Submitted URL: http://fastlove.us//profile/
Effective URL: https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c9...
Submission: On November 22 via manual from US — Scanned from US

Summary

This website contacted 15 IPs in 2 countries across 16 domains to perform 31 HTTP transactions. The main IP is 2606:4700:3037::6815:34c4, located in United States and belongs to CLOUDFLARENET, US. The main domain is ameliadreams.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 9th 2022. Valid for: a year.
This is the only time ameliadreams.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
13 ameliadreams.com
ameliadreams.com
462 KB
2 google.com
accounts.google.com
1 KB
2 exoclick.com
a.exoclick.com — Cisco Umbrella Rank: 142275
syndication.exoclick.com — Cisco Umbrella Rank: 31150
1 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2222
37 KB
2 svntrk.com
svntrk.com — Cisco Umbrella Rank: 286776
4 KB
2 fastlove.us
fastlove.us
2 KB
1 yandex.com
mc.yandex.com
160 B
1 realsrv.com
syndication.realsrv.com — Cisco Umbrella Rank: 10620
249 B
1 opoxv.com
s.opoxv.com — Cisco Umbrella Rank: 53788
249 B
1 exdynsrv.com
syndication.exdynsrv.com — Cisco Umbrella Rank: 47331
249 B
1 facebook.com
www.facebook.com
1 instagram.com
www.instagram.com
1 yandex.ru
mc.yandex.ru
72 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 201
7 KB
1 logicdate.com
logicdate.com
2 KB
1 whaleclick.info
your.whaleclick.info
676 B
31 16
Domain Requested by
13 ameliadreams.com ameliadreams.com
2 accounts.google.com 1 redirects ameliadreams.com
2 stackpath.bootstrapcdn.com ameliadreams.com
2 svntrk.com logicdate.com
ameliadreams.com
2 fastlove.us 1 redirects
1 mc.yandex.com ameliadreams.com
1 syndication.realsrv.com ameliadreams.com
1 s.opoxv.com ameliadreams.com
1 syndication.exoclick.com ameliadreams.com
1 syndication.exdynsrv.com ameliadreams.com
1 www.facebook.com ameliadreams.com
1 www.instagram.com ameliadreams.com
1 mc.yandex.ru ameliadreams.com
1 a.exoclick.com ameliadreams.com
1 cdnjs.cloudflare.com ameliadreams.com
1 logicdate.com
1 your.whaleclick.info 1 redirects
31 17

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-27 -
2023-08-27
a year crt.sh
*.svntrk.com
E1
2022-10-01 -
2022-12-30
3 months crt.sh
*.exoclick.com
Go Daddy Secure Certificate Authority - G2
2022-08-03 -
2023-09-04
a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2022-10-18 -
2023-03-30
5 months crt.sh
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA
2022-09-01 -
2022-11-30
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-09-01 -
2022-11-30
3 months crt.sh
exdynsrv.com
R3
2022-10-03 -
2023-01-01
3 months crt.sh
exoclick.com
R3
2022-10-03 -
2023-01-01
3 months crt.sh
opoxv.com
R3
2022-10-03 -
2023-01-01
3 months crt.sh
realsrv.com
R3
2022-10-03 -
2023-01-01
3 months crt.sh

This page contains 1 frames:

Primary Page: https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Frame ID: FA143D48408B6D0B46B537D4D20C95D9
Requests: 31 HTTP requests in this frame

Screenshot

Page Title

Amelia Dreams

Page URL History Show full URLs

  1. http://fastlove.us//profile/ HTTP 301
    http://fastlove.us/Join.php Page URL
  2. https://your.whaleclick.info/click?pid=59&offer_id=117 HTTP 302
    https://logicdate.com/dc?s1=ad_wc1&s3=59&s2=637d13a0a1618100018ef794&s4=&lb=1&oid=59283_59282 Page URL
  3. https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

90 %
HTTPS

80 %
IPv6

16
Domains

17
Subdomains

15
IPs

2
Countries

587 kB
Transfer

1023 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fastlove.us//profile/ HTTP 301
    http://fastlove.us/Join.php Page URL
  2. https://your.whaleclick.info/click?pid=59&offer_id=117 HTTP 302
    https://logicdate.com/dc?s1=ad_wc1&s3=59&s2=637d13a0a1618100018ef794&s4=&lb=1&oid=59283_59282 Page URL
  3. https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ== Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://fastlove.us//profile/ HTTP 301
  • http://fastlove.us/Join.php
Request Chain 1
  • https://your.whaleclick.info/click?pid=59&offer_id=117 HTTP 302
  • https://logicdate.com/dc?s1=ad_wc1&s3=59&s2=637d13a0a1618100018ef794&s4=&lb=1&oid=59283_59282
Request Chain 23
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=de&service=youtube HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S-50062685%3A1669141412407374&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=de&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAsu4vehj9kJ7IfyMa-RFyNuFIjlcPT1X96Yd-y3vQSPpk20AAb0dPP5XWn2V7L8WAszCIjegg
Request Chain 28
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9830.mPpBxgxRaE73Ws_l1iKZrlFjZB_nNKq75UGzFTlvYhnMssHXyal49gk0yTyUHLiQ.dV8ELhUkiFA1xeNd2FQviyRglN4%2C

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Join.php
fastlove.us/
Redirect Chain
  • http://fastlove.us//profile/
  • http://fastlove.us/Join.php
394 B
1009 B
Document
General
Full URL
http://fastlove.us/Join.php
Protocol
HTTP/1.1
Server
2606:4700:3037::ac43:a3c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
d614bf22f7e26f44a77e5fa70579302b4b19d0e2ed58897ce5ff59beaf7ff656

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
76e3b24aaec9db11-MIA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Nov 2022 18:23:28 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o3iOo%2FUyQOeSbsJ8BzCT9jQr5l9RkwjreYIVatk34hXQuyDDm8cdr6RcChw%2FCXyBB5ILnNFlQqfKhCDZUG0QyY5fnNU8Ln0g11UBv7xkdT9bEV2P86varozYg2KihPhyLUQ6fYBtxtkkdg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vary
Accept-Encoding
x-powered-by
PHP/7.2.34
x-turbo-charged-by
LiteSpeed

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
76e3b2494beddb11-MIA
Connection
keep-alive
Content-Type
text/html
Date
Tue, 22 Nov 2022 18:23:28 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpdiA8g8MKPEtnEOCrvTyhI12kZmomf4ndhfDAFQfaZDVFmspR%2BQWKvZ8mdP15eedL87bXOLYjk%2BggQxZjlEISx4I8FcEnEDZ1S5cpdpEipkrGnUPi8bZk%2FlfVjR3hBdHJrRvkYZD7DiIg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
location
http://fastlove.us/Join.php
x-turbo-charged-by
LiteSpeed
dc
logicdate.com/
Redirect Chain
  • https://your.whaleclick.info/click?pid=59&offer_id=117
  • https://logicdate.com/dc?s1=ad_wc1&s3=59&s2=637d13a0a1618100018ef794&s4=&lb=1&oid=59283_59282
2 KB
2 KB
Document
General
Full URL
https://logicdate.com/dc?s1=ad_wc1&s3=59&s2=637d13a0a1618100018ef794&s4=&lb=1&oid=59283_59282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:20c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb9871c26f5ad38a07c98061aa53cdffc7fb63b694b7ee93f1de100315cb8b99

Request headers

Referer
http://fastlove.us/Join.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
76e3b24fa81009d2-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 18:23:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDO%2F6KXjPP%2BYwc5DQVdNtEpreJP3gVbwG%2BVRyHGEremo%2FpeqaoQjqJoukDfC4Rd2BTtMChqq6tJidnK5%2Fis4C7%2Bw201BkhAe9hnVC6IHXu20cPIeLMIyHMWZrW7QWCoxz%2BUkchmasGuVzr2J"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
76e3b24d1da8036a-MIA
content-length
0
date
Tue, 22 Nov 2022 18:23:29 GMT
location
https://logicdate.com/dc?s1=ad_wc1&s3=59&s2=637d13a0a1618100018ef794&s4=&lb=1&oid=59283_59282
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xKLgLVr5YSChYLZqdwlOFuuhsqWY6UdWnutd8wUhpW2fQDPtq4RwILMWz3eZgJ0R8XST%2FIynhjUcyIPSwKpfCM%2BeQhenvSXhwxtn7gnMCJI5fVNCCBAzqZrN%2BcPdSj0PaZebjzHPETwqtckNTUyaVRU6jA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-adjust-use-original-forwarded-for
1
analytics_d2e_pp.js
svntrk.com/assets/
9 KB
3 KB
Script
General
Full URL
https://svntrk.com/assets/analytics_d2e_pp.js?r=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&c=ad_wc1&p=59&s=&s2=637d13a0a1618100018ef794&s5=&lbid=&lb=1&lbcid=&dmn=logicdate.com&rot=&bt=&fwbid=76031
Requested by
Host: logicdate.com
URL: https://logicdate.com/dc?s1=ad_wc1&s3=59&s2=637d13a0a1618100018ef794&s4=&lb=1&oid=59283_59282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c56e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 18:23:29 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zv4gcxjngjeFf4NWi1rPCaBEukyKiRIagfOCPoaJddquGZsGNwg%2F5gydB7cjBLSfRhJ0IRIdUUZ1iIb9y8LXwnWsyCq0%2F2RFYu6tk1rI7CF3r1l2IEg%2B2UbHKLbHw%2FNPfOKrOBP2yxF3"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, private
cf-ray
76e3b2526a08dadd-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Primary Request landing2
ameliadreams.com/
8 KB
4 KB
Document
General
Full URL
https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:34c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9236f102893c433a363d586cc7cfa272f423d1d51c5b541c1cfc6d5b80a4ff63

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
76e3b25d5d2d6dd1-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 18:23:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1U%2B7ZlEOTSm1Us9wXlZSVOQTdxjy6BOlZ7kQqUkPIDJdwUut9W1KYVK2%2BchCKC9SfQG1dSJLBBx6uxc1Vu8t0FBOC6d9eVetIBlvZ3VHukS7s17550x3YLBfYL0NJL04%2BNJv02oo6uEbIRwwKTV8"}],"group":"cf-nel","max_age":604800}
server
cloudflare
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/
138 KB
22 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
Requested by
Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ameliadreams.com/
Origin
https://ameliadreams.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 18:23:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
871
age
1906478
cdn-cachedat
07/08/2022 18:56:48
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"04aca1f4cd3ec3c05a75a879f3be75a3"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
7f4c68a0955c27d37d7c8f40e65486bc
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
76e3b25fdc3767c8-MIA
cdn-requestpullsuccess
True
font-awesome.min.css
ameliadreams.com/bk/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://ameliadreams.com/bk/css/font-awesome.min.css
Requested by
Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:34c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 18:23:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Nov 2022 05:14:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5043
etag
W/"636b372e-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7AtDooSkLV6SWl9AXOriIZudHFp4IXbLCQxM3q4xeaukoCn0vh49Mo2V4JjR2yOO4yT4PnlAtAokZSfBCwxopM5qbTYAcoVUI64Tmi4yKKKt3msLah%2FN7bWng9frl9JVzUGvBIG1bou1GvxfULAC"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
76e3b25f3fe26dd1-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
main.css
ameliadreams.com/ameliadreams_com/css/
18 KB
4 KB
Stylesheet
General
Full URL
https://ameliadreams.com/ameliadreams_com/css/main.css
Requested by
Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:34c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2aca63d7a1ce75b3b6ccaafb05ad3e94cd2f95243efbadeb24cb14df44c2c5bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 18:23:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Nov 2022 05:14:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5081
etag
W/"636b372e-4901"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nwHd8nYies86qVijJWe21iwH706qxPX6sLQtm9BkqcfH8cHLecCingbmKQ445cCs%2BYhYELLVJ0ykh9BgtjmSMeHbGVB9Z3wq13hu1VldG8TvFJ4n3oajE4siAc7LBZ65UXhd9%2FxmVB5qYcm3sDny"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
76e3b25f3fe36dd1-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
analytics.js
svntrk.com/assets/
69 B
443 B
Script
General
Full URL
https://svntrk.com/assets/analytics.js?cb=637d13a3828e4
Requested by
Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c56e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5d71d8bd00501171d05296c340b73906fc5eab23a813c8f7f5234314168822c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ameliadreams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 18:23:31 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHjLQpWMZRt2esDGtS%2BoZaKUV6dbLfPucQlZ%2B75KTIN4OIxyOupnyoaTTg23srIBrTJemP1%2BHLvV3ewu2KlR%2FpykOBQSH1qQnBaDrCSgGq3PfazNDvKXrEsqjZUPmPVrUbGYaOeX2ON6"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, private
cf-ray
76e3b25f3d7cdadd-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
girls_2.png
ameliadreams.com/ameliadreams_com/img/
269 KB
270 KB
Image
General
Full URL
https://ameliadreams.com/ameliadreams_com/img/girls_2.png
Requested by
Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:34c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cb970e569b4778009455be4a931b2c66162991d5903cd2798e7d07446479ac3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 18:23:31 GMT
cf-cache-status
HIT
last-modified
Wed, 09 Nov 2022 05:14:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2164
etag
"636b372d-433f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFfo%2FTOHF7vdowwDqnxU22OBXYrAE6RFrL29UepxKpRZBA0fmK3MfM6xTJCEpqAC%2BYcHOeTmwAuaLbVZFbXqAUkbQsz8WyYRO0mz2pU9gn5p4q%2BqyxWlxx%2BHFOGwoOCkPljBHz9tKLehRwg0yKKd"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
76e3b2604d270a1a-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
275444
pusher_mk2c.js
ameliadreams.com/
3 KB
2 KB
Script
General
Full URL
https://ameliadreams.com/pusher_mk2c.js
Requested by
Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:34c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3780240c03de6cec689901ffffe2eba7a73a965c3a24e5ab765712590fd1e076

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 18:23:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Nov 2022 05:14:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2164
etag
W/"636b372f-dcb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwBPNSSxoBmbkp44AMaOcx9NGlG9RHCQ%2FsD0iE6wxspVEFzk6UJFtzrGNIto%2ByOkOzyphmZh2mUC04%2BOV0c5UW69turDfhjWyFQ3kbqLrDVjaw28%2BeKNmrVaozsjQlYJyFtbwYN9fcBWwzCq4U3S"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
76e3b2601ce70a1a-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-3.3.1.min.js
ameliadreams.com/bk/js/
85 KB
31 KB
Script
General
Full URL
https://ameliadreams.com/bk/js/jquery-3.3.1.min.js
Requested by
Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:34c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 18:23:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Nov 2022 05:14:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2164
etag
W/"636b372c-1538e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sao46mTCrb2QKojbMd6AU9GMtDc%2FJIqyYG8eRA8JgXud01Yctb4sSVTkoEKVamm1%2FKqmBnTsk7yO%2B3ddwoK3qeJCSCQ2RGRs4J1l9Dbbj%2FoCLQEwGZocaFDx8mL97%2FG5oGexZDKILh0Ya29vMjzX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
76e3b2603d0d0a1a-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/
20 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js
Requested by
Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://ameliadreams.com/
Origin
https://ameliadreams.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 18:23:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
597331
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6451
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4f71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmhcsYBO3ayZ7RjtWmFXXj4OGA8BghSp0OPHcQxEbtpIs5keDDfk6%2FWt4eg%2B3Z8cUZT4jyB9P%2Be14pzDnjVVbwxfKSKshZrm4VASKtlkvvyE8TePOU5sSqBgEL2afJafxfl9oH4zA8%2BjaD0IL7Ii8M1V"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76e3b260cc2202e8-MIA
expires
Sun, 12 Nov 2023 18:23:31 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/
50 KB
15 KB
Script
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
Requested by
Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ameliadreams.com/
Origin
https://ameliadreams.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 18:23:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
845
age
3113013
cdn-cachedat
07/13/2022 17:30:46
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"67176c242e1bdc20603c878dee836df3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
0383ea47decca8a919138cfa5dbf3105
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
76e3b2608db80306-MIA
cdn-requestpullsuccess
True
common.js
ameliadreams.com/ameliadreams_com/js/
44 KB
12 KB
Script
General
Full URL
https://ameliadreams.com/ameliadreams_com/js/common.js
Requested by
Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:34c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8236025950335b7d3ed28d18d6ae593907e21f5e1d42def64a7d584fca295822

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 18:23:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Nov 2022 05:14:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2164
etag
W/"636b372e-b168"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSDLuJPuTG1vR6zkcRwZKpadH9wF3Zq%2BNWvNOSeKVJjaFK3Y2VXghLrsXCv%2BKUNBhMKLWAs18q%2F8%2FV7WWZokX8C2%2FpoHvsjN7Ku89lIvPYpIM3e6XPbb7JO7KJ4bBKejfFQ%2FcS%2Fc1mnhOUI0boXa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
76e3b2604d230a1a-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ui-tools.js
ameliadreams.com/bk/js/
9 KB
4 KB
Script
General
Full URL
https://ameliadreams.com/bk/js/ui-tools.js
Requested by
Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:34c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81e494909ea24d8abae3e69daf5d234db9c07110693b83497824411f390572f8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 18:23:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Nov 2022 05:14:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2164
etag
W/"636b372c-23a1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTh7j5q%2BxfDqYkHLe0wXBdxZlB22DfXyzSiESFaevgEqhN%2BVQWiZ0uovSmuVnarSpUHgvjfWnj7Obn0a8E3TzXzaPn9Lt6iEz%2FdOWCLPRCdneiX9z9fmKrLxLI1N0jlWpZgAPfjVR6RRGhgVJf%2FR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
76e3b2604d240a1a-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
landing2-general.js
ameliadreams.com/bk/js/
2 KB
2 KB
Script
General
Full URL
https://ameliadreams.com/bk/js/landing2-general.js
Requested by
Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:34c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caaa0d8e986fbac24117c952e78e2911906404e197f08f82f2fb7566103a3a0d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 18:23:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Nov 2022 05:14:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2164
etag
W/"636b372d-9ed"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4hm2RfM%2B1289zq50Uq1Og9kWXjFWzsJStKMoJxZ%2B4mq4yAHFOrgR8%2F%2BvYs205TKWczSF%2F9voGeyQd8uWZltvDcgW6LqP0RiOTaLzC%2Fn3%2F1DKisZCjU%2FnunWJK7fklwx5jsaG4rMNhZmupAR7hsP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
76e3b2604d260a1a-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
tag_gen.js
a.exoclick.com/
1 KB
953 B
Script
General
Full URL
https://a.exoclick.com/tag_gen.js
Requested by
Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
3f89c138ce1226da6cf58792344304839adeea6fc1fad2ba4ff9fc137abb70a0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ameliadreams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 18:23:32 GMT
Content-Encoding
gzip
Server
nginx
etag
W/"a56c0470b9aa925085e51a6271a"
X-HW
1669141411.dop064.mi1.t,1669141412.cds216.mi1.shn,1669141412.dop064.mi1.t,1669141412.cds233.mi1.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
515
tag.js
mc.yandex.ru/metrika/
209 KB
72 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2ba77c35106fd4575a7fa3a09aadd3b81b8af4059e9a9bd2ac903552ca52401
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ameliadreams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 18:23:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Mon, 21 Nov 2022 11:31:51 GMT
etag
"637b3777-11e96"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73366
expires
Tue, 22 Nov 2022 19:23:32 GMT
header_bg-top_414.svg
ameliadreams.com/ameliadreams_com/img/bg/
1 KB
1 KB
Image
General
Full URL
https://ameliadreams.com/ameliadreams_com/img/bg/header_bg-top_414.svg
Requested by
Host: ameliadreams.com
URL: https://ameliadreams.com/ameliadreams_com/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:34c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee37f82814fabb514179cb03a04df494d8791d4ab44fa0332bf3e0853730fbcf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ameliadreams.com/ameliadreams_com/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 18:23:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Nov 2022 05:14:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
582
etag
W/"636b372c-593"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6TALZzOZcDWqsyDUQ7g1Eb7meo%2FmO1VEDIB%2Brql%2BR3UFSln6IIqG4VQwFyQtWsfHR3ikwigY39LYnfMVBRzoEyWkuF1tT5f16Gb9RX2FQG4uAu9rYMplqo4IDDskSJRVtMERKKDMGJH4ttrTTNf"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
76e3b2605d320a1a-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
AvenirNextCyr-Light.woff
ameliadreams.com/ameliadreams_com/fonts/AvenirNextCyr/
45 KB
45 KB
Font
General
Full URL
https://ameliadreams.com/ameliadreams_com/fonts/AvenirNextCyr/AvenirNextCyr-Light.woff
Requested by
Host: ameliadreams.com
URL: https://ameliadreams.com/ameliadreams_com/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:34c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44efd89690d4d6fe1bd29f6568cdcd0b44fb51ddc70338e0b7057da6ff00689c

Request headers

Referer
https://ameliadreams.com/ameliadreams_com/css/main.css
Origin
https://ameliadreams.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 18:23:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Nov 2022 05:14:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3135
etag
W/"636b372d-b21c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6oqHuV%2BApnlQSlth%2Bt548hOb4GX2oGDbyw6jj8aFZmf4eK3hOVBmg5yb770dyOuu8gytk0OmNHt2W8nOyLdK8nPAuusQEoXlOUDdzkZxmlykpZeQj2WwTC%2FrJAlIpxpuAF8%2B8d4CjTe5Kk48dfa8"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=14400
cf-ray
76e3b2605d350a1a-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
AvenirNextCyr-Demi.woff
ameliadreams.com/ameliadreams_com/fonts/AvenirNextCyr/
39 KB
40 KB
Font
General
Full URL
https://ameliadreams.com/ameliadreams_com/fonts/AvenirNextCyr/AvenirNextCyr-Demi.woff
Requested by
Host: ameliadreams.com
URL: https://ameliadreams.com/ameliadreams_com/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:34c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e73419dd79caad8096c4322975710d6619df2f0299dc8f727790cf6df78e8483

Request headers

Referer
https://ameliadreams.com/ameliadreams_com/css/main.css
Origin
https://ameliadreams.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 18:23:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Nov 2022 05:14:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3135
etag
W/"636b372c-9c84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wR%2FxJ48dz4Caid7z9WYXznHrhNboc3SNEOzjHTZVUX7yDSrFWc4DoTs58HUXvciv4fGUNieCWeGy%2FDVMPHGRslLr01wwWHM7TssasZqFqUziOi5%2Fxebc7sIjAQYaBXHWXmxKm2%2FOBuQKRFn7nxOA"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=14400
cf-ray
76e3b2605d360a1a-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
AvenirNextCyr-Regular.woff
ameliadreams.com/ameliadreams_com/fonts/AvenirNextCyr/
39 KB
40 KB
Font
General
Full URL
https://ameliadreams.com/ameliadreams_com/fonts/AvenirNextCyr/AvenirNextCyr-Regular.woff
Requested by
Host: ameliadreams.com
URL: https://ameliadreams.com/ameliadreams_com/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:34c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d138c2ea5b228e5262212c66815d06d103de70734a33da9d4c4c316b9822d119

Request headers

Referer
https://ameliadreams.com/ameliadreams_com/css/main.css
Origin
https://ameliadreams.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 18:23:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Nov 2022 05:14:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3109
etag
W/"636b372e-9dcc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qJpC9Q0ISw81hucxyZsh8KqQdbyN%2FrMvi14QksHxcQdgTBs2xCL2kSdu%2B%2BbynIhOXwz5BYtYYnQPpOeVf8PGrCIooa46NVj4f61IWRl2scWSB%2FwrrIa07pGNGcNh%2F9qfsL4rURvmrDQsZZKCAdb"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=14400
cf-ray
76e3b2605d380a1a-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
www.instagram.com/accounts/login/
0
0
Image
General
Full URL
https://www.instagram.com/accounts/login/?next=%2Ffavicon.ico
Requested by
Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f212:1e4:face:b00c:0:4420 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ameliadreams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

login.php
www.facebook.com/
0
0
Image
General
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ameliadreams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=de&service=youtube
  • https://accounts.google.com/v3/signin/identifier?dsh=S-50062685%3A1669141412407374&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=de&passive=true&service=youtube&uilel=3&flowName=GlifWebSig...
0
0
Image
General
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S-50062685%3A1669141412407374&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=de&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAsu4vehj9kJ7IfyMa-RFyNuFIjlcPT1X96Yd-y3vQSPpk20AAb0dPP5XWn2V7L8WAszCIjegg
Requested by
Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol
H3
Server
2607:f8b0:4006:816::200d -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ameliadreams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Redirect headers

date
Tue, 22 Nov 2022 18:23:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-5wpcqHv653YqkE_BoQFWFw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
394
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S-50062685%3A1669141412407374&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=de&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAsu4vehj9kJ7IfyMa-RFyNuFIjlcPT1X96Yd-y3vQSPpk20AAb0dPP5XWn2V7L8WAszCIjegg
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
tag.php
syndication.exdynsrv.com/
0
249 B
Image
General
Full URL
https://syndication.exdynsrv.com/tag.php?goal=9aeecb98d05a87753a2934f2424e8ac2
Requested by
Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.169.106.41 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ameliadreams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 18:23:32 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
X-Robots-Tag
noindex, follow
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
tag.php
syndication.exoclick.com/
0
249 B
Image
General
Full URL
https://syndication.exoclick.com/tag.php?goal=9aeecb98d05a87753a2934f2424e8ac2
Requested by
Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.169.106.40 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ameliadreams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 18:23:32 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
X-Robots-Tag
noindex, follow
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
tag.php
s.opoxv.com/
0
249 B
Image
General
Full URL
https://s.opoxv.com/tag.php?goal=9aeecb98d05a87753a2934f2424e8ac2
Requested by
Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.169.106.76 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ameliadreams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 18:23:32 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
X-Robots-Tag
noindex, follow
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
tag.php
syndication.realsrv.com/
0
249 B
Image
General
Full URL
https://syndication.realsrv.com/tag.php?goal=9aeecb98d05a87753a2934f2424e8ac2
Requested by
Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.169.106.41 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ameliadreams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 18:23:32 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
X-Robots-Tag
noindex, follow
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
sync_cookie_image_start
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9830.mPpBxgxRaE73Ws_l1iKZrlFjZB_nNKq75UGzFTlvYhnMssHXyal49gk0yTyUHLiQ.dV8ELhUkiFA1xeNd2FQviyRglN4%2C
0
0

advert.gif
mc.yandex.com/metrika/
43 B
160 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: ameliadreams.com
URL: https://ameliadreams.com/landing2?s1=ad_wc1&s2=637d13a0a1618100018ef794&s3=59&s4=&s5=&lbcid=b15feaa1-4902-401c-8eb5-121c929d5c95-6-1122&lb=1&oid=59282&ph=8d6675742a47bff9dedbeab22fcba479&vd=eyJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ameliadreams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 18:23:33 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 21 Nov 2022 11:31:51 GMT
etag
"637b3777-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 22 Nov 2022 19:23:33 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mc.yandex.ru
URL
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9830.mPpBxgxRaE73Ws_l1iKZrlFjZB_nNKq75UGzFTlvYhnMssHXyal49gk0yTyUHLiQ.dV8ELhUkiFA1xeNd2FQviyRglN4%2C

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| svntrk function| ym object| yaParams function| $ function| jQuery function| Popper object| bootstrap string| domainId function| fpDataCallback function| fpErrorCallback

10 Cookies

Domain/Path Name / Value
your.whaleclick.info/ Name: afclick
Value: 637d13a0a1618100018ef794
your.whaleclick.info/ Name: afoffers
Value: {"117":1669141408}
logicdate.com/ Name: sclick_uid
Value: d33aacd9-6ca6-4b60-bbfd-8ac73b95327a-6-1122
logicdate.com/ Name: SRVNAME
Value: s6
ameliadreams.com/ Name: cid
Value: eyJpdiI6IjdwWFZZMzJhUXpXRkVEUk01TzdLWWc9PSIsInZhbHVlIjoiVVwvTktJbnBYNmw3aTFaQXNabXp4aXZcL3RaS0R4eXlhNyt0SlFqb1NjTHFMTWYydzhZSW9vdTZ1Ym9rR2xzWUxCIiwibWFjIjoiNGNiYTk3MmRkNDJhYjNlYjAzZTU5NDk0YzI4YTZkOGQ4YjI4MmU4YTQ3NDg4NDViOGNjNWJmZDRkYTYyM2QxOCJ9
ameliadreams.com/ Name: pubid
Value: eyJpdiI6Ijc4SkdZOU40bE5mUGhnN1hHS3hmMnc9PSIsInZhbHVlIjoiakF6NVhGXC9NOVd4YVhUa2piVU1xalE9PSIsIm1hYyI6IjUwMDdiMWM2YzdkZGVlN2FjODczYmIwMGRlYzFkN2ZiNjA0N2JmZWI2MzllMjVlZTgwMjNiZWZiZjRjYjNlMGMifQ%3D%3D
ameliadreams.com/ Name: subid
Value: eyJpdiI6ImgyU0huQW1jdEpJcFwvWmdJbVdIWlpnPT0iLCJ2YWx1ZSI6IkFxTWNWa2habHlURUplT2MzNXFzY3c9PSIsIm1hYyI6ImEyOGUyYWNjMzM5MTEzNTdlZWMzNTM4NGI4MjIxMzRmMjIzYzZmNmQ0ZjQ0MThiMjhmM2RkMjNkNjE2ZDE4ZDYifQ%3D%3D
ameliadreams.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IkRYb0J4MmNGcll2d3JxSEdhU0FadFE9PSIsInZhbHVlIjoiXC9iNUFrVkp1cUZ2UldMVzJCR1JpdEN1R05UelJQUjhmQms2RHg4TU1XUXh4cU9HYmFYdWxieDRoUlVLdDRVbWlwcUdGNG4rRUFMdHEweDhvRkdrVWVBPT0iLCJtYWMiOiJjOTdmOGE2MDk4ZWYzNWExYzYyZjhmNjQ4YzVkYTc3OTRlMWI2YWFlZDJjZWUzNTg5MGJmNWI0MTE4NTM3MDU5In0%3D
ameliadreams.com/ Name: laravel_session
Value: eyJpdiI6IlJNbEJSMWVIbTZHMjhUbXRiZVJTNWc9PSIsInZhbHVlIjoiWm9UNURlYlVqYmMwK1NhWUZSMXY4MitaRG1uc0tOd29UTllHRHY5R0J4TkdyYU1JYTN2dVhQSEl0YnFRZE1jcnFcL3RMKzFKYWlreDU3c2lOdWErTWtRPT0iLCJtYWMiOiI4MjExYmM2YjllNjMzYmY5ZDdjODkyZDhjZGQ1NTc1YTFhZmMzMjY1NzJhMGZkZmVjOWMyMDA5ZGQ3NTA4MWE1In0%3D
svntrk.com/ Name: scktrk
Value: 637d13a3c0e26-7-1122

1 Console Messages

Source Level URL
Text
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S-50062685%3A1669141412407374&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=de&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAsu4vehj9kJ7IfyMa-RFyNuFIjlcPT1X96Yd-y3vQSPpk20AAb0dPP5XWn2V7L8WAszCIjegg
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.exoclick.com
accounts.google.com
ameliadreams.com
cdnjs.cloudflare.com
fastlove.us
logicdate.com
mc.yandex.com
mc.yandex.ru
s.opoxv.com
stackpath.bootstrapcdn.com
svntrk.com
syndication.exdynsrv.com
syndication.exoclick.com
syndication.realsrv.com
www.facebook.com
www.instagram.com
your.whaleclick.info
mc.yandex.ru
2001:4de0:ac19::1:b:1a
2606:4700:3030::ac43:c56e
2606:4700:3037::6815:20c5
2606:4700:3037::6815:34c4
2606:4700:3037::6815:885
2606:4700:3037::ac43:a3c5
2606:4700::6811:180e
2606:4700::6812:bcf
2607:f8b0:4006:816::200d
2a02:6b8::1:119
2a03:2880:f112:182:face:b00c:0:25de
2a03:2880:f212:1e4:face:b00c:0:4420
68.169.106.40
68.169.106.41
68.169.106.76
2aca63d7a1ce75b3b6ccaafb05ad3e94cd2f95243efbadeb24cb14df44c2c5bb
3780240c03de6cec689901ffffe2eba7a73a965c3a24e5ab765712590fd1e076
3f89c138ce1226da6cf58792344304839adeea6fc1fad2ba4ff9fc137abb70a0
44efd89690d4d6fe1bd29f6568cdcd0b44fb51ddc70338e0b7057da6ff00689c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7cb970e569b4778009455be4a931b2c66162991d5903cd2798e7d07446479ac3
81e494909ea24d8abae3e69daf5d234db9c07110693b83497824411f390572f8
8236025950335b7d3ed28d18d6ae593907e21f5e1d42def64a7d584fca295822
9236f102893c433a363d586cc7cfa272f423d1d51c5b541c1cfc6d5b80a4ff63
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
b5d71d8bd00501171d05296c340b73906fc5eab23a813c8f7f5234314168822c
caaa0d8e986fbac24117c952e78e2911906404e197f08f82f2fb7566103a3a0d
d138c2ea5b228e5262212c66815d06d103de70734a33da9d4c4c316b9822d119
d2ba77c35106fd4575a7fa3a09aadd3b81b8af4059e9a9bd2ac903552ca52401
d614bf22f7e26f44a77e5fa70579302b4b19d0e2ed58897ce5ff59beaf7ff656
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73419dd79caad8096c4322975710d6619df2f0299dc8f727790cf6df78e8483
ee37f82814fabb514179cb03a04df494d8791d4ab44fa0332bf3e0853730fbcf
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
fb9871c26f5ad38a07c98061aa53cdffc7fb63b694b7ee93f1de100315cb8b99