secreto.site Open in urlscan Pro
104.21.70.131 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://secreto.site/es/22703391
Submission: On October 21 via manual (October 21st 2021, 2:58:48 am UTC) from MX — Scanned from DE

Summary HTTP 52 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 14 domains to perform 52 HTTP transactions. The main IP is 104.21.70.131, located in United States and belongs to CLOUDFLARENET, US. The main domain is secreto.site.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 11th 2021. Valid for: a year.

This is the only time secreto.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	104.21.70.131 104.21.70.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.122.175 104.16.122.175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
6	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.16.18.94 104.16.18.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	104.26.14.31 104.26.14.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.110 142.250.186.110	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	64.233.166.154 64.233.166.154	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	142.250.186.97 142.250.186.97	15169 (GOOGLE) (GOOGLE)
1	78.46.198.121 78.46.198.121	24940 (HETZNER-AS) (HETZNER-AS)
5	172.217.16.129 172.217.16.129	15169 (GOOGLE) (GOOGLE)
3	172.217.23.97 172.217.23.97	15169 (GOOGLE) (GOOGLE)
2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 1	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
52	17

6 104.21.70.131 (United States)

ASN13335 (CLOUDFLARENET, US)

secreto.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.122.175 (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.75.88.126 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.18.94 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.26.14.31 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.166.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f1.1e100.net

e57c6ba014d33751d64f7df3b911d90a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.198.121 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.121.198.46.78.clients.your-server.de

friend20.mycleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.196 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	cleverpush.com static.cleverpush.com	98 KB
8	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	185 KB
6	googlesyndication.com e57c6ba014d33751d64f7df3b911d90a.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	36 KB
6	secreto.site secreto.site	24 KB
5	ampproject.org cdn.ampproject.org	103 KB
5	addthis.com s7.addthis.com m.addthis.com	217 KB
2	google.com 1 redirects adservice.google.com www.google.com	790 B
2	google-analytics.com www.google-analytics.com	20 KB
2	cloudflare.com cdnjs.cloudflare.com	13 KB
1	mycleverpush.com friend20.mycleverpush.com	18 KB
1	google.de adservice.google.de	853 B
1	addthisedge.com v1.addthisedge.com	2 KB
1	moatads.com z.moatads.com	1 KB
1	unpkg.com unpkg.com	2 KB
52	14

	Domain	Requested by
9	static.cleverpush.com	secreto.site static.cleverpush.com friend20.mycleverpush.com
6	securepubads.g.doubleclick.net	secreto.site securepubads.g.doubleclick.net
6	secreto.site	secreto.site
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	s7.addthis.com	secreto.site s7.addthis.com
3	tpc.googlesyndication.com	secreto.site securepubads.g.doubleclick.net
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	secreto.site www.google-analytics.com
2	cdnjs.cloudflare.com	secreto.site
1	googleads.g.doubleclick.net	secreto.site
1	www.google.com	1 redirects
1	friend20.mycleverpush.com	static.cleverpush.com
1	e57c6ba014d33751d64f7df3b911d90a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	unpkg.com	secreto.site
52	20

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net
adssettings.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-11` - `2022-08-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.mycleverpush.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-04` - `2022-06-04`	2 years	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://secreto.site/es/22703391
Frame ID: 22437A7CE7660C1129CE9103B0C9DB63
Requests: 45 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: AB5783B1FD5309CCE1DBC6792C76DB84
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: C64FEF29C9C7BC786B1EE67DCF85E3EA
Requests: 1 HTTP requests in this frame

Frame: https://e57c6ba014d33751d64f7df3b911d90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C3FBA43A55CECC4828EEB2BA4E205062
Requests: 1 HTTP requests in this frame

Frame: https://friend20.mycleverpush.com/iframe?origin=https%3A%2F%2Fsecreto.site
Frame ID: BFB8949EEC6004A1DBF87EBEC64A459C
Requests: 4 HTTP requests in this frame

Frame: https://e57c6ba014d33751d64f7df3b911d90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7C385B3E2FFB75B9F1DEB85FF5391995
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

AddThis (Widgets) Expand

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Zepto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

zepto.*\.js

Page Statistics

52
Requests

94 %
HTTPS

0 %
IPv6

14
Domains

20
Subdomains

17
IPs

4
Countries

719 kB
Transfer

2226 kB
Size

15
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://googleads.g.doubleclick.net/aclk?sa=l&ai=C-DDAZNdwYaiZDY-ngQeii5PYDcHI9elkvKGbhNEBi97InNclEAEguoTAM2CV4pCCoAegAfzI4NIDyAEDqQLQGflUJASFPuACAKgDAcgDCKoE3wFP0EHttYZKNiS2XhytwqcgJ6VmRdzp7_egJmkBq6TIRW_sSacle4sG9mwSNDkCI_k3AfqvFceBKDkkz1ff5eeTY1RM6ITJqD5Z5cMyn-U5e3iKulN1beB629_JpLBRYpIvzSCiO_sQ7Ixbx1xiy5gQpsfw6qn2fir_uBKPFHp_k-JBqmxQRcQ3VvAZxwaZDL3lS4Gc0gubtkXr6hw1MXvIEIebmSRIcITmYLbCMRMQqMSbgy5vRCPJjJJl0Doa--MUtUrlHbmQCKDRELyEoOrU4CtmpZsvV6njtDT1jgPGwAS00bGmQ-AEAaAGA4AH7LafLagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcB0ggJCIjhgHAQARgd8ggbYWR4LXN1YnN5bi01ODAyODk0MDQ0Njc1MDMwsQkAnQ-t2l4MHoAKA5gLAcgLAbgMAdgTA9AVAZgWAYAXAQ&ae=1&num=1&cid=CAASPeRokY4ukFXu_uxhj1rVGfJazMEA-hN8nFSD8HSKKHifFP1LdcExei171oQJFjjDLV2eBDRLFvM6A0L2c7o&sig=AOD64_3vSPp1_Cl3aTAJGAl0ghwwQ0C9sA&client=ca-pub-8933329999391104&nx=CLICK_X&ny=CLICK_Y&nb=2&adurl=http://www.kiesdirekt.de%3Fgclid%3DEAIaIQobChMIqNvzlMHa8wIVj1PgCh2ixQTbEAEYASAAEgKONvD_BwE

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?reasons=AB3afGEAAAULW1tbW3RydWUsWzksMjFdXSxbbnVsbCwiaHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2ludGVyYWN0aW9uLz9haT1DLUREQVpOZHdZYWlaRFktbmdRZWlpNVBZRGNISTllbGt2S0diaE5FQmk5N0luTmNsRUFFZ3VvVEFNMkNWNHBDQ29BZWdBZnpJNE5JRHlBRURxUUxRR2ZsVUpBU0ZQdUFDQUtnREFjZ0RDS29FM3dGUDBFSHR0WVpLTmlTMlhoeXR3cWNnSjZWbVJkenA3X2VnSm1rQnE2VElSV19zU2FjbGU0c0c5bXdTTkRrQ0lfazNBZnF2RmNlQktEa2t6MWZmNWVlVFkxUk02SVRKcUQ1WjVjTXluLVU1ZTNpS3VsTjFiZUI2MjlfSnBMQlJZcEl2elNDaU9fc1E3SXhieDF4aXk1Z1Fwc2Z3NnFuMmZpcl91QktQRkhwX2stSkJxbXhRUmNRM1Z2QVp4d2FaREwzbFM0R2MwZ3VidGtYcjZodzFNWHZJRUllYm1TUkljSVRtWUxiQ01STVFxTVNiZ3k1dlJDUEpqSkpsMERvYS0tTVV0VXJsSGJtUUNLRFJFTHlFb09yVTRDdG1wWnN2VjZuanREVDFqZ1BHd0FTMDBiR21RLUFFQWFBR0E0QUg3TGFmTGFnSDhOa2JxQWZ5MlJ1b0I0N09HNmdIazlnYnFBZTZCcWdIN3BheEFxZ0gxY2ticUFlbXZodW9CX1BSRzZnSGx0Z2JxQWVxbTdFQ3FBZmZuN0VDMkFjQjBnZ0pDSWpoZ0hBUUFSZ2Q4Z2diWVdSNExYTjFZbk41YmkwMU9EQXlPRGswTURRME5qYzFNRE13c1FrQW5RLXQybDRNSG9BS0E1Z0xBY2dMQWJnTUFkZ1RBOUFWQVpnV0FZQVhBUVx1MDAyNnNpZ2g9VGxkclh3bnJ6TGdcdTAwMjZjaWQ9Q0FRU1BnQ05JckxNemN6TEU0SGctV284LUREVkVyd2U2VVAxQXhhbzZVVVRBdk56T0ZVT0hTa3FVZ1dQTGpCNXZqOTVqRHFSTlZXVVF2Zl9kZUtYU2QzOCIsW251bGwsbnVsbCxudWxsLCJodHRwczovL2Rpc3BsYXlhZHMtZm9ybWF0cy5nb29nbGV1c2VyY29udGVudC5jb20vYWRzL3ByZXZpZXcvY29udGVudC5qcz9jbGllbnQ9d3RhXHUwMDI2b2JmdXNjYXRlZEN1c3RvbWVySWQ9NjUwMTY5OTYzNlx1MDAyNmNyZWF0aXZlSWQ9NTYxMzQ1NDQ0MDRcdTAwMjZ2ZXJzaW9uSWQ9MFx1MDAyNmFkR3JvdXBDcmVhdGl2ZUlkPTU2MTExODQ1NTY0XHUwMDI2aHRtbFBhcmVudElkPXByZXYtMFx1MDAyNmhlaWdodD0yODBcdTAwMjZ3aWR0aD0zMzZcdTAwMjZzaWc9QUNpVkJfek5XNkR6SG9ybEE5SnNMOGVPUmVUbW96aGtMQSJdLG51bGwsbnVsbCwxLCIwNnZPWEM5bHJpRUl2S0diaE5FQkVLekw5R3dZMU5mcUxTSVJkM2QzTG10cFpYTmthWEpsYTNRdVpHVkNGMk5oTFhCMVlpMDRPVE16TXpJNU9UazVNemt4TVRBMFNBVllBM0FCcUFFQiIsIjIyODQwMjYwNCJdXV0sWzEsMSwxLDFdXQj8LNRNF0R3kEUwJRtwh8tGoU7wv2LqIAg-0Se-p3lSozLr5YZGk4gxyJfwx32jcdvw33UJjpQCY-plpLharPKvz5Q3A3DUb2gP2fsLQFRT7Y7ZE2V-F__uhuXpFOaJwsAClOu2f5MRZyk6Kad-fnswOOnTiulLWpgnoZuo6lqHWZXrBKyb9YJQsDlG-W9rvQcvqYQkXYy6KDeq5uUL9XAdFiWtmzrpWr9XJ5QEIh7l5QsPHshkfbGkp51mbXQGAY14iEEG0k7xZM3ZFno42lfDJmNzOcYJdx7jjTKe2Lsh_PZbtKeQKhLjQNBP_p3wWdQGF3oQ49AMoxL8eYtwzY0,6UqpaJMaOi1ZjaHJ4xTVLQ&source=display

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

52 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 22703391 Show response
secreto.site/es/ 36 KB
9 KB 90ms
46ms Document
text/html 104.21.70.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secreto.site/es/22703391
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.70.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e17c8c4033c054473783621c0e62cf99fb8f8b6f0d19e950ecce35b6b35a2fa

Request headers

:method: GET
:authority: secreto.site
:scheme: https
:path: /es/22703391
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 21 Oct 2021 02:58:43 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IjRuWkl0aXRKanY2R3NzMDhZQVwvSmxRPT0iLCJ2YWx1ZSI6Ink1alRGeUdqZlJ1UlhWQTB0YnFsc1MwemlhZGhTS1M1SXMrdjkraU5rKytSajNrRGNuTHZaWStOcTgyWlowWVUiLCJtYWMiOiJiMGRhZmEwM2YwZjgzYTgyMWZkOWI2YjY2MDE2Y2VkNzcxNzgzNTBhNDZmYjA1NDI3ZGU5ZTIzZTA0YjA5NmNjIn0%3D; expires=Thu, 21-Oct-2021 04:56:13 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IlFuV0U0S3AwYTJyeGRyRVpySXJ1TWc9PSIsInZhbHVlIjoiNEdsR1pNRnhMTlVHZVpxd0pnMnlIRUlvN2JoK20yMUs1ZmpaVDlWbEpBTzJNUWQ4ckdPUWRCODgyMEx2aVdrciIsIm1hYyI6IjJhOTdlOGY3ZjI1ZTMyZTQ4NGEwMWNmN2Y4NDliNTRhODlhMDRlYTg5M2E3MjVlMDgwMzQ4MzRhODllNThjMTQifQ%3D%3D; expires=Thu, 21-Oct-2021 04:56:13 GMT; Max-Age=7200; path=/; httponly __cf_bm=7i6SBDn8bln1rVYJr63TAXqVL42sZWJZCSqiLgZSnM8-1634785123-0-ATtNytbs3S+fBc61+AEI4FArQYsCsZ0Kui7UrALrDT3/xd32ZHE/3DlBt4a81d4lDjw2axzA06lqGrDkC+NTQn0=; path=/; expires=Thu, 21-Oct-21 03:28:43 GMT; domain=.secreto.site; HttpOnly; Secure; SameSite=None
x-cache-status: HIT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Xh2gG1iEDMkXhs35B2RqswbzZmM1wwvbtqRK7%2B4GFwP%2FKYrXo8Tbyv4woMlGYE%2FtToWPDDsQ4MAFVvmUtpqM29yri4bnXrDH1MwncxtEUAQW%2Fb%2Fy0avGZRDQdoo41U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a1739cf98343b8b-CDG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 pure.min.css
secreto.site/css/ 16 KB
4 KB 22ms
21ms Stylesheet
text/css 104.21.70.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secreto.site/css/pure.min.css
Requested by: Host: secreto.site
URL: https://secreto.site/es/22703391
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.70.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3435a0ca220029c92376530494d937451681a722a3c5b4932f7375df597d6e00

Request headers

:path: /css/pure.min.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IjRuWkl0aXRKanY2R3NzMDhZQVwvSmxRPT0iLCJ2YWx1ZSI6Ink1alRGeUdqZlJ1UlhWQTB0YnFsc1MwemlhZGhTS1M1SXMrdjkraU5rKytSajNrRGNuTHZaWStOcTgyWlowWVUiLCJtYWMiOiJiMGRhZmEwM2YwZjgzYTgyMWZkOWI2YjY2MDE2Y2VkNzcxNzgzNTBhNDZmYjA1NDI3ZGU5ZTIzZTA0YjA5NmNjIn0%3D; laravel_session=eyJpdiI6IlFuV0U0S3AwYTJyeGRyRVpySXJ1TWc9PSIsInZhbHVlIjoiNEdsR1pNRnhMTlVHZVpxd0pnMnlIRUlvN2JoK20yMUs1ZmpaVDlWbEpBTzJNUWQ4ckdPUWRCODgyMEx2aVdrciIsIm1hYyI6IjJhOTdlOGY3ZjI1ZTMyZTQ4NGEwMWNmN2Y4NDliNTRhODlhMDRlYTg5M2E3MjVlMDgwMzQ4MzRhODllNThjMTQifQ%3D%3D; __cf_bm=7i6SBDn8bln1rVYJr63TAXqVL42sZWJZCSqiLgZSnM8-1634785123-0-ATtNytbs3S+fBc61+AEI4FArQYsCsZ0Kui7UrALrDT3/xd32ZHE/3DlBt4a81d4lDjw2axzA06lqGrDkC+NTQn0=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: secreto.site
referer: https://secreto.site/es/22703391
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/es/22703391
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 02:58:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11374669
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 09 May 2018 18:07:42 GMT
server: cloudflare
etag: W/"5af338ee-3f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7oMp27eBbYP%2FjSy%2BpdYXLD1oJNI9u0yjiNjeyK07bNtma1%2BpIubv5QkF07NdrHWmxm4SaVSOix6pzaWfsQ1FYpX9JmjGCo%2BISg3%2BS3AS%2B2uYg19f3BZ%2FUVZG0lOxOk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6a1739d0088f3b8b-CDG
expires: Sun, 05 Jun 2022 06:17:33 GMT

GET
H2 200 marketing.css
secreto.site/css/ 7 KB
3 KB 23ms
23ms Stylesheet
text/css 104.21.70.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secreto.site/css/marketing.css?b=1
Requested by: Host: secreto.site
URL: https://secreto.site/es/22703391
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.70.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c0f9f3d3423cee250e1f640c9153a60cdf130d9f7d5ee8ab50c1a5ba4318aa7

Request headers

:path: /css/marketing.css?b=1
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IjRuWkl0aXRKanY2R3NzMDhZQVwvSmxRPT0iLCJ2YWx1ZSI6Ink1alRGeUdqZlJ1UlhWQTB0YnFsc1MwemlhZGhTS1M1SXMrdjkraU5rKytSajNrRGNuTHZaWStOcTgyWlowWVUiLCJtYWMiOiJiMGRhZmEwM2YwZjgzYTgyMWZkOWI2YjY2MDE2Y2VkNzcxNzgzNTBhNDZmYjA1NDI3ZGU5ZTIzZTA0YjA5NmNjIn0%3D; laravel_session=eyJpdiI6IlFuV0U0S3AwYTJyeGRyRVpySXJ1TWc9PSIsInZhbHVlIjoiNEdsR1pNRnhMTlVHZVpxd0pnMnlIRUlvN2JoK20yMUs1ZmpaVDlWbEpBTzJNUWQ4ckdPUWRCODgyMEx2aVdrciIsIm1hYyI6IjJhOTdlOGY3ZjI1ZTMyZTQ4NGEwMWNmN2Y4NDliNTRhODlhMDRlYTg5M2E3MjVlMDgwMzQ4MzRhODllNThjMTQifQ%3D%3D; __cf_bm=7i6SBDn8bln1rVYJr63TAXqVL42sZWJZCSqiLgZSnM8-1634785123-0-ATtNytbs3S+fBc61+AEI4FArQYsCsZ0Kui7UrALrDT3/xd32ZHE/3DlBt4a81d4lDjw2axzA06lqGrDkC+NTQn0=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: secreto.site
referer: https://secreto.site/es/22703391
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/es/22703391
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 02:58:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10264651
cf-polished: origSize=9864
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 24 Jun 2021 07:37:24 GMT
server: cloudflare
etag: W/"60d43634-2688"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1shxDYmD3x7a3dIfF%2FYUOzBv2%2BrLi8OB%2F5i4JhyuhXZPi81i6ocPbRq%2BYYEwcGw4r%2FgQNmeGqJf4zyz%2FUg9rom1Sq32kFPXr4Gbim7GBQVhOALTKxFFQsSf%2BaxkKZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6a1739d008903b8b-CDG
expires: Fri, 24 Jun 2022 07:37:27 GMT

GET
H2 200 grids-responsive-min.css
unpkg.com/purecss@1.0.0/build/ 8 KB
2 KB 45ms
15ms Stylesheet
text/css 104.16.122.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/purecss@1.0.0/build/grids-responsive-min.css

Requested by

Host: secreto.site
URL: https://secreto.site/es/22703391

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.122.175 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62a9e74bf710eef13b81f56375fc7e24c8b91050fa9ba66a75e9a3f35aece8f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 02:58:43 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15648764
fly-request-id: 01F3Y0R7DW4098GJX1J09EYFXR
content-encoding: br
vary: Accept-Encoding
last-modified: Mon, 05 Jun 2017 15:02:40 GMT
server: cloudflare
etag: W/"1f60-O8+cDat7roGX29PcEKHeg9pY6j8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a1739d02f3a2175-DUS

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 66ms
25ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: secreto.site
URL: https://secreto.site/es/22703391

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

6ba0aad7b1ee7006567a440557f23f9c799169ece79900aee6f3172b159a1fdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 02:58:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1020 / 394 of 1000 / last-modified: 1634767563"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27173
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Oct 2021 02:58:43 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 59ms
8ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: secreto.site
URL: https://secreto.site/es/22703391

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Thu, 21 Oct 2021 02:58:43 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H3 200 noimage.png
secreto.site/images/ 764 B
1 KB 28ms
27ms Image
image/png 104.21.70.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secreto.site/images/noimage.png
Requested by: Host: secreto.site
URL: https://secreto.site/es/22703391
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.70.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff7fe2390a8bfeb629fd6cb6e85c25aa3ff4e2951cecef9368eb0f0bbb80077c

Request headers

:path: /images/noimage.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IjRuWkl0aXRKanY2R3NzMDhZQVwvSmxRPT0iLCJ2YWx1ZSI6Ink1alRGeUdqZlJ1UlhWQTB0YnFsc1MwemlhZGhTS1M1SXMrdjkraU5rKytSajNrRGNuTHZaWStOcTgyWlowWVUiLCJtYWMiOiJiMGRhZmEwM2YwZjgzYTgyMWZkOWI2YjY2MDE2Y2VkNzcxNzgzNTBhNDZmYjA1NDI3ZGU5ZTIzZTA0YjA5NmNjIn0%3D; laravel_session=eyJpdiI6IlFuV0U0S3AwYTJyeGRyRVpySXJ1TWc9PSIsInZhbHVlIjoiNEdsR1pNRnhMTlVHZVpxd0pnMnlIRUlvN2JoK20yMUs1ZmpaVDlWbEpBTzJNUWQ4ckdPUWRCODgyMEx2aVdrciIsIm1hYyI6IjJhOTdlOGY3ZjI1ZTMyZTQ4NGEwMWNmN2Y4NDliNTRhODlhMDRlYTg5M2E3MjVlMDgwMzQ4MzRhODllNThjMTQifQ%3D%3D; __cf_bm=7i6SBDn8bln1rVYJr63TAXqVL42sZWJZCSqiLgZSnM8-1634785123-0-ATtNytbs3S+fBc61+AEI4FArQYsCsZ0Kui7UrALrDT3/xd32ZHE/3DlBt4a81d4lDjw2axzA06lqGrDkC+NTQn0=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: secreto.site
referer: https://secreto.site/es/22703391
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/es/22703391
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 02:58:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8105966
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 764
last-modified: Wed, 09 May 2018 18:07:42 GMT
server: cloudflare
etag: "5af338ee-2fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9mzDUUDCWj%2FNu%2FSRASw67CmpP9Qkg3IONcmKxkJ4fV1MrMhsq9tqWjgOSjHZHwWDB2yaeWSOeWKUFX4c0LUtMw%2Fe0HF7JmdRoO4RPLsmhuvZxE4j0hTWyMjTrV2kHm0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a1739d05aaa4049-CDG
expires: Sun, 05 Jun 2022 06:17:13 GMT

GET
H2 200 zepto.min.js Show response
cdnjs.cloudflare.com/ajax/libs/zepto/1.2.0/ 26 KB
9 KB 37ms
14ms Script
application/javascript 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/zepto/1.2.0/zepto.min.js

Requested by

Host: secreto.site
URL: https://secreto.site/es/22703391

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

beb9f5e32ed61fbce010497242a9b6b8219242b5ffc636038e7891510c773725

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 02:58:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2361963
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8798
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:18:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04043-6712"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6rWrGZJA1hHlJExApyX1mDo3lVfJL40epqpYoaGYj4u4IriHxZgGnsB5LwhKH7cSYnY47KjLJdbA%2FG36852IBMXpSSNwzbBK8Zjgqo340qSN7Jyrlv6k%2Fmt0THljyiyKrSTCu1Em"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a1739d0699b2157-DUS
expires: Tue, 11 Oct 2022 02:58:43 GMT

GET
H3 200 gaevent.js Show response
secreto.site/js/ 420 B
853 B 31ms
31ms Script
application/javascript 104.21.70.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secreto.site/js/gaevent.js?b=100
Requested by: Host: secreto.site
URL: https://secreto.site/es/22703391
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.70.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b72646bdbb7fdcfe39f53ed698aa66e7e0444368b8f47a37e517c3571642df

Request headers

:path: /js/gaevent.js?b=100
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IjRuWkl0aXRKanY2R3NzMDhZQVwvSmxRPT0iLCJ2YWx1ZSI6Ink1alRGeUdqZlJ1UlhWQTB0YnFsc1MwemlhZGhTS1M1SXMrdjkraU5rKytSajNrRGNuTHZaWStOcTgyWlowWVUiLCJtYWMiOiJiMGRhZmEwM2YwZjgzYTgyMWZkOWI2YjY2MDE2Y2VkNzcxNzgzNTBhNDZmYjA1NDI3ZGU5ZTIzZTA0YjA5NmNjIn0%3D; laravel_session=eyJpdiI6IlFuV0U0S3AwYTJyeGRyRVpySXJ1TWc9PSIsInZhbHVlIjoiNEdsR1pNRnhMTlVHZVpxd0pnMnlIRUlvN2JoK20yMUs1ZmpaVDlWbEpBTzJNUWQ4ckdPUWRCODgyMEx2aVdrciIsIm1hYyI6IjJhOTdlOGY3ZjI1ZTMyZTQ4NGEwMWNmN2Y4NDliNTRhODlhMDRlYTg5M2E3MjVlMDgwMzQ4MzRhODllNThjMTQifQ%3D%3D; __cf_bm=7i6SBDn8bln1rVYJr63TAXqVL42sZWJZCSqiLgZSnM8-1634785123-0-ATtNytbs3S+fBc61+AEI4FArQYsCsZ0Kui7UrALrDT3/xd32ZHE/3DlBt4a81d4lDjw2axzA06lqGrDkC+NTQn0=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: secreto.site
referer: https://secreto.site/es/22703391
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/es/22703391
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 02:58:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3154
cf-polished: origSize=737
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 06 Apr 2019 16:28:52 GMT
server: cloudflare
etag: W/"5ca8d3c4-2e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9giUOz8Yl0jZbDuAMhfynqgFHGMKGLHudJ5OoNci05gbILvZUjmokPcTnpEB1Vcds536du%2F7FI%2FNEOrvDt3WGZP4yZYkZKL9p2lCHswfNmoqftNCr9YGHKojId%2Fbzo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6a1739d05aa44049-CDG
cf-bgj: minify

GET
H2 200 SferLijT3vP2ue776.js Show response
static.cleverpush.com/channel/loader/ 164 KB
42 KB 96ms
42ms Script
application/javascript 104.26.14.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/channel/loader/SferLijT3vP2ue776.js
Requested by: Host: secreto.site
URL: https://secreto.site/es/22703391
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.14.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fc58adbbf6f0b5bab361dfb90ef3a921a2f995023263a015c6c5d938f58bb48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 02:58:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6818
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: XK1DMWX2G2F92RSN
x-amz-id-2: 2DQ/c1xjL6tcroLbXG4sRnn5WN9AbI7qoiywESamlvXBHvzk+KbRg2INYAfwfLCNC76CApwW3Ik=
last-modified: Thu, 21 Oct 2021 00:45:56 GMT
server: cloudflare
etag: W/"21fe7dc5d096896fb0cbef3b7ef5a586"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kXk2497zCs%2BSeEtO%2By2ZDWFOsizIhJ8HMcVVOyT58Ux24FyeStYrfZNOZxu28%2F1Y%2FYdeOjcMZXoSZN8mVFTpzQeFkc79c4cPB7I%2BY3tPf7Lu7PYkcLZMss52QxsDB99bQKbpgCqyeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=21600
cf-ray: 6a1739d0bef16b48-AMS

GET
H3 200 script.js Show response
secreto.site/js/ 21 KB
7 KB 37ms
36ms Script
application/javascript 104.21.70.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secreto.site/js/script.js?b=3
Requested by: Host: secreto.site
URL: https://secreto.site/es/22703391
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.70.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95a58adda779abb3362b4ee324df0e96f082839b716f4b8f88e1a0afd70dd4a7

Request headers

:path: /js/script.js?b=3
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IjRuWkl0aXRKanY2R3NzMDhZQVwvSmxRPT0iLCJ2YWx1ZSI6Ink1alRGeUdqZlJ1UlhWQTB0YnFsc1MwemlhZGhTS1M1SXMrdjkraU5rKytSajNrRGNuTHZaWStOcTgyWlowWVUiLCJtYWMiOiJiMGRhZmEwM2YwZjgzYTgyMWZkOWI2YjY2MDE2Y2VkNzcxNzgzNTBhNDZmYjA1NDI3ZGU5ZTIzZTA0YjA5NmNjIn0%3D; laravel_session=eyJpdiI6IlFuV0U0S3AwYTJyeGRyRVpySXJ1TWc9PSIsInZhbHVlIjoiNEdsR1pNRnhMTlVHZVpxd0pnMnlIRUlvN2JoK20yMUs1ZmpaVDlWbEpBTzJNUWQ4ckdPUWRCODgyMEx2aVdrciIsIm1hYyI6IjJhOTdlOGY3ZjI1ZTMyZTQ4NGEwMWNmN2Y4NDliNTRhODlhMDRlYTg5M2E3MjVlMDgwMzQ4MzRhODllNThjMTQifQ%3D%3D; __cf_bm=7i6SBDn8bln1rVYJr63TAXqVL42sZWJZCSqiLgZSnM8-1634785123-0-ATtNytbs3S+fBc61+AEI4FArQYsCsZ0Kui7UrALrDT3/xd32ZHE/3DlBt4a81d4lDjw2axzA06lqGrDkC+NTQn0=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: secreto.site
referer: https://secreto.site/es/22703391
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/es/22703391
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 02:58:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3090
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 05 Oct 2021 05:35:18 GMT
server: cloudflare
etag: W/"615be416-5324"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hvkjPdNzi6MmmCndQVeRbeq12idSXJW7rXIgK1Q%2BfCu4uljoxRRYh8ntnRwRvcM4fj4IIIrSmEgfsNVG6EsWzxuHk%2B8FkUWUjEslmivNnJmkLd8pflkwr4IRuGH9vSU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6a1739d05aa94049-CDG
cf-bgj: minify

GET
H2 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/ 10 KB
3 KB 35ms
15ms Script
application/javascript 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js

Requested by

Host: secreto.site
URL: https://secreto.site/es/22703391

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 02:58:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2019322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2905
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e29-29a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCreiozxzrEhaT3U6qwHzFZ13UPKNUp9igZCRdToOK62z3Lfj1%2BX5hVeXrndBpfj2GoztnIfTFj45E2TXYJvkgXGipk4guwdmH4FlTaVc2Ng0xEOcRoQhLFPsJQ6Y9dLmIdHSb9o"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a1739d0699c2157-DUS
expires: Tue, 11 Oct 2022 02:58:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 75ms
24ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: secreto.site
URL: https://secreto.site/es/22703391

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 3457
date: Thu, 21 Oct 2021 02:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19887
expires: Thu, 21 Oct 2021 04:01:06 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 37ms
7ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 02:58:43 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=63138
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5854f190a71438e5/ 11 KB
2 KB 27ms
11ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5854f190a71438e5/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 79388a31748000b26190b9cda589086bc9cef44c931e2f7b343f4b4759f9c8a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 02:58:44 GMT
content-encoding: gzip
etag: 1917800516--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=6, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 1442

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 154ms
132ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=6170d76339451ad6&bkl=0&bl=1&pdt=112&sid=6170d76339451ad6&pub=ra-5854f190a71438e5&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=secreto.site&fp=es%2F22703391&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1634785124016&jsl=0&uvs=6170d7631dc27376000&skipb=1&callback=addthis.cbs.jsonp__155027992403561350
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b23c8effd2507c0180c4ae9a6864efac466be364bbea7d1a32e2da04cdf0ba7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 02:58:44 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame AB57 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame C64F 71 KB
26 KB 9ms
9ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secreto.site/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Thu, 21 Oct 2021 02:58:44 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H3 200 pubads_impl_2021101301.js Show response
securepubads.g.doubleclick.net/gpt/ 361 KB
122 KB 49ms
28ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063231

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

266978a0c185ca652129a3cb432e9c95aa61662873aaf8466ee7fc1636bb2c9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 02:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 124656
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 20:34:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Oct 2021 02:58:44 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 136 B
126 B 46ms
23ms XHR
application/json 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=secreto.site

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

5052387a01a2ae30dc13ffc6ac0c73732da8232ea45a16d50b9b1834c1d4b63a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Oct 2021 02:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 101
x-xss-protection: 0
expires: Thu, 21 Oct 2021 02:58:44 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 57ms
28ms XHR
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=711827830&t=pageview&_s=1&dl=https%3A%2F%2Fsecreto.site%2Fes%2F22703391&ul=en-us&de=UTF-8&dt=Compartir%20cr%C3%ADticas%20sobre%20lol%20de%20manera%20an%C3%B3nima&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2080895194&gjid=1672785515&cid=582184735.1634785124&tid=UA-114058698-1&_gid=869706112.1634785124&_r=1&_slc=1&z=230181568

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secreto.site/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 02:58:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secreto.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 8ms
8ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Thu, 21 Oct 2021 02:58:44 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H3 200 5.js Show response
static.cleverpush.com/sdk/chunk/ 26 KB
7 KB 54ms
29ms Script
application/javascript 104.26.14.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/5.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/SferLijT3vP2ue776.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.14.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f85b33be84a3abd2cbd88a554bf5b1eeff6f0938dc132f7e6a10dd41f7f8e8b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 02:58:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1336
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: Y4JF64FC0QB2SZXC
x-amz-id-2: pDCAWlLp0hnmPSq02XBAoQ/XVk9sO2MjAjCUrXFpUopbomQHtGH9tgSME63VO2S6MYxwZOtRmOY=
last-modified: Wed, 20 Oct 2021 14:36:22 GMT
server: cloudflare
etag: W/"0728887c049e96fb2347c671a2d8ea8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wnSl8lxAbF%2BC0ywPIq9IuMOg8YuKepLSkhhPc45rN3i51m5PlKmOYb1vBEkQgaL05Chv3eTkpv4cG%2B53dZJNPjlwP75VWhBHPFcfYIZbL2N8dkP313MnknvOKAlt9VjSi9Cy0wJvzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 6a1739d1e9b04c38-AMS

GET
H3 200 251.js Show response
static.cleverpush.com/sdk/chunk/ 6 KB
3 KB 52ms
28ms Script
application/javascript 104.26.14.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/251.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/SferLijT3vP2ue776.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.14.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14a1cbcdf5312121bc64e7d7b696da1e3322428c9ee7441a5d45aecddd59641f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 02:58:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1337
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 9GVXNZ1MEZQ1H7S4
x-amz-id-2: WCa1GdXin230agx7PT5FTuojx3O5z/QLY6pYxrfa88lHoMfgNQVjR4wLvggMCV/2RYfarOAPXQA=
last-modified: Wed, 20 Oct 2021 14:36:21 GMT
server: cloudflare
etag: W/"1d89b52857bfafbd43a0aaa08e05bcff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Brfw4U65zIMRxO%2BWFfJA6auCSNs5Onr2D95vPThlRnvhe44XsAesCSBJQJz0vkS4MusHuypGnd5YSzCTgNlgK%2FcotAtR434M2vM2CDiUYRpf%2FjkvdYvGNTQGpQxumExOIuru7%2BeIwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 6a1739d1e9af4c38-AMS

GET
H3 200 628.js Show response
static.cleverpush.com/sdk/chunk/ 22 KB
7 KB 64ms
40ms Script
application/javascript 104.26.14.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/628.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/SferLijT3vP2ue776.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.14.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afc4b009a80528c88b4e94e54456ba91bf4fa45a12121379415008e2b1e6331d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 02:58:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1336
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: Y4J3VQBGHK66F4YV
x-amz-id-2: XfY7RFe6XG9Dw/RvQRwbGFzi0++3Yxgnx7zzn2IKWYDt/f4UZtsGzNqpHqCvMaMdeN6A1Z/aP3s=
last-modified: Wed, 20 Oct 2021 14:36:22 GMT
server: cloudflare
etag: W/"109a13fbd154a7a59ade106122d4146a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v6MazjId8mhSfKQV%2F0cc9ygnQqq0UwjOa3rl416AuQvxyCwMZbwFpQC%2FDcN0VYPCWcn3ULYezT1qnCUFC88b5SXaUt6oyTxQZEOUiMfPjUu3wjpDr98KaCQ2Uvwgwkx1T%2BZnoY%2FgvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 6a1739d1e9ab4c38-AMS

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
407 B 73ms
24ms XHR
text/plain 64.233.166.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-114058698-1&cid=582184735.1634785124&jid=2080895194&gjid=1672785515&_gid=869706112.1634785124&_u=IEBAAEAAAAAAAC~&z=1009117255

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.166.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wm-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secreto.site/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 21 Oct 2021 02:58:44 GMT
content-type: text/plain
access-control-allow-origin: https://secreto.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 195.461912c47007775093ae.js Show response
s7.addthis.com/static/ 384 B
538 B 8ms
8ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/195.461912c47007775093ae.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b4fbd6cf87898b005b09546b1c4e82654918b11e5f64ccb8fc32ea0a04e237a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-180"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Thu, 21 Oct 2021 02:58:44 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 298

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 115ms
31ms Script
application/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=secreto.site

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Oct 2021 02:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
520 B 92ms
32ms Script
application/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=secreto.site

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Oct 2021 02:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 126 KB
36 KB 411ms
411ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=752997938679458&correlator=3566563498989219&output=ldjh&impl=fifs&eid=31063231%2C31062525&vrg=2021101301&ptt=17&sc=1&sfv=1-0-38&ecs=20211021&iu_parts=21748487420%2C336x280_all&enc_prev_ius=%2F0%2F1%2C%2F0%2F1&prev_iu_szs=336x280%7C300x250%2C336x280%7C300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1634785124&dt=1634785124169&dlt=1634785123816&idt=332&frm=20&biw=1600&bih=1200&oid=2&adxs=340%2C340&adys=403%2C1011&adks=890319675%2C890319674&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecreto.site%2Fes%2F22703391&vis=1&dmc=8&scr_x=0&scr_y=0&psz=950x400%7C950x400&msz=920x250%7C920x250&ga_vid=582184735.1634785124&ga_sid=1634785124&ga_hid=711827830&ga_fc=true&fws=0%2C0&ohw=0%2C0&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063231

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

413b1fc13605a14dd12ba997357a356c3b4fd4b301dfa4dcb3c2fcb524659e13

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/212950523500822528/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/212950523500822528/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKfb85TB2vMCFY9T4AodosUE2w&gqi=&layout=/sadbundle/%24csp%253Der3%24/212950523500822528/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/212950523500822528/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/212950523500822528/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKfb85TB2vMCFY9T4AodosUE2w&gqi=&layout=/sadbundle/%24csp%253Der3%24/212950523500822528/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1,-1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 36427
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
date: Thu, 21 Oct 2021 02:58:44 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://secreto.site
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e57c6ba014d33751d64f7df3b911d90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C3FB 6 KB
4 KB 105ms
31ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e57c6ba014d33751d64f7df3b911d90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e57c6ba014d33751d64f7df3b911d90a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secreto.site/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 21 Oct 2021 02:58:44 GMT
expires: Fri, 21 Oct 2022 02:58:44 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 iframe Show response
friend20.mycleverpush.com/ Frame BFB8 46 KB
18 KB 77ms
13ms Document
text/html 78.46.198.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friend20.mycleverpush.com/iframe?origin=https%3A%2F%2Fsecreto.site

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/sdk/chunk/251.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

78.46.198.121 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.121.198.46.78.clients.your-server.de

Software

Resource Hash

fa693d6b4e1ed32d3d016bc42fc29e471300b21a5ba5956be6ef21c1b2bc1bdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: friend20.mycleverpush.com
:scheme: https
:path: /iframe?origin=https%3A%2F%2Fsecreto.site
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secreto.site/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/

Response headers

date: Thu, 21 Oct 2021 02:58:44 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: origin, x-requested-with, content-type, accept
cache-control: public, max-age=1800
x-robots-tag: noindex
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: HIT
x-backend-server: cleverpush-worker-15
content-encoding: gzip

GET
H3 200 5.js Show response
static.cleverpush.com/sdk/chunk/ Frame BFB8 26 KB
7 KB 39ms
38ms Script
application/javascript 104.26.14.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/5.js
Requested by: Host: friend20.mycleverpush.com
URL: https://friend20.mycleverpush.com/iframe?origin=https%3A%2F%2Fsecreto.site
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.14.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f85b33be84a3abd2cbd88a554bf5b1eeff6f0938dc132f7e6a10dd41f7f8e8b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friend20.mycleverpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 02:58:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1336
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: Y4JF64FC0QB2SZXC
x-amz-id-2: pDCAWlLp0hnmPSq02XBAoQ/XVk9sO2MjAjCUrXFpUopbomQHtGH9tgSME63VO2S6MYxwZOtRmOY=
last-modified: Wed, 20 Oct 2021 14:36:22 GMT
server: cloudflare
etag: W/"0728887c049e96fb2347c671a2d8ea8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9YyLtbxBDWr0zG2NbgNwlXAKs57fHrkosDEfvNetzRm3wlYuIXcxwfIyFBH2zEdt7oosULDJPZ0hAfD2vMv%2FyxBqoNn87VbeVUwPZOb1W0l3ThgnQPqrje%2BiQrYw8zXKTQZd%2BObftg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 6a1739d2faee4c38-AMS

GET
H3 200 251.js Show response
static.cleverpush.com/sdk/chunk/ Frame BFB8 6 KB
3 KB 40ms
39ms Script
application/javascript 104.26.14.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/251.js
Requested by: Host: friend20.mycleverpush.com
URL: https://friend20.mycleverpush.com/iframe?origin=https%3A%2F%2Fsecreto.site
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.14.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14a1cbcdf5312121bc64e7d7b696da1e3322428c9ee7441a5d45aecddd59641f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friend20.mycleverpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 02:58:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1337
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 9GVXNZ1MEZQ1H7S4
x-amz-id-2: WCa1GdXin230agx7PT5FTuojx3O5z/QLY6pYxrfa88lHoMfgNQVjR4wLvggMCV/2RYfarOAPXQA=
last-modified: Wed, 20 Oct 2021 14:36:21 GMT
server: cloudflare
etag: W/"1d89b52857bfafbd43a0aaa08e05bcff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1EMnWBvI5Rw2xEJKwduf%2Fxc0QdbjRzUzp3fjmrvy2wQMGslVr8L7iBtVzobdP5SLJOg%2Fc5P%2BXio%2F%2F3uj2wYMTx1NODvrQDf7owhrM%2By6wa7yFht09rvPvG6VtONFJHHrpXfU59mXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 6a1739d2faf04c38-AMS

GET
H3 200 778.js Show response
static.cleverpush.com/sdk/chunk/ Frame BFB8 16 KB
5 KB 41ms
40ms Script
application/javascript 104.26.14.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/778.js
Requested by: Host: friend20.mycleverpush.com
URL: https://friend20.mycleverpush.com/iframe?origin=https%3A%2F%2Fsecreto.site
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.14.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a290da6b2d099094539c60faa9f92c43744899218fa4b52bbae084bb6ede04a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friend20.mycleverpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 02:58:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1336
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: Y4J8XBGTTPTPY30T
x-amz-id-2: nvq7wIhOXr5k/hqWy0h8ir10afqIgVXDX9Wva1aVVMkRKOT2P8M2r3I6HB8yVunklAU7jm9d0nM=
last-modified: Wed, 20 Oct 2021 14:36:22 GMT
server: cloudflare
etag: W/"5fc912fc6af83c8935d21ea7adf5f58d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=korZEhu92vcXEzrF9Wp%2BnGm%2BfEW1nXrNjGfl8KYk9JmLBcrAYUD%2FT7ZcK7GYWnAJHaGFSpFzzmgISeTZzGEEILqrw1BzHtUOHvjWoQIOnAfoL6CiGjdDfU07oCdLnIWCMWXlWbiHJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 6a1739d2faf14c38-AMS

GET
H3 200 970.js Show response
static.cleverpush.com/sdk/chunk/ 46 KB
10 KB 29ms
29ms Script
application/javascript 104.26.14.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/970.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/SferLijT3vP2ue776.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.14.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1103cf4de272954ebd8bb6de9557fa3ecb8ef48a10ea870ffcd4790c49adbfe8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 02:58:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1336
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: Y4JB340D8RBE3GG8
x-amz-id-2: ly7mE1o0FOsKat/EXy9BkA0JiS5G96q8MXKcIC+PvRU57o18uV/BZpOGLs/R18Zot3uCIzpLpDo=
last-modified: Wed, 20 Oct 2021 14:36:22 GMT
server: cloudflare
etag: W/"a03e2c7b746db35b2750f142b0c74aa3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nh4VR5KOP6GDZRx6m2JtbU8DAgrd1Qa3RZtpe%2F4j9zJEG4CJwHCbe2VDB3D0MRRV2F4nswwJKz1sk1Dr%2BaU%2FidYVNBvHrIn118ZhWdtXmKkQJF8BQ93SBcKBz2fCInhYolVrdE%2Bjrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 6a1739d33b404c38-AMS

GET
H3 200 720.js Show response
static.cleverpush.com/sdk/chunk/ 52 KB
13 KB 28ms
27ms Script
application/javascript 104.26.14.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/720.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/SferLijT3vP2ue776.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.14.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aef29f29cb253667363bff4b2ccd6d3d4010731fb3a2464d4601464276485ac1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 02:58:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1336
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: Y4J22AFXCVZ4Q6HF
x-amz-id-2: GiQD/kkx5xtTewM/zzuX26oOm58qsUUeX76VjV1prumIKDcL/CjETZMt2kNFR12y1OJ0UbacwGs=
last-modified: Wed, 20 Oct 2021 14:36:22 GMT
server: cloudflare
etag: W/"2acf4232a1243918d28b53d80d31ee79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZO1wvB08lxrFPr%2BrKKw9GJPwP2bst6dqo2OVzkPprfwRy9LBz8AtL5akLddZ%2FKJSxmzsy4ozlkdquApXkCDvVqb6vEt6NtvQ8jmz%2FiFhZJNRLmq3mbQGF%2B5LMPcejgVzXYrz1ps6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 6a1739d33b414c38-AMS

GET container.html
e57c6ba014d33751d64f7df3b911d90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7C38 0
0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012110042008000/ 190 KB
55 KB 94ms
16ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

sffe /

Resource Hash

be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35374
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55667
x-xss-protection: 0
server: sffe
date: Wed, 20 Oct 2021 17:09:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11904075b70ba1a0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Oct 2022 17:09:10 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ 13 KB
5 KB 120ms
42ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

sffe /

Resource Hash

ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35374
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4996
x-xss-protection: 0
server: sffe
date: Wed, 20 Oct 2021 17:09:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "01e91d40c144b6bf"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Oct 2022 17:09:10 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ 89 KB
28 KB 121ms
44ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

sffe /

Resource Hash

77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 11732
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28494
x-xss-protection: 0
server: sffe
date: Wed, 20 Oct 2021 23:43:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a5e24beaf7c9a504"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Oct 2022 23:43:12 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ 4 KB
2 KB 128ms
50ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

sffe /

Resource Hash

b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35374
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1635
x-xss-protection: 0
server: sffe
date: Wed, 20 Oct 2021 17:09:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dff2522b082c9ee5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Oct 2022 17:09:10 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ 40 KB
13 KB 128ms
51ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

sffe /

Resource Hash

06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35374
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12816
x-xss-protection: 0
server: sffe
date: Wed, 20 Oct 2021 17:09:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6a05f1a8ea5ea134"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Oct 2022 17:09:10 GMT

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a26b9b11a1eaa36af8f7e278057b264cf7a87508cdc10a552c4bee53643329b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 15635734262238080168
tpc.googlesyndication.com/simgad/ 20 KB
20 KB 53ms
17ms Image
image/gif 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15635734262238080168

Requested by

Host: secreto.site
URL: https://secreto.site/es/22703391

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f1.1e100.net

Software

sffe /

Resource Hash

709bc6949a5ad56635665657424edc431d692cf79cc2aed81e98431089dbc718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 22:02:08 GMT
x-content-type-options: nosniff
age: 449796
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 20106
x-xss-protection: 0
last-modified: Tue, 30 Sep 2014 20:07:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 15 Oct 2022 22:02:08 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ 2 KB
3 KB 52ms
16ms Image
image/png 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: secreto.site
URL: https://secreto.site/es/22703391

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f1.1e100.net

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 13:18:13 GMT
x-content-type-options: nosniff
server: cafe
age: 49231
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 21 Oct 2021 13:18:13 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ 295 B
399 B 52ms
16ms Image
image/png 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: secreto.site
URL: https://secreto.site/es/22703391

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f1.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 20:55:41 GMT
x-content-type-options: nosniff
server: cafe
age: 21783
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Thu, 21 Oct 2021 20:55:41 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ 0
0 26ms
26ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CbkDYZNdwYaiZDY-ngQeii5PYDcHI9elkvKGbhNEBi97InNclEAEguoTAM2CV4pCCoAegAfzI4NIDyAEDqQLQGflUJASFPuACAKgDAcgDCKoE3AFP0EHttYZKNiS2XhytwqcgJ6VmRdzp7_egJmkBq6TIRW_sSacle4sG9mwSNDkCI_k3AfqvFceBKDkkz1ff5eeTY1RM6ITJqD5Z5cMyn-U5e3iKulN1beB629_JpLBRYpIvzSCiO_sQ7Ixbx1xiy5gQpsfw6qn2fir_uBKPFHp_k-JBqmxQRcQ3VvAZxwaZDL3lS4Gc0gubtkXr6hw1MXvIEIebmSRIcITmYLbCMRMQqMSbwSxO1rZKUMfeDBnRWOnfPgL8FxqaJrhGtHjRGxQW8wd-RE2UXWLAROB0wAS00bGmQ-AEAaAGA4AH7LafLagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwQQpoAH0ggJCIjhgHAQARgd8ggbYWR4LXN1YnN5bi01ODAyODk0MDQ0Njc1MDMwgAoDyAsB2BMD0BUBmBYBgBcBshceChwIABIUcHViLTg5MzMzMjk5OTkzOTExMDQY2I5u&sigh=k-PJaqrfT84&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: secreto.site
URL: https://secreto.site/es/22703391
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s45-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 62ms
26ms XHR
application/json 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

3e394064c1d60e1b161626cbcb282fb29da8c186d0a2f9840cfd41d24392ffaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Oct 2021 02:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8582
x-xss-protection: 0

GET sodar2.js
tpc.googlesyndication.com/sodar/ 0
0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

42ms
41ms

Image
text/html

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: secreto.site
URL: https://secreto.site/es/22703391
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s45-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

date: Thu, 21 Oct 2021 02:58:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ 0
0 25ms
24ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9-t5ZNdwYaiZDY-ngQeii5PYDcHI9elkvKGbhNEBi97InNclEAEguoTAM2CV4pCCoAegAfzI4NIDyAEDqQLQGflUJASFPuACAKgDAaoE3AFP0EHttYZKNiS2XhytwqcgJ6VmRdzp7_egJmkBq6TIRW_sSacle4sG9mwSNDkCI_k3AfqvFceBKDkkz1ff5eeTY1RM6ITJqD5Z5cMyn-U5e3iKulN1beB629_JpLBRYpIvzSCiO_sQ7Ixbx1xiy5gQpsfw6qn2fir_uBKPFHp_k-JBqmxQRcQ3VvAZxwaZDL3lS4Gc0gubtkXr6hw1MXvIEIebmSRIcITmYLbCMRMQqMSbwSxO1rZKUMfeDBnRWOnfPgL8FxqaJrhGtHjRGxQW8wd-RE2UXWLAROB0wAS00bGmQ-AEAaAGA4AH7LafLagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwQQpoAH0ggJCIjhgHAQARgd8ggbYWR4LXN1YnN5bi01ODAyODk0MDQ0Njc1MDMwgAoDyAsB2BMD0BUBmBYBgBcBshceChwIABIUcHViLTg5MzMzMjk5OTkzOTExMDQY2I5u&sigh=nAjO6r62xyQ&vt=1&uach_m=[]
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s45-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ 42 B
64 B 58ms
36ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuiD6tbKHFMDZz8YLF1HIKuhieo0VN8axQSEk8ypKs3nka9b6U4XWb3xYWESs8_4fC_0LLjyKhJaDhkcdDQPPoX3uaPEEmYa1SA7Ym6c_uBkc0WQGuXpkcsYmDg4SNIjPcPiquY_ZCfehQ&sai=AMfl-YQvj-xzHOW3IHFIsZ5ou6Qk7ROoo1619IAWZEM9eMGc7b1KdtK6Kb3_GC-DUeKgDvoKS40UbdiIRkumjNmibcsW-TbHk80tmLabZE8XdUl__uWD6Wv6zP7ZKMRHRGc&sig=Cg0ArKJSzHT5nzNVjBopEAE&cid=CAASPeRokY4ukFXu_uxhj1rVGfJazMEA-hN8nFSD8HSKKHifFP1LdcExei171oQJFjjDLV2eBDRLFvM6A0L2c7o&id=ampim&o=0,0&d=1600,1200&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=43&tls=1043&g=100&h=100&tt=1043&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=890319674

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secreto.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 02:58:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: e57c6ba014d33751d64f7df3b911d90a.safeframe.googlesyndication.com
URL: https://e57c6ba014d33751d64f7df3b911d90a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
secreto.site/	1970-01-19 22:06:32	Name: XSRF-TOKEN Value: eyJpdiI6IjRuWkl0aXRKanY2R3NzMDhZQVwvSmxRPT0iLCJ2YWx1ZSI6Ink1alRGeUdqZlJ1UlhWQTB0YnFsc1MwemlhZGhTS1M1SXMrdjkraU5rKytSajNrRGNuTHZaWStOcTgyWlowWVUiLCJtYWMiOiJiMGRhZmEwM2YwZjgzYTgyMWZkOWI2YjY2MDE2Y2VkNzcxNzgzNTBhNDZmYjA1NDI3ZGU5ZTIzZTA0YjA5NmNjIn0%3D
secreto.site/	1970-01-19 22:06:32	Name: laravel_session Value: eyJpdiI6IlFuV0U0S3AwYTJyeGRyRVpySXJ1TWc9PSIsInZhbHVlIjoiNEdsR1pNRnhMTlVHZVpxd0pnMnlIRUlvN2JoK20yMUs1ZmpaVDlWbEpBTzJNUWQ4ckdPUWRCODgyMEx2aVdrciIsIm1hYyI6IjJhOTdlOGY3ZjI1ZTMyZTQ4NGEwMWNmN2Y4NDliNTRhODlhMDRlYTg5M2E3MjVlMDgwMzQ4MzRhODllNThjMTQifQ%3D%3D
.secreto.site/	1970-01-19 22:06:26	Name: __cf_bm Value: 7i6SBDn8bln1rVYJr63TAXqVL42sZWJZCSqiLgZSnM8-1634785123-0-ATtNytbs3S+fBc61+AEI4FArQYsCsZ0Kui7UrALrDT3/xd32ZHE/3DlBt4a81d4lDjw2axzA06lqGrDkC+NTQn0=
secreto.site/	1969-12-31 23:59:59	Name: language Value: es
secreto.site/	1969-12-31 23:59:59	Name: visited Value: 1
secreto.site/	1970-01-20 07:36:39	Name: __atuvc Value: 1%7C42
secreto.site/	1970-01-19 22:06:26	Name: __atuvs Value: 6170d7631dc27376000
.secreto.site/	1970-01-20 15:37:37	Name: _ga Value: GA1.2.582184735.1634785124
.secreto.site/	1970-01-19 22:07:51	Name: _gid Value: GA1.2.869706112.1634785124
.secreto.site/	1970-01-19 22:06:25	Name: _gat Value: 1
.addthis.com/	1970-01-20 07:36:39	Name: uvc Value: 1%7C42
.addthis.com/	1970-01-20 07:36:39	Name: loc Value: MDAwMDBFVURFUlAyMzAzMTg3NjAwMzAwMDBDSA==
.secreto.site/	1970-01-20 07:28:01	Name: __gads Value: ID=2c19d9e94e23c4d0-228bd676fcca005d:T=1634785124:S=ALNI_Ma2kEgsJGVskVg9MiMzIOoRuHPj7g
.doubleclick.net/	1970-01-20 07:28:01	Name: IDE Value: AHWqTUnEQ74ThAw1hW7xfoD-Ij-uJHGSmT-e0cCi10-vLOWG_xIbTcXXtJxTws5fjLc
.doubleclick.net/	1970-01-19 22:06:28	Name: DSID Value: NO_DATA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063231(Line 5) Message: Refused to load the script 'https://tpc.googlesyndication.com/sodar/sodar2.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
other	warning	URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.ampproject.org
cdnjs.cloudflare.com
e57c6ba014d33751d64f7df3b911d90a.safeframe.googlesyndication.com
friend20.mycleverpush.com
googleads.g.doubleclick.net
m.addthis.com
pagead2.googlesyndication.com
s7.addthis.com
secreto.site
securepubads.g.doubleclick.net
static.cleverpush.com
stats.g.doubleclick.net
tpc.googlesyndication.com
unpkg.com
v1.addthisedge.com
www.google-analytics.com
www.google.com
z.moatads.com
e57c6ba014d33751d64f7df3b911d90a.safeframe.googlesyndication.com
s7.addthis.com
tpc.googlesyndication.com
104.16.122.175
104.16.18.94
104.21.70.131
104.26.14.31
104.75.88.126
142.250.184.196
142.250.185.130
142.250.186.110
142.250.186.34
142.250.186.97
172.217.16.129
172.217.16.130
172.217.23.97
172.217.23.98
2.18.235.40
64.233.166.154
78.46.198.121
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
1103cf4de272954ebd8bb6de9557fa3ecb8ef48a10ea870ffcd4790c49adbfe8
14a1cbcdf5312121bc64e7d7b696da1e3322428c9ee7441a5d45aecddd59641f
1a26b9b11a1eaa36af8f7e278057b264cf7a87508cdc10a552c4bee53643329b
266978a0c185ca652129a3cb432e9c95aa61662873aaf8466ee7fc1636bb2c9f
2c0f9f3d3423cee250e1f640c9153a60cdf130d9f7d5ee8ab50c1a5ba4318aa7
2fc58adbbf6f0b5bab361dfb90ef3a921a2f995023263a015c6c5d938f58bb48
3435a0ca220029c92376530494d937451681a722a3c5b4932f7375df597d6e00
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3e394064c1d60e1b161626cbcb282fb29da8c186d0a2f9840cfd41d24392ffaa
413b1fc13605a14dd12ba997357a356c3b4fd4b301dfa4dcb3c2fcb524659e13
5052387a01a2ae30dc13ffc6ac0c73732da8232ea45a16d50b9b1834c1d4b63a
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
62a9e74bf710eef13b81f56375fc7e24c8b91050fa9ba66a75e9a3f35aece8f5
6a290da6b2d099094539c60faa9f92c43744899218fa4b52bbae084bb6ede04a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ba0aad7b1ee7006567a440557f23f9c799169ece79900aee6f3172b159a1fdb
709bc6949a5ad56635665657424edc431d692cf79cc2aed81e98431089dbc718
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
79388a31748000b26190b9cda589086bc9cef44c931e2f7b343f4b4759f9c8a6
7b4fbd6cf87898b005b09546b1c4e82654918b11e5f64ccb8fc32ea0a04e237a
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8e17c8c4033c054473783621c0e62cf99fb8f8b6f0d19e950ecce35b6b35a2fa
95a58adda779abb3362b4ee324df0e96f082839b716f4b8f88e1a0afd70dd4a7
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef29f29cb253667363bff4b2ccd6d3d4010731fb3a2464d4601464276485ac1
afc4b009a80528c88b4e94e54456ba91bf4fa45a12121379415008e2b1e6331d
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
b23c8effd2507c0180c4ae9a6864efac466be364bbea7d1a32e2da04cdf0ba7b
b9b72646bdbb7fdcfe39f53ed698aa66e7e0444368b8f47a37e517c3571642df
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
beb9f5e32ed61fbce010497242a9b6b8219242b5ffc636038e7891510c773725
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f85b33be84a3abd2cbd88a554bf5b1eeff6f0938dc132f7e6a10dd41f7f8e8b7
fa693d6b4e1ed32d3d016bc42fc29e471300b21a5ba5956be6ef21c1b2bc1bdc
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
ff7fe2390a8bfeb629fd6cb6e85c25aa3ff4e2951cecef9368eb0f0bbb80077c

secreto.site Open in urlscan Pro 104.21.70.131 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

52 Requests

94 %HTTPS

0 %IPv6

14 Domains

20 Subdomains

17 IPs

4 Countries

719 kBTransfer

2226 kBSize

15 Cookies

2 Outgoing links

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secreto.site Open in urlscan Pro
104.21.70.131 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

94 %
HTTPS

0 %
IPv6

14
Domains

20
Subdomains

17
IPs

4
Countries

719 kB
Transfer

2226 kB
Size

15
Cookies

52 HTTP transactions
1 data transactions