasd.com/ads/ca3aeba04cb011eea89c0afccbe42e93/0f440ccdca49413051c8eeaf02c6e7da.jpg
Date
Fri, 22 Sep 2023 16:56:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
94c8cd36dc1428947beeb6283056d111.png
c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/
Redirect Chain
  • https://secureli.dreamproducts.com/imp?s=804804&li=21257&e=marcy-lawless@utulsa.edu&p=2023-09-22;09:56:31&stpe=static
  • https://p.liadm.com/imp?s=804804&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=static&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=974...
  • https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png
Requested by
Host: content.dreamproducts.com
URL: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Protocol
H2
Server
2600:9000:223f:dc00:16:3fe3:5f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7df42999b17c3dd8039a37c41774eaa804db05245669e742e2e686b8da507bff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.dreamproducts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id
HN11YLzIVq66javzGXi4S3QzgCBPAuc7
date
Fri, 22 Sep 2023 05:50:14 GMT
via
1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P5
age
61020
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1255
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 12 Apr 2023 19:40:36 GMT
server
AmazonS3
etag
"6956da20f9d008ec379926ee358e5594"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
x4SNopcgmYI_pMnP3uGDFmxNX6v2tBcyao_rAuklKwRsgRgq0GPxBA==

Redirect headers

Location
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png
Date
Fri, 22 Sep 2023 16:56:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
27e30bebaaece921293946f3c75ca02b.png
c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/
Redirect Chain
  • https://secureli.dreamproducts.com/imp?s=804806&li=21257&e=marcy-lawless@utulsa.edu&p=2023-09-22;09:56:31&stpe=static
  • https://p.liadm.com/imp?s=804806&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=static&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=974...
  • https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/27e30bebaaece921293946f3c75ca02b.png
15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/27e30bebaaece921293946f3c75ca02b.png
Requested by
Host: content.dreamproducts.com
URL: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Protocol
H2
Server
2600:9000:223f:dc00:16:3fe3:5f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5417ebe6c4d945b5780b26bff7af7b190dd85ebd80a273f91bfb18c948eb20ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.dreamproducts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id
iQ1zkSQH9f2qB5gRl4IvHcVzH6cXJBvh
date
Fri, 22 Sep 2023 03:02:33 GMT
via
1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P5
age
50041
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
15721
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 12 Apr 2023 19:42:22 GMT
server
AmazonS3
etag
"c56fae17aa690ac40e2a23fbf5796b60"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
SiohO8p6wGrZ6SSOsAefGaZRAIYyyzsBEpopvn2KGVjXih7Yp5la6g==

Redirect headers

Location
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/27e30bebaaece921293946f3c75ca02b.png
Date
Fri, 22 Sep 2023 16:56:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
logo_MilesKimball.png
content.dreamproducts.com/images/449/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.dreamproducts.com/images/449/logo_MilesKimball.png
Requested by
Host: content.dreamproducts.com
URL: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.57.150.131 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-150-131.us-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1cec34ee5d1eb8f01323ba060f033db365f78c310333d2dc50014eab9cc6d991

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 16:56:32 GMT
last-modified
Fri, 15 Sep 2023 18:15:40 GMT
server
Microsoft-IIS/10.0
etag
"954561a20e8d91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
3576
logo_easyComforts.png
content.dreamproducts.com/images/449/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.dreamproducts.com/images/449/logo_easyComforts.png
Requested by
Host: content.dreamproducts.com
URL: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.57.150.131 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-150-131.us-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8f606f8c3f97efa401cb9e3682d5c9c2284d0d5c58fe006ae432ea1b96aa946c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 16:56:32 GMT
last-modified
Fri, 15 Sep 2023 18:15:40 GMT
server
Microsoft-IIS/10.0
etag
"50e45ba20e8d91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
4122
logo_WalterDrake.png
content.dreamproducts.com/images/449/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.dreamproducts.com/images/449/logo_WalterDrake.png
Requested by
Host: content.dreamproducts.com
URL: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.57.150.131 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-150-131.us-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d7d4e0ddb6b04ba9023ebb161b5358caf74255fed7473f36caafe2216c659086

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 16:56:32 GMT
last-modified
Fri, 15 Sep 2023 18:15:40 GMT
server
Microsoft-IIS/10.0
etag
"8eb26fa20e8d91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
3241
logo_NativeRemedies.png
content.dreamproducts.com/images/449/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.dreamproducts.com/images/449/logo_NativeRemedies.png
Requested by
Host: content.dreamproducts.com
URL: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.57.150.131 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-150-131.us-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
afdfa55bbbbe81be16e210e378af48c69e04039c885cab68991cc7f459ca573a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 16:56:32 GMT
last-modified
Fri, 15 Sep 2023 18:15:40 GMT
server
Microsoft-IIS/10.0
etag
"c5868a20e8d91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
4122
icon_facebook.jpg
content.dreamproducts.com/images/449/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.dreamproducts.com/images/449/icon_facebook.jpg
Requested by
Host: content.dreamproducts.com
URL: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.57.150.131 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-150-131.us-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
17f5aa5500fbb56436230543185c8691e161731ec3bf8918d420922b619c3176

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 16:56:32 GMT
last-modified
Fri, 15 Sep 2023 18:15:40 GMT
server
Microsoft-IIS/10.0
etag
"ba324ea20e8d91:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
2035
blog.png
content.dreamproducts.com/images/449/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.dreamproducts.com/images/449/blog.png
Requested by
Host: content.dreamproducts.com
URL: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.57.150.131 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-150-131.us-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0de9953b428d02c358f61db6179981a9858a92fa474165d2a79440416a0c3698

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 16:56:32 GMT
last-modified
Fri, 15 Sep 2023 18:15:40 GMT
server
Microsoft-IIS/10.0
etag
"cc241da20e8d91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
4582
126429800
i6.liadm.com/s/section/
Redirect Chain
  • https://secureli.dreamproducts.com/imp?s=126429800&li=21257&e=marcy-lawless@utulsa.edu&p=2023-09-22;09:56:31&stpe=pixel
  • https://p.liadm.com/imp?s=126429800&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=pixel&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=9...
  • https://i6.liadm.com/s/section/126429800?m=75ff26f94af1f0f11bee848b83e88c65&sh1=3c4baa0f0d7955c28c25f2114357105295b94e83&sh2=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&source=...
0
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/section/126429800?m=75ff26f94af1f0f11bee848b83e88c65&sh1=3c4baa0f0d7955c28c25f2114357105295b94e83&sh2=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&source=safe_rtb
Requested by
Host: content.dreamproducts.com
URL: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Protocol
HTTP/1.1
Server
2600:1f18:ed:550e:7788:20d6:1dfc:d414 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.dreamproducts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Fri, 22 Sep 2023 16:56:34 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2

Redirect headers

Location
https://i6.liadm.com/s/section/126429800?m=75ff26f94af1f0f11bee848b83e88c65&sh1=3c4baa0f0d7955c28c25f2114357105295b94e83&sh2=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&source=safe_rtb
Date
Fri, 22 Sep 2023 16:56:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
126429801
i.liadm.com/s/section/
Redirect Chain
  • https://secureli.dreamproducts.com/imp?s=126429801&li=21257&e=marcy-lawless@utulsa.edu&p=2023-09-22;09:56:31&stpe=pixel
  • https://p.liadm.com/imp?s=126429801&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=pixel&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=9...
  • https://i.liadm.com/s/section/126429801?m=75ff26f94af1f0f11bee848b83e88c65&sh1=3c4baa0f0d7955c28c25f2114357105295b94e83&sh2=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&source=s...
0
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/section/126429801?m=75ff26f94af1f0f11bee848b83e88c65&sh1=3c4baa0f0d7955c28c25f2114357105295b94e83&sh2=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&source=safe_rtb
Requested by
Host: content.dreamproducts.com
URL: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Protocol
HTTP/1.1
Server
44.205.93.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-93-51.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.dreamproducts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Fri, 22 Sep 2023 16:56:34 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2

Redirect headers

Location
https://i.liadm.com/s/section/126429801?m=75ff26f94af1f0f11bee848b83e88c65&sh1=3c4baa0f0d7955c28c25f2114357105295b94e83&sh2=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&source=safe_rtb
Date
Fri, 22 Sep 2023 16:56:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
imp
p.liadm.com/
Redirect Chain
  • https://secureli.dreamproducts.com/imp?s=126429802&li=21257&e=marcy-lawless@utulsa.edu&p=2023-09-22;09:56:31&stpe=pixel
  • https://p.liadm.com/imp?s=126429802&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=pixel&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=9...
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.liadm.com/imp?s=126429802&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=pixel&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=974daa341afe32f026ea55d3d486c2e6&msu=974daa341afe32f026ea55d3d486c2e6&mold=75ff26f94af1f0f11bee848b83e88c65&sh=3c4baa0f0d7955c28c25f2114357105295b94e83&sh2=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2o=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ol=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ou=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2su=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2old=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&dom=utulsa.edu&_lc2_fpi=f8212f901491--01hayx4nk2hs1pfnx19abhj4p3
Requested by
Host: content.dreamproducts.com
URL: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Protocol
HTTP/1.1
Server
3.224.183.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-183-176.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.dreamproducts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Fri, 22 Sep 2023 16:56:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 22 Sep 2023 16:56:33 GMT
Content-Type
text/html
Location
https://p.liadm.com/imp?s=126429802&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=pixel&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=974daa341afe32f026ea55d3d486c2e6&msu=974daa341afe32f026ea55d3d486c2e6&mold=75ff26f94af1f0f11bee848b83e88c65&sh=3c4baa0f0d7955c28c25f2114357105295b94e83&sh2=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2o=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ol=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ou=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2su=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2old=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&dom=utulsa.edu&_lc2_fpi=f8212f901491--01hayx4nk2hs1pfnx19abhj4p3
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Fri, 22 Sep 2023 16:56:33 GMT
imp
p.liadm.com/
Redirect Chain
  • https://secureli.dreamproducts.com/imp?s=126429803&li=21257&e=marcy-lawless@utulsa.edu&p=2023-09-22;09:56:31&stpe=pixel
  • https://p.liadm.com/imp?s=126429803&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=pixel&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=9...
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.liadm.com/imp?s=126429803&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=pixel&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=974daa341afe32f026ea55d3d486c2e6&msu=974daa341afe32f026ea55d3d486c2e6&mold=75ff26f94af1f0f11bee848b83e88c65&sh=3c4baa0f0d7955c28c25f2114357105295b94e83&sh2=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2o=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ol=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ou=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2su=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2old=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&dom=utulsa.edu&_lc2_fpi=f8212f901491--01hayx4nk2hs1pfnx19abhj4p3
Requested by
Host: content.dreamproducts.com
URL: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Protocol
HTTP/1.1
Server
3.224.183.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-183-176.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.dreamproducts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Fri, 22 Sep 2023 16:56:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 22 Sep 2023 16:56:33 GMT
Content-Type
text/html
Location
https://p.liadm.com/imp?s=126429803&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=pixel&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=974daa341afe32f026ea55d3d486c2e6&msu=974daa341afe32f026ea55d3d486c2e6&mold=75ff26f94af1f0f11bee848b83e88c65&sh=3c4baa0f0d7955c28c25f2114357105295b94e83&sh2=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2o=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ol=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ou=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2su=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2old=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&dom=utulsa.edu&_lc2_fpi=f8212f901491--01hayx4nk2hs1pfnx19abhj4p3
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Fri, 22 Sep 2023 16:56:33 GMT
imp
p.liadm.com/
Redirect Chain
  • https://secureli.dreamproducts.com/imp?s=126429804&li=21257&e=marcy-lawless@utulsa.edu&p=2023-09-22;09:56:31&stpe=pixel
  • https://p.liadm.com/imp?s=126429804&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=pixel&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=9...
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.liadm.com/imp?s=126429804&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=pixel&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=974daa341afe32f026ea55d3d486c2e6&msu=974daa341afe32f026ea55d3d486c2e6&mold=75ff26f94af1f0f11bee848b83e88c65&sh=3c4baa0f0d7955c28c25f2114357105295b94e83&sh2=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2o=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ol=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ou=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2su=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2old=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&dom=utulsa.edu&_lc2_fpi=f8212f901491--01hayx4nk2hs1pfnx19abhj4p3
Requested by
Host: content.dreamproducts.com
URL: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Protocol
HTTP/1.1
Server
3.224.183.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-183-176.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.dreamproducts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Fri, 22 Sep 2023 16:56:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 22 Sep 2023 16:56:33 GMT
Content-Type
text/html
Location
https://p.liadm.com/imp?s=126429804&li=21257&p=2023-09-22%3B09%3A56%3A31&stpe=pixel&m=75ff26f94af1f0f11bee848b83e88c65&mo=75ff26f94af1f0f11bee848b83e88c65&mol=75ff26f94af1f0f11bee848b83e88c65&mou=974daa341afe32f026ea55d3d486c2e6&msu=974daa341afe32f026ea55d3d486c2e6&mold=75ff26f94af1f0f11bee848b83e88c65&sh=3c4baa0f0d7955c28c25f2114357105295b94e83&sh2=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2o=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ol=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&sh2ou=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2su=c7514fd8e67037eef7a9a37d74a5b42af2b9b81c3673732bb794580972a77bba&sh2old=4d750625ef711525172e7ee9c3034e91f3df5a3f1972a575f6abdad2f70776e5&dom=utulsa.edu&_lc2_fpi=f8212f901491--01hayx4nk2hs1pfnx19abhj4p3
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Fri, 22 Sep 2023 16:56:33 GMT
feature_img.jpg
content.dreamproducts.com/images/449/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.dreamproducts.com/images/449/feature_img.jpg
Requested by
Host: content.dreamproducts.com
URL: https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.57.150.131 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-150-131.us-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
190773d3dcc8fbead8122078b841e95f10b5365850d2b3a9e610bffe97bccbc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.dreamproducts.com/?E7Lplwd8eKeRXd09Hbmts3pYrUwrZjpeE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 16:56:33 GMT
last-modified
Fri, 15 Sep 2023 18:15:40 GMT
server
Microsoft-IIS/10.0
etag
"f5dd40a20e8d91:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
40657
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://content.dreamproducts.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:52:03 GMT
x-content-type-options
nosniff
age
162270
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Sep 2024 19:52:03 GMT
wEO_EBrAnc9BLjLQAUk1VvoK.woff2
fonts.gstatic.com/s/courgette/v17/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/courgette/v17/wEO_EBrAnc9BLjLQAUk1VvoK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Courgette:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
405773c896e1955562d347744121c4bdfb078188d311b13fcb6471444d191400
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://content.dreamproducts.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 06:19:11 GMT
x-content-type-options
nosniff
age
297442
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24964
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 17:58:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Sep 2024 06:19:11 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://content.dreamproducts.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 17:26:14 GMT
x-content-type-options
nosniff
age
257419
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Sep 2024 17:26:14 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

1 Cookies

Domain/Path Name / Value
.dreamproducts.com/ Name: _lc2_fpi
Value: f8212f901491--01hayx4nk2hs1pfnx19abhj4p3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.licasd.com
content.dreamproducts.com
fonts.googleapis.com
fonts.gstatic.com
i.liadm.com
i6.liadm.com
p.liadm.com
secureli.dreamproducts.com
13.57.150.131
23.53.43.24
2600:1f18:ed:550e:7788:20d6:1dfc:d414
2600:9000:223f:dc00:16:3fe3:5f80:93a1
2a00:1450:4001:827::200a
2a00:1450:4001:829::2003
3.224.183.176
44.205.93.51
0a302292e31b7b8c4caf59435c14200d786d32694d908bc3c351c83c3b7ddca7
0de9953b428d02c358f61db6179981a9858a92fa474165d2a79440416a0c3698
17f5aa5500fbb56436230543185c8691e161731ec3bf8918d420922b619c3176
190773d3dcc8fbead8122078b841e95f10b5365850d2b3a9e610bffe97bccbc6
1cec34ee5d1eb8f01323ba060f033db365f78c310333d2dc50014eab9cc6d991
22bf26e489639e09e9266ec6c59aeb287c84e2ef2f70812b4d0da4758e0d21ad
3ad6c8e20432ec53561bbbfbb1a7a39e89378a449940bf3b0e51b1cbcc403775
405773c896e1955562d347744121c4bdfb078188d311b13fcb6471444d191400
5417ebe6c4d945b5780b26bff7af7b190dd85ebd80a273f91bfb18c948eb20ac
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6027413c59c5e5cb903fb531167866eddb351f7cf628d93479248733b51f38ec
6cfd1e83c88d958b0ee45a40803e4ac31154c69b90da0cf9b869a8f6e4ea60bf
78df5ca7d331a10920100aa68374248084be83719f9b4f6df7b887266cf24f19
7dac914feaabd8a6c88f01d1cf05d83627f41f4bfcfea5d18871a373429cc3ed
7df42999b17c3dd8039a37c41774eaa804db05245669e742e2e686b8da507bff
8f606f8c3f97efa401cb9e3682d5c9c2284d0d5c58fe006ae432ea1b96aa946c
afdfa55bbbbe81be16e210e378af48c69e04039c885cab68991cc7f459ca573a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bc7ccc323fec061ea9a1d609bd59f0c8e023b8fcd197ac9b203f7cc26444b7b4
bce2a44775c55b7a8695d51665f589c3599f665ebaf2914747e416196008f701
d4c18407f69ebe1acb5122b67cdcdbf6a3896fe814b9fe9165d0c64b60b7b7ce
d7d4e0ddb6b04ba9023ebb161b5358caf74255fed7473f36caafe2216c659086
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
fcd07d21f21002d006e7e9a4797896bb12f00ea503ccbfed143527826c61694e