fr.buddysecret.com Open in urlscan Pro
2606:4700:3035::6815:5702 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fr.buddysecret.com/s/sync-quiz/GoUX
Submission: On April 21 via api (April 21st 2023, 6:13:12 pm UTC) from CZ — Scanned from DE

Summary HTTP 151 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 42 IPs in 5 countries across 29 domains to perform 151 HTTP transactions. The main IP is 2606:4700:3035::6815:5702, located in United States and belongs to CLOUDFLARENET, US. The main domain is fr.buddysecret.com.
TLS certificate: Issued by GTS CA 1P5 on April 15th 2023. Valid for: 3 months.

This is the only time fr.buddysecret.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
45	2606:4700:303... 2606:4700:3035::6815:5702	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:e4:... 2606:4700:e4::ac40:a602	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:50c0:800... 2606:50c0:8001::153	54113 (FASTLY) (FASTLY)
3	65.9.90.93 65.9.90.93	16509 (AMAZON-02) (AMAZON-02)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	65.9.99.209 65.9.99.209	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
6	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
2	2606:4700:e4:... 2606:4700:e4::ac40:a702	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700:20:... 2606:4700:20::ac43:4686	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:246e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.168.115.78 35.168.115.78	14618 (AMAZON-AES) (AMAZON-AES)
1	5.161.35.131 5.161.35.131	213230 (HETZNER-C...) (HETZNER-CLOUD2-AS)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:212... 2600:9000:2127:f800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::6816:445	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
2	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
2	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.22.69.131 104.22.69.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	185.86.138.124 185.86.138.124	() ()
151	42

45 2606:4700:3035::6815:5702 (United States)

ASN13335 (CLOUDFLARENET, US)

fr.buddysecret.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e4::ac40:a602 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

img.holaquiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8001::153 (United States)

ASN54113 (FASTLY, US)

superal.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.90.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-90-93.prg50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

p2e9r4n9.stackpathcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.99.209 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-99-209.prg50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e4::ac40:a702 (United States)

ASN13335 (CLOUDFLARENET, US)

basher.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

04958da7d73d3e9367b55474a062b31e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4686 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.168.115.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-115-78.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.161.35.131 (United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.131.35.161.5.clients.your-server.de

pfx.api.botman.ninja	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:f800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)

prebid.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.138.124 (None, )

ASN- ()

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	buddysecret.com fr.buddysecret.com	379 KB
14	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 stats.g.doubleclick.net — Cisco Umbrella Rank: 166 ad.doubleclick.net — Cisco Umbrella Rank: 201	158 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 04958da7d73d3e9367b55474a062b31e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 177	249 KB
11	google.com adservice.google.com — Cisco Umbrella Rank: 130 region1.analytics.google.com — Cisco Umbrella Rank: 2930 www.google.com — Cisco Umbrella Rank: 16	3 KB
9	google.de adservice.google.de — Cisco Umbrella Rank: 5261 www.google.de — Cisco Umbrella Rank: 3425	2 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91 region1.google-analytics.com — Cisco Umbrella Rank: 1718	21 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	365 KB
4	btloader.com 1 redirects btloader.com — Cisco Umbrella Rank: 1542 api.btloader.com — Cisco Umbrella Rank: 1745	45 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 361 aax.amazon-adsystem.com — Cisco Umbrella Rank: 455	61 KB
4	ezodn.com go.ezodn.com — Cisco Umbrella Rank: 12820 g.ezodn.com — Cisco Umbrella Rank: 15904 basher.ezodn.com — Cisco Umbrella Rank: 13245	196 KB
3	smartadserver.com prg.smartadserver.com	2 KB
3	smilewanted.com prebid.smilewanted.com — Cisco Umbrella Rank: 7054	382 B
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 4186 a.ad.gt — Cisco Umbrella Rank: 4166	4 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2474	24 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1707	1 KB
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 1019	450 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1319 id5-sync.com — Cisco Umbrella Rank: 612	18 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1478 pixel.quantserve.com — Cisco Umbrella Rank: 1327	9 KB
2	holaquiz.com img.holaquiz.com — Cisco Umbrella Rank: 616107	448 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	2 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1132	609 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1293	405 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1291	633 B
1	botman.ninja pfx.api.botman.ninja — Cisco Umbrella Rank: 175270	479 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 3273	10 KB
1	gstatic.com fonts.gstatic.com	31 KB
1	stackpathcdn.com p2e9r4n9.stackpathcdn.com — Cisco Umbrella Rank: 100671	6 KB
1	github.io superal.github.io — Cisco Umbrella Rank: 532427	3 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 344	11 KB
151	29

	Domain	Requested by
45	fr.buddysecret.com	fr.buddysecret.com
8	pagead2.googlesyndication.com	fr.buddysecret.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
8	securepubads.g.doubleclick.net	fr.buddysecret.com securepubads.g.doubleclick.net
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
6	www.googletagmanager.com	fr.buddysecret.com www.googletagmanager.com
5	adservice.google.com	securepubads.g.doubleclick.net
5	adservice.google.de	securepubads.g.doubleclick.net
4	www.google.com	fr.buddysecret.com tpc.googlesyndication.com
4	www.google.de	fr.buddysecret.com
4	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	prg.smartadserver.com	go.ezodn.com
3	prebid.smilewanted.com	go.ezodn.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	c.amazon-adsystem.com	fr.buddysecret.com c.amazon-adsystem.com
2	script.4dex.io	go.ezodn.com script.4dex.io
2	api.btloader.com	btloader.com
2	ad-delivery.net	fr.buddysecret.com
2	region1.analytics.google.com	www.googletagmanager.com
2	id.hadron.ad.gt	cdn.hadronid.net
2	region1.google-analytics.com	www.googletagmanager.com
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	c.amazon-adsystem.com
2	btloader.com	1 redirects fr.buddysecret.com
2	basher.ezodn.com	fr.buddysecret.com
2	img.holaquiz.com	fr.buddysecret.com
2	fonts.googleapis.com	fr.buddysecret.com
1	a.ad.gt	cdn.hadronid.net
1	pixel.quantserve.com	fr.buddysecret.com
1	ad.doubleclick.net	fr.buddysecret.com
1	id5-sync.com	cdn.id5-sync.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	rules.quantcount.com	secure.quantserve.com
1	pfx.api.botman.ninja	p2e9r4n9.stackpathcdn.com
1	cdn.id5-sync.com	fr.buddysecret.com
1	cdn.hadronid.net	fr.buddysecret.com
1	04958da7d73d3e9367b55474a062b31e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	secure.quantserve.com	fr.buddysecret.com
1	fonts.gstatic.com	fonts.googleapis.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	p2e9r4n9.stackpathcdn.com	fr.buddysecret.com
1	superal.github.io	fr.buddysecret.com
1	cdnjs.cloudflare.com	fr.buddysecret.com
1	g.ezodn.com	fr.buddysecret.com
1	go.ezodn.com	fr.buddysecret.com
151	45

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
twitter.com
fr.realtest.me

Subject Issuer	Validity	Valid
buddysecret.com GTS CA 1P5	`2023-04-15` - `2023-07-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-20`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.stackpathcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-04` - `2023-05-31`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.hadronid.net GTS CA 1P5	`2023-04-11` - `2023-07-10`	3 months	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2022-12-27` - `2024-01-25`	a year	crt.sh
pfx.api.botman.ninja R3	`2023-02-06` - `2023-05-07`	3 months	crt.sh
quantserve.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-04-14` - `2023-07-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://fr.buddysecret.com/s/sync-quiz/GoUX
Frame ID: 8AEACBEE32CEE027D72B53DA6A2102A5
Requests: 141 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html
Frame ID: 3C96CBE80DFF32C9AD21BE16303A04D0
Requests: 1 HTTP requests in this frame

Frame: https://04958da7d73d3e9367b55474a062b31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9F76E91CE3BF34376F7BD0CB3AB21818
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1019C23D73526B83D950C2BD5D4FFFCA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2FAC7764345DB5352FE47A29F9C94795
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Journal de l'amitié 2023 ! Invite tes ami(e)s à écrire dans ton journal intime maintenant.

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

151
Requests

97 %
HTTPS

73 %
IPv6

29
Domains

45
Subdomains

42
IPs

5
Countries

2050 kB
Transfer

5297 kB
Size

32
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/buddysecret2

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Buddysecret1

Search URL Search Domain Scan URL

URL: https://twitter.com/BuddySecret1

Search URL Search Domain Scan URL

URL: https://fr.realtest.me/?utm_site_source=custom&utm_site_medium=ad&utm_site_campaign=user

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://btloader.com/tag?aax_id=AAX65WOCF&upapi=true HTTP 302
https://btloader.com/tag?o=5112081056530432&upapi=true

151 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request GoUX Show response
fr.buddysecret.com/s/sync-quiz/ 69 KB
21 KB 796ms
727ms Document
text/html 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

374fec528851b7cdc6e959e18835e0be7641addaf03366886b12fe570cccaf48

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 7bb79957ef789b63-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 21 Apr 2023 18:13:06 GMT
display: pub_site_sol
expires: Thu, 20 Apr 2023 18:13:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pagespeed: off
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwfaYfisPSuac%2F73gl0LywPRvhbe9NH%2BkVdRBTHsjTVs0A2%2BVSW5uZevLpOqXm1FkDIjag4BK0%2FrxOzoMAEOK42RE0Dtr4z7JWGv6s6EVOhzLzEsMN2kx5z1%2BR2GL6wgi%2Fiy1OrZ%2F2GI%2B7zebQPR%2FBI%3D"}],"group":"cf-nel","max_age":604800}
response: 200
server: cloudflare
server-host: as-hi-38-web
vary: Accept-Encoding
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-sol: pub_site

GET
H2 200 calgary.js Show response
fr.buddysecret.com/edmontonalberta/ 2 KB
1 KB 45ms
35ms Script
application/javascript 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.buddysecret.com/edmontonalberta/calgary.js?cb=16
Requested by: Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597830acea0420d0c95ceae70e1db6fcfb1d35d259922ff472b1b6fb083e193f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Mar 2023 15:51:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3810107
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsKOeqSvrfQdXaDZCsUzJxxv8wXSSyMcoH%2BcZMuZmprT2zxVRLKMHPFya4pen4QXy%2FbP3p8uAClDFJf%2FtH%2Fa4N%2FjldLLcvrLJ9%2BKyLrOUOl8zrKS9Ian0dSUy4E1iY9LV6h66IZRRUiMm7DjUH6JJY4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
cf-ray: 7bb7995c9f8b9b63-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
25 KB 148ms
90ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

619329e8e95b21ac0224515e23f42c9c074a3cc0cad929356c5479204a65e397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25354
x-xss-protection: 0
server: cafe
etag: 189 / 19468 / m202304170101 / config-hash: 11648243008235316478
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 18:13:06 GMT

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 660 KB
192 KB 105ms
41ms Script
application/javascript 2606:4700:e4::ac40:a602
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?cb=195-1-55
Requested by: Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a602 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c09dda2cfc05892463b64a687169e7240f08686e41010bd050f4286d77c921f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 23:12:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1968710
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDlhhZfpt1UiZYPVFeZ5%2FQ87nh4LcChYHujvBW5FdXBj9dB%2Fni8tbqdrYC294zhZjU9tpezKSssAcKoiLpMPV6cmQXRikaUZxvyt%2Bjte5IT1FwblGQkJmVwyQePLG307nCvUPf18By3zHXg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7bb7995ced50bbe3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 fads.js Show response
fr.buddysecret.com/porpoiseant/ 8 KB
3 KB 51ms
41ms Script
application/javascript 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.buddysecret.com/porpoiseant/fads.js?gcb=195-1&cb=8
Requested by: Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99c99af258943f5efe5689a6803d0470de89dbb21bc19eaf3259a47bc07d2a88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Mar 2023 16:09:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2772199
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FvR2LG2F7wJSGxC5lKFqpnxSNKWITRIhf4w0Sfn2cVFGZgczerdp7s%2B7Tus0G3w8E4MwZGKrjVEq%2BoeiyQ6JPIsQGv1stpXoczWIg4jm6l2zI%2FQvsSZLAbwvg4HXUgAb2Mfyrep2U9xxGlJeVI0Jj8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
cf-ray: 7bb7995c9f899b63-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 font-awesome.css
fr.buddysecret.com/public/css/ 36 KB
8 KB 39ms
29ms Stylesheet
text/css 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fr.buddysecret.com/public/css/font-awesome.css?v=20230214

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a4086f6b01ea01e73f42b352500e1ee3fc4a3dba5a50ecd41485f70d661dc30

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi-145-web
date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
cf-cache-status: HIT
x-sol: orig
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, orig_site_sol
age: 82710
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: cloudflare
etag: W/"b6da2-91f5-5bcb218a1a2c0-gzip"
vary: Accept-Encoding,Origin
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EzXtswE%2FVfq%2B6cGbiDrB6esXJwIQxyw9Hw%2B2vzihpWRIBt2v7nrYpY4FP%2FCVjKFvZbWsfxm3Q37cgh4CIZgY6OEVKJ5nZULiKJ2csXXo1sD3IJxAZvDLKiCoWj7R%2ByDW3oC8%2BTfZwMqgFGwm2o16oJo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 7bb7995c9f839b63-FRA

GET
H2 200 bootstrap.css
fr.buddysecret.com/public/css/ 146 KB
22 KB 45ms
35ms Stylesheet
text/css 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fr.buddysecret.com/public/css/bootstrap.css?v=20230214

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a37ddc4e7e30ec2675c6d2e628b57efee02b9f3ed430e7172946bf04c1744648

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi-55-web
date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
cf-cache-status: HIT
x-sol: orig
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, orig_site_sol
age: 1031845
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Thu, 06 Apr 2023 14:50:17 GMT
server: cloudflare
etag: W/"b6da1-24960-5bcb218a1a2c0-gzip"
vary: Accept-Encoding,Origin
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3HfBXTluSCCl%2B9e8rAJ%2FwOi%2B2HiOG%2FStftUx%2FptKULX413reEcNdNc8Bo1ltO4K6JTJk3f8aD1eeRXn1HuNN%2FsyIWspfUM14h%2BcMBsXU8ju%2Btqgcn83W7CY%2FdJHPLfKglYTI8E8iPkYo1ikvGpaf9aY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 7bb7995c9f859b63-FRA

GET
H2 200 common-spinner.css
fr.buddysecret.com/public/css/ 2 KB
838 B 31ms
29ms Stylesheet
text/css 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fr.buddysecret.com/public/css/common-spinner.css?v=20230214

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b6dfeb59f7464899e64068a09afaa80fdae61e9767a041f9bc60aae5362c599

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi-55-web
date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
cf-cache-status: HIT
x-sol: orig
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, orig_site_sol
age: 1280034
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Thu, 06 Apr 2023 14:50:17 GMT
server: cloudflare
etag: W/"b6a85-6ff-5dd3c17586ac0-gzip"
vary: Accept-Encoding,Origin
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZuT0NLeJ6S%2FjYviRQwWwShvLlwNl3hyxFZ5loyCsaaB85vNEjtYbbAQyYeUDJwhmQKWNa6euqmlEsw%2FJ9WQpEDmepHACcDkqyhDYUjN8uNoiwE1WIDbrGbJAW6Y%2FB2bYjiGiWIk1QNHWfpnyZIKW80%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 7bb7995c9f869b63-FRA

GET
H2 200 style.css
fr.buddysecret.com/public/css/surpriseforu/ 73 KB
13 KB 34ms
32ms Stylesheet
text/css 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fr.buddysecret.com/public/css/surpriseforu/style.css?v=20230214

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b315cd1d137b144cd722b47da20ca34b2ddfd9ec6ff8ca7551900dfe55e8ae54

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi-125-web
date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
cf-cache-status: HIT
x-sol: orig
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, orig_site_sol
age: 523839
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: cloudflare
etag: W/"b8e22-12512-5f25b28341180-gzip"
vary: Accept-Encoding,Origin
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9zDwa86UbPt7bR1FlIc0ajDgn0BgV8E5QLhtrkf%2BWyJW94C524rplwGcpbatPckir4a9bKOJ6ta9THlg%2BHXz5gCN5BrdEixVVRiuS4pCHy0OiYjWseqEorzzx%2FkL%2BJBmuoB3ORi2rzC6a%2BzICaAYGoM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 7bb7995c9f889b63-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 127ms
60ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-192512597-5

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

14f328218ce3f2edab3d8cd2e58ddc1e4ef96f3c8aa02da92430a4a151a902b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45052
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Apr 2023 18:13:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 116 KB
45 KB 98ms
32ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-126527512-14

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d777a901e1e816d86434cd1c98fd0e894b2a6c89b9bd59f33bb7584777e548c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 46068
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Apr 2023 18:13:06 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 146ms
77ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9369680060196134

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d903d2c28340c43faa76bc62dee3994f1d4e9704050d3c711a130fe7d08214c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fr.buddysecret.com/
Origin: https://fr.buddysecret.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47766
x-xss-protection: 0
server: cafe
etag: 14970565402467995220
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 18:13:06 GMT

GET
H2 200 v.js Show response
g.ezodn.com/cmp/v2/ 5 KB
2 KB 52ms
39ms Script
text/javascript 2606:4700:e4::ac40:a602
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezodn.com/cmp/v2/v.js?v=4
Requested by: Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a602 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b104db680a9d1df48409a24d2f18c31e2867e67e921c44b00c72b22d9762bb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Feb 2023 19:45:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1385071
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzaQnWeuexk6PxfyUArr6B7qaY66H2V%2BrsuAKqtJSt6lxyGNlu7e%2FpMLApGNWH38P9pVCTX61m1UTJbli7cL6tayY4a2jQ9qKz15vganooczI%2FYOKMb1l9ZrMx4ldYyrjflz5%2BGBsqrLXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=15780000
cf-ray: 7bb7995d3db1bbe3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 33 KB
1 KB 82ms
30ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3133d5701c08c2e700289c8b937a62febaf03b69292d3785dad25ff6fff23dbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 17:48:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 18:13:06 GMT

GET
H2 200 css2
fonts.googleapis.com/ 18 KB
1 KB 81ms
30ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ff4a985f8b2dc95aa25b773f60e8f2e8d7aa64891af2f76c6cac2c3ae9ee3c28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 18:11:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 18:13:06 GMT

GET
H2 200 Friendship_Diary_logo.gif
img.holaquiz.com/public/site_content/quiz/ck_editor/images/meta/Surprise4u_2/ 423 KB
424 KB 97ms
30ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.holaquiz.com/public/site_content/quiz/ck_editor/images/meta/Surprise4u_2/Friendship_Diary_logo.gif

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a0182d790fb030792d5172ed46e0c8f17cedea697937210c6401f2ebafbe54e

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi-205-web
date: Fri, 21 Apr 2023 18:13:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 821
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 432956
last-modified: Tue, 08 Sep 2020 09:41:45 GMT
server: cloudflare
etag: "3730a7-69b3c-5aeca24a56840"
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPpZJuuQScA5%2B1Ypxpm75UEBUT80yWQ94XxfAbnzFRTXmsd5owEctG0lyqKiz%2F7rPI5%2Fz5NP%2Bt%2FB4XD3j7lz7WLD0bF6A7Ev6YvKQNlszgXCdPePVbYTvLtGXjWjuUyxrxe49TqLVRWzb2yR4%2FdZ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7bb7995d89bfbbad-FRA

GET
H3 200 language-globe2.png
fr.buddysecret.com/public/images/surpriseforu/ 2 KB
2 KB 36ms
31ms Image
image/webp 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fr.buddysecret.com/public/images/surpriseforu/language-globe2.png

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3530d16e8ee249bd4a37f640f88801795680af5c202fe50187aed10a9f958aff

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi-117-web
date: Fri, 21 Apr 2023 18:13:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 1292101
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ezoic-excludewebp: false
response: 200
last-modified: Thu, 06 Apr 2023 14:50:17 GMT
server: cloudflare
etag: W/"b8e18-6b4-5dfc0789fb280-gzip"
vary: Accept-Encoding,Origin
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cElDWIdPi99w7SeSSUrH8l8VjNGCKXh0qvNyUtldDX%2B416yvG0L2EI5qSLlDJ7hn9THPfcGvVSQdzOFrAZeNaCaGzTYzStx%2BvdGhqJYE%2FWhuy%2BXqee4aa%2BsVbwLVHPY%2FA4VrzfqS%2BAYgzdjPJPlVV%2BM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 7bb7995d2a903a5e-FRA

GET
H3 200 Pink_insta.png
fr.buddysecret.com/public/images/surpriseforu/ 708 B
1 KB 122ms
117ms Image
image/webp 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fr.buddysecret.com/public/images/surpriseforu/Pink_insta.png

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ca15678c5371520af135afde97eb1038d2f8618df9816230cb2efc13478cd41

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi-173-web
date: Fri, 21 Apr 2023 18:13:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 1292101
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 708
x-ezoic-excludewebp: false
response: 200
last-modified: Thu, 06 Apr 2023 14:50:17 GMT
server: cloudflare
etag: "b8e12-363-5dfc0789fb280-gzip"
vary: Accept-Encoding,Origin
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Fo8afpFLIavdN%2FuS81pLz3WPDQcMAVPp1BZv%2BkzCWr1Cg%2F6oPJUoiudX3IhRNg4M4%2BVbnj3Hs1ibburEje2tYTuiv6dADmVjc0rc65guRepv9%2BpRVQvRuVp5wtoH5wPiqDFY1sz%2F2BERCfv4xWNHeU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7bb7995d2a913a5e-FRA

GET
H3 200 Pink_fb.png
fr.buddysecret.com/public/images/surpriseforu/ 390 B
1 KB 123ms
117ms Image
image/webp 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fr.buddysecret.com/public/images/surpriseforu/Pink_fb.png

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e5efee6dbb6f3dee6c9856038b15b31f7ef546756272448788f86a2d5633ace

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi-117-web
date: Fri, 21 Apr 2023 18:13:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 1292101
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 390
x-ezoic-excludewebp: false
response: 200
last-modified: Thu, 06 Apr 2023 14:50:17 GMT
server: cloudflare
etag: "b8e11-1ac-5dfc0789fb280-gzip"
vary: Accept-Encoding,Origin
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ks83ZMIQ7OjF5eeOteketfKCs1zoWfTSBJ6rdRVE6uTqesxVUceSlWwcBFwDDXLxpuEtHfoISccUW9uaJ3m8O8AqJOEQ%2Fl2qphkGga8BEtnTlOqaMVtAqYZ5yFMCoDqh4Fu5CqB%2Fa699PVFc9SQsKFM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7bb7995d2a923a5e-FRA

GET
H3 200 Pink_twitter.png
fr.buddysecret.com/public/images/surpriseforu/ 640 B
1 KB 124ms
119ms Image
image/webp 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fr.buddysecret.com/public/images/surpriseforu/Pink_twitter.png

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

974fb86e61c1c7c1b795ce953fbd58c82a9287d7d314d593582bc33da6d262eb

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi-217-web
date: Fri, 21 Apr 2023 18:13:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 1642641
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 640
x-ezoic-excludewebp: false
response: 200
last-modified: Wed, 29 Mar 2023 21:34:36 GMT
server: cloudflare
etag: "b8e13-33d-5dfc0789fb280-gzip"
vary: Accept-Encoding,Origin
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wcqiSWrVGvVZhvnr1MRLE50%2BMN7JaQPmwtbrI4mU2n9AnKXMWd0IK%2FubKOuheawPjcQI%2FJ%2B8T8GQh%2FG5G53%2Fp1ydkxvsnvtAYE3BdfjLrJ0f7vb7iSQB5pml9HPjpXGQjgwYYuAPArpQW0aEURwQ8s%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7bb7995d2a963a5e-FRA

GET
H3 200 eye.png
fr.buddysecret.com/public/images/surpriseforu/ 760 B
1 KB 126ms
121ms Image
image/webp 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fr.buddysecret.com/public/images/surpriseforu/eye.png

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a79fd8609a005581a852d3a6ce79e0434c1b10218edab4a611c8a87d4beef1d8

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi-160-web
date: Fri, 21 Apr 2023 18:13:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 85499
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 760
x-ezoic-excludewebp: false
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: cloudflare
etag: "b8d26-4e4-5bcb218b0e500-gzip"
vary: Accept-Encoding,Origin
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=108tkU5SQMR1XcpGQbsXWV%2FU6DeY09DLn5fSouIq1Bfp5LI91HzI20qNQ08yCjKB8duDTOFBLRrtLwW%2B6zLh9UjuXOXaTM9x%2F%2BxhKj1k0mIWfxC0BquTAgrHKu9hejNF0sfNwRLIpF%2FGxTf0RMmcLeA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7bb7995d2a983a5e-FRA

GET
H3 200 quiz_save_loading.gif
fr.buddysecret.com/public/images/ 43 KB
43 KB 58ms
52ms Image
image/gif 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fr.buddysecret.com/public/images/quiz_save_loading.gif

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef46993c81da652e3c2581d2adab6051e1bd0570d7ce80f5e3ac2c6221a37a97

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi-173-web
date: Fri, 21 Apr 2023 18:13:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 1947072
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ezoic-excludewebp: false
response: 200
last-modified: Wed, 29 Mar 2023 21:34:36 GMT
server: cloudflare
etag: W/"b6e0d-aa4f-5bcb218b0e500-gzip"
vary: Accept-Encoding,Origin
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2Fpr4JE8VaUi8tkIZM3d5ZnPJkw5%2FYfXsVgMQsCOKBAQtPpgguoTFdtZUWEAkTyBAzQxDLs4RPqDYXLWiRrKDb3ZM2tAQFlCdwLgmbBrl%2BM7fcWZTY8Q42BhWfK2eGhsYtSGo1aUuBfzEbWOlwf8q%2Fs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 7bb7995d2a9a3a5e-FRA

GET
H2 200 french_custom.jpeg
img.holaquiz.com/public/site_content/quiz/ck_editor/images/ADS_CUSTOM/ 23 KB
24 KB 442ms
376ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.holaquiz.com/public/site_content/quiz/ck_editor/images/ADS_CUSTOM/french_custom.jpeg

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bf0dece38664d648e3be9f14fb1ca09ac8c8488e10e1a73ce18545b43d76d1d

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi-205-web
date: Fri, 21 Apr 2023 18:13:07 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23857
cf-bgj: h2pri
last-modified: Mon, 27 Feb 2023 06:12:19 GMT
server: cloudflare
etag: "314274-5d31-5f5a85c83b6c0"
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3TVD7USkeMmYSOUPDwMfg5f5AfF5sBp5yXxtkYuD5%2BmViFR7PXhbmQhj970OiNJYBvVT65HNuHQz%2Fm7wt1xClw3tO5q0z%2BzQHzSwPwfY0Ay4RrfQdyg6Qye9XyvdE0rZ448kgVCgRxmeJZLnqWLx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7bb7995d89c0bbad-FRA

GET
H3 200 BlueFB.png
fr.buddysecret.com/public/images/surpriseforu/ 626 B
1 KB 143ms
137ms Image
image/webp 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fr.buddysecret.com/public/images/surpriseforu/BlueFB.png

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c62d15b97395d0ee57d4dfe9584e6f181d70d175fe4fc4f0480b645753afc626

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi-217-web
date: Fri, 21 Apr 2023 18:13:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 1642641
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 626
x-ezoic-excludewebp: false
response: 200
last-modified: Wed, 29 Mar 2023 21:34:36 GMT
server: cloudflare
etag: "b8e0c-363-5dfc0789fb280-gzip"
vary: Accept-Encoding,Origin
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21vtAlErY22sDqEM8HLpyvxFvXPfFkWSLW2TVx8hE%2Bwj0F23NcnzeqJcQ2kRGyYC%2B7IyFkV40IAclS1BVuDcUGaiZNzH8klWGNEyPS2y5MSHdguLW6R6BaVA1hAFQf5YKPm8krDxB226gtUHwkH9pMo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7bb7995d2a9c3a5e-FRA

GET
H3 200 Blueinsta.png
fr.buddysecret.com/public/images/surpriseforu/ 950 B
2 KB 143ms
138ms Image
image/webp 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fr.buddysecret.com/public/images/surpriseforu/Blueinsta.png

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c759ef2e91ce47c0601fe6006b6c18436478ffb4c6abee6a6ccb14cb6b12e78c

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi-183-web
date: Fri, 21 Apr 2023 18:13:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 1292100
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 950
x-ezoic-excludewebp: false
response: 200
last-modified: Thu, 06 Apr 2023 14:50:17 GMT
server: cloudflare
etag: "b8e0d-660-5dfc0789fb280-gzip"
vary: Accept-Encoding,Origin
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8quaaoNf4szqzqorlGHIdKVAWEWoVJT6YbxXOYTKS823dzx%2B2uzB9wLJZBXbQP5s8XmFtKjWqfQ2%2FQWNI1odms11abRj90H%2FYmpkp%2FPXxVXtd6aV6MZlVCHw8LQ4w6oVfU7WISiMNtMTm%2BEuzO9VQ%2FM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7bb7995d2a9d3a5e-FRA

GET
H3 200 Bluetwitter.png
fr.buddysecret.com/public/images/surpriseforu/ 828 B
1 KB 144ms
138ms Image
image/webp 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fr.buddysecret.com/public/images/surpriseforu/Bluetwitter.png

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8fe9022cf54c53863a7f1c251422ec1968630abef85a0743f2741f8e68bc3b1

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi-242-web
date: Fri, 21 Apr 2023 18:13:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 1292100
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 828
x-ezoic-excludewebp: false
response: 200
last-modified: Thu, 06 Apr 2023 14:50:17 GMT
server: cloudflare
etag: "b8e0e-4d3-5dfc0789fb280-gzip"
vary: Accept-Encoding,Origin
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GT08S3JU%2FKiHxW2uh78pMjPXZUXMyLyn4LTBHBQtS1qD7FYn6T4WflLwK6CwkEp1Fm5pZTMN81cBwZ073G11WgOLql2awu4ZTGmU2XWhLBq6yogKYbuGtCehr7NjfPYFFJKEMDuDchF7xsbZfuMkwLo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7bb7995d2a9f3a5e-FRA

GET
H3 200 email-decode.min.js Show response
fr.buddysecret.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 26ms
25ms Script
application/javascript 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fr.buddysecret.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Apr 2023 16:29:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"643ec584-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IdiCZfvMkwzp4zAMjaEpWi85bhY10JwOkrnw%2Blml7YPFhwDAMWQfa29dxXvDAIaowaUc3K8zqxF7CL84xXkBYkH%2BRlazPTy5lI2yYQsr6s%2By%2FnmpDRN3mv8WxuLATJS0dX9H6jQ9zO3jboDHIpB108%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7bb7995d2a7b3a5e-FRA
expires: Sun, 23 Apr 2023 18:13:06 GMT

GET
H3 200 jquery.min.js Show response
fr.buddysecret.com/public/js/ 94 KB
34 KB 101ms
96ms Script
text/javascript 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fr.buddysecret.com/public/js/jquery.min.js?v=20230213

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi-148-web
date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 509868
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: cloudflare
etag: W/"b6e36-176f8-5bcb218b0e500-gzip"
vary: Accept-Encoding,Origin
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KyAbwMC7A%2BnGPD0thgjDRd1i1dY0tnfs2ucQGD8JyPTPOlApTj%2BYHAtXu%2FgnOIAUI%2BZyw8rWcJwJfIY5fb5SMPaSnlsYx%2FNzajyb2Om4jqhzIwrHEbfTNJxSkzakn5GTMydkpdrSW%2B%2B3XxKTJTjunAc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 7bb7995d2a843a5e-FRA

GET
H3 200 bootstrap.js Show response
fr.buddysecret.com/public/js/ 65 KB
15 KB 104ms
99ms Script
text/javascript 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fr.buddysecret.com/public/js/bootstrap.js?v=20230213

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47bf6b2e0bb21849f205a4f2d90c8e40b2773f3fdf4c764471cd050ef0a87378

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi-220-web
date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 213981
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: cloudflare
etag: W/"b6e2e-104ac-5bcb218b0e500-gzip"
vary: Accept-Encoding,Origin
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SEGGxt2%2B9N1VFGgAaSpIcry0X8slffhPnooAldOfsrQO5LYqXgkd3HdaJaYwe1Pgt%2F8RUWOOPrLAkxcZhTpaK4tQ6PoeGI15YfPzKyhpBYKJQ4C4y6oLMK7ntd5z9lCQNn8KXZwmibM4RhVXuiTLULA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 7bb7995d2a863a5e-FRA

GET
H3 200 angular.js Show response
fr.buddysecret.com/public/js/ 114 KB
41 KB 80ms
75ms Script
text/javascript 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fr.buddysecret.com/public/js/angular.js?v=20230213

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c72c5cdb8ee97ed1e23f49f9cc0884c795f9c70e85a566453d9701f12cebfe9f

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi--web
date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 509867
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: cloudflare
etag: W/"b6e2d-1c61c-5bcb218b0e500-gzip"
vary: Accept-Encoding,Origin
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0yYcbRwn1%2Fvk04xmWzsY198yWak01xnryQgjc7pc6dzJRzQ99fPR9AtFPg1I%2BGz4P7ERsgCtIvb5VdAz3%2BnzXMySxFCxykBJVIaDdeHXCV%2Fq2Pjy2RoRahgAvedtnmngNKofTd%2BeIE9cDAWteluLG60%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 7bb7995d2a873a5e-FRA

GET
H3 200 angular-sanitize.js Show response
fr.buddysecret.com/public/js/ 21 KB
7 KB 37ms
31ms Script
text/javascript 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fr.buddysecret.com/public/js/angular-sanitize.js?v=20230213

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db668b70fd0021a224a50338fc80f62881fc5e678e84987ff62785d86ab3f320

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi-94-web
date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 1292102
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Thu, 06 Apr 2023 14:50:17 GMT
server: cloudflare
etag: W/"b6e2c-5536-5bcb218b0e500-gzip"
vary: Accept-Encoding,Origin
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2y4QGCCZ4jVPRNhUK6321npEkAUehsus3hjEmJJPWiOobkGYwOzabqzc6u5qQ45swGzN2Zyz0qaQvJtxaRRKAZMle4VX8pkovlvjxeegnf9%2FH1sn7jZ2Flq7i%2B4v%2B0J3iuedraxU1xJenD6gPBTAwhg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 7bb7995d2a8a3a5e-FRA

GET
H3 200 site_api.js Show response
fr.buddysecret.com/public/js/ 79 B
765 B 37ms
32ms Script
text/javascript 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fr.buddysecret.com/public/js/site_api.js?v=20230213

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a5e6f7994c5f4b291424f145d1fede1bfb2793cac841138f0863fd954da721f

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi-125-web
date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 509868
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: cloudflare
etag: W/"b6997-4f-5d39242ebf840-gzip"
vary: Accept-Encoding,Origin
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJPorO0r1ym6hgA3TNgYdxPoC%2Bn449Hk03tRpVfLTOCCr7P0abOZSFbDL%2FpxG1HEMTmuKlmimU9G6A86qS3r745ZzxpVsFdNzU9jtwrIqDydW7HEb%2BfyffwqHc7zdgUxSTWhhUnfsrcSxSsCdMP8oek%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 7bb7995d2a8b3a5e-FRA

GET
H3 200 s_a_cont.js Show response
fr.buddysecret.com/public/js/ 94 KB
18 KB 80ms
75ms Script
text/javascript 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fr.buddysecret.com/public/js/s_a_cont.js?v=20230213

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccc14c8f89759e4ee4328556294bfe4985f8d14237df2185e40b33e872ea03fa

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi-77-web
date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 509867
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: cloudflare
etag: W/"b6efa-177cd-5f4a3952aa5c0-gzip"
vary: Accept-Encoding,Origin
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7%2FVenenkAVqXzUif95ylzAoDw6idR9RVVW8A1rVKU2kvlCT4Tj0gTJqwtL0usQ5Fn74B4W7rNw4oJUoaap8irZ3ckeubkyluRjy8ZerF%2F9daoNA0sywtHRC3yulCCAQfouggS5BhKSOuzmYr9gcV9U%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 7bb7995d2a8d3a5e-FRA

GET
H3 200 s_a_ser.js Show response
fr.buddysecret.com/public/js/ 6 KB
2 KB 58ms
53ms Script
text/javascript 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fr.buddysecret.com/public/js/s_a_ser.js?v=20230213

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e04a40af8692b8e76780c014a3f5ad8d55d98fe8a6cd671bbebd32413117888d

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi-177-web
date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 1947072
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Wed, 29 Mar 2023 21:34:36 GMT
server: cloudflare
etag: W/"b6edc-198d-5f43ebd527240-gzip"
vary: Accept-Encoding,Origin
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdPC%2B67Y9FMDgnzCCwk6v9j6AhmltYqSYSPG9mzt3vxlN4VwqRCLB8U%2FXhBf%2FaVL4Ys7a4JkAQPwRYtJrdTI%2F%2BdZSQekY4UexGs48DZJByJMHqfFZdkp44JEv09tH17SeBJY%2Be9qaSTMKnkdJJhpLh8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 7bb7995d2a8e3a5e-FRA

GET
H3 200 site.js Show response
fr.buddysecret.com/public/js/ 41 KB
12 KB 122ms
117ms Script
text/javascript 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fr.buddysecret.com/public/js/site.js?v=20230213

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d5c58353f0d90f2bf4392b2418d8aa06ee483645f48e4b34b0086bb46aa5d48

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi-173-web
date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 509868
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: cloudflare
etag: W/"b6e39-a5bc-5f4a3952aa5c0-gzip"
vary: Accept-Encoding,Origin
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xIDGHONZA%2F6sf9k6RfVVAcsfbLHncV6rvkgM7y2sk17RRipLqApjP5MvUjAdVIEYm7pY2%2FOQIgdDV2cB2IiRMbuvtlrT2Qtbkc2%2BlGxck78e8QKHOde5iTLXV5yXc34p2TSqjWpyme4czsHYcKFjZQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 7bb7995d2a8f3a5e-FRA

GET
H2 200 html2canvas.min.js Show response
cdnjs.cloudflare.com/ajax/libs/html2canvas/0.4.1/ 36 KB
11 KB 77ms
27ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/html2canvas/0.4.1/html2canvas.min.js

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

737473b145a0fb2d97963ba71104b42ea59d434e17d43de3db67ddffc24200ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 350006
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11066
last-modified: Mon, 04 May 2020 16:11:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9d-9079"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KwYiOz1C%2BJDGdVrc0wGpDaRUCkIu3xkdPSNz3xbMJnWlAVYDf4GS9h949MysdRwx3VoPNbTjk4asUArydKiA0%2BDeGgoSGlJ83cOKy9wGM%2FNPK8JQOJI6KN74t3oy78Yt81OjMfGjGUwdhF4t8wAcuaOk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7bb7995d79a72bd6-FRA
expires: Wed, 10 Apr 2024 18:13:06 GMT

GET
H2 200 canvas2image.js Show response
superal.github.io/canvas2image/ 8 KB
3 KB 87ms
21ms Script
application/javascript 2606:50c0:8001::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://superal.github.io/canvas2image/canvas2image.js
Requested by: Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 9a03674bfe83fe09eee7aae6106943918be73a009be21468c2bdb1b4ce958fdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-fastly-request-id: b46b9c49afe8970e6181479c177f66dd8172d743
date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 2
age: 539
x-cache: HIT
x-proxy-cache: MISS
content-length: 2514
x-served-by: cache-hhn-etou8220054-HHN
last-modified: Thu, 27 Oct 2016 14:01:12 GMT
server: GitHub.com
x-github-request-id: 2D00:96F7:1EA959B:2A17E0E:64223256
x-timer: S1682100787.809310,VS0,VE0
etag: W/"581208a8-1fcf"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Tue, 28 Mar 2023 00:28:30 GMT

GET
H3 200 augusta.js Show response
fr.buddysecret.com/detroitchicago/ 2 KB
2 KB 144ms
138ms Script
application/javascript 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.buddysecret.com/detroitchicago/augusta.js?cb=24
Requested by: Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Feb 2023 15:05:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6836867
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IVJfRs19oVxhpsHHpQDAnayPkRDTMWxR7N%2Fre8f3eew9N2e%2FfB%2BlJwDrO0kJniUvwfiovl0lj%2FWKgCCb2bSOC3kGcM%2F0Zn3EzbSl1nDKSMq3UzM6QLrY2tg6mR8rCsOY2fJylbAXOXeZKA%2B7XNMhncU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
cf-ray: 7bb7995d2aa23a5e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 banger.js Show response
fr.buddysecret.com/porpoiseant/ 55 KB
15 KB 144ms
138ms Script
application/javascript 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.buddysecret.com/porpoiseant/banger.js?cb=195-1&bv=213&v=74&PageSpeed=off
Requested by: Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ad2136726a866de6e7229643298d402133c65f3fa775d6cda843b543ed2296

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Apr 2023 07:35:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 38269
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1sJanS05khM1NsH%2BvFwNgtSJhhoHzRwbJNpkwivnAySfGxASf%2FYyoijvNYxW40nP7%2FkjPdxFUAyo7bhVjJIB9ugM9y4H2e0FG1%2FxQlT9BX1Cz3aU%2Fko4Z5HxdD1pW5JIYGCneyrSQ02M%2Bb7vciihjDU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
cf-ray: 7bb7995d2aa43a5e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 226 KB
56 KB 97ms
30ms Script
application/javascript 65.9.90.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/edmontonalberta/calgary.js?cb=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-90-93.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 49262cbd305b40a32de0c41a27e4a5aafc65927c0b7f0e6163e0e5b3739eab85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 17:40:12 GMT
content-encoding: gzip
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront), 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
last-modified: Wed, 19 Apr 2023 20:25:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, PRG50-C1
age: 1975
x-amz-server-side-encryption: AES256
etag: W/"d0373f28cbce103f094bc2631a9c8dd5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: dzvM8FeX9JCtsIGkgPIus1BiEjqirU1tFrNR8CbGWJh3xhRVbcJqWQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 205 KB
68 KB 139ms
75ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MBZ4PJR

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

49656e03f6fbfdc8fce3e83ef3b7fd4710faeb7a1796274e7bc45f379218e55a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69808
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Apr 2023 18:13:06 GMT

GET
H2 200 __pmon.min.js Show response
p2e9r4n9.stackpathcdn.com/ 19 KB
6 KB 119ms
22ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://p2e9r4n9.stackpathcdn.com/__pmon.min.js
Requested by: Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: fd15dccc78b33bb29115461ac9504869f4af29b5bdc93111b8ecff5d58469206

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: gzip
last-modified: Wed, 09 Mar 2022 13:58:37 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "4ba3-5d9c97e7e3e1f-gzip"
x-hw: 1682100786.cds331.fr8.hn,1682100786.cds324.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84600, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 6398

GET
H3 200 cmbv2.js Show response
fr.buddysecret.com/detroitchicago/ 54 KB
16 KB 144ms
139ms Script
application/javascript 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.buddysecret.com/detroitchicago/cmbv2.js?gcb=195-1&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61&abt=VignetteAnchor
Requested by: Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ebbc6efa9afa687a96ec1e33fa5c8f227c28d21142edb5692e395f932eefd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 21 Apr 2023 18:13:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VI7GMMq1uBPhfHzoR6PsIM3jobaKmwsZYW19zMYht%2FHv%2FEqzgbFYZfgr6K5p0%2BC873uPIUxHgbZ8jluKS6Ltnh5Os78P2Upqm8D6uDVkxeXHq4Ugon%2BdiSxA%2BlUldLEDAEuqjS3LsbRGWd1QnkLmrA0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
cf-ray: 7bb7995d2aa63a5e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/ 400 KB
124 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

432acd8192429c035f55370ab0501a7f58d69456a10b0a1bc213bd3efb6d2946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 15:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11401
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126857
x-xss-protection: 0
server: cafe
etag: 11988808581808118609
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 20 Apr 2024 15:03:05 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 2 KB
468 B 113ms
56ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=fr.buddysecret.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a30b3c4468e6cb64aefdf6b3056e4d5a5ba3f3a44b376261be54e7b567066f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 443
x-xss-protection: 0
expires: Fri, 21 Apr 2023 18:13:06 GMT

GET
H3 200 kenai.js Show response
fr.buddysecret.com/detroitchicago/ 3 KB
2 KB 43ms
28ms Script
application/javascript 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.buddysecret.com/detroitchicago/kenai.js?gcb=1&cb=5
Requested by: Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6923498f78595bd12b0b85b4d8fb03395bb293984a9efb4251447a9b80f459bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 19:18:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1292101
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gl2SLTCaI2TEraLplzekgsRxivIzp3Wy%2Fk1CwccDiLQwpSR4E5BKo5uGJTERnwvG3gQs868OIVO9Ue51%2FsV1J%2F32PZocGDbQAN8RTr7YdsxyCCDhiqnLV2EsOG8yKwL%2BqK79nAqYAMly%2BIINU7i%2BNeY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
cf-ray: 7bb7995e1b993a5e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 portland.js Show response
fr.buddysecret.com/detroitchicago/ 29 KB
10 KB 44ms
30ms Script
application/javascript 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.buddysecret.com/detroitchicago/portland.js?gcb=1&cb=2
Requested by: Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93df6b932f78a94beb1a9aaf63e733e4969724b68bae11e4b60d8cb8ce4ff3ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Apr 2023 06:05:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 216449
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWvD2YHAJGk%2B5XLvswj7oIvTlb9juVrdI0Ji5IDUMtplAQYHAtXUWfN2QCofgRCd7iBwVS11fbtZI2vhMZ1dEPE5gZUL%2FI8ESP2YJt0pv9kSB%2Bq82%2BgWs56FWEYdla%2FDCG22WD9lUJmFEcl15M%2FlDLg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
cf-ray: 7bb7995e1b9c3a5e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
2 KB 147ms
136ms XHR
application/json 65.9.90.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ffr.buddysecret.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-90-93.prg50.r.cloudfront.net
Software: Server /
Resource Hash: c044a3c9cdb186fb83cea1eeb7cf8ee76e0e084835c45cead97e96c855f8d857

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:06 GMT
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://fr.buddysecret.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1639
x-amz-cf-id: V375O895ax5Nwst1roqbq3QowtHkDFtV8h3Jw_deffi0z86tkNJ7Jw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
466 B 163ms
84ms XHR
text/javascript 65.9.99.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ffr.buddysecret.com%2Fs%2Fsync-quiz%2FGoUX&pid=WtRqWCmc8HZ1X&cb=0&ws=1600x1200&v=23.414.2006&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-buddysecret_com-medrectangle-2-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2C38924784%2Fbuddysecret_com-medrectangle-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-buddysecret_com-medrectangle-1-0%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C38924784%2Fbuddysecret_com-medrectangle-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-buddysecret_com-box-2-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C38924784%2Fbuddysecret_com-box-2%22%7D%5D&schain=1.0%2C1!ezoic.ai%2C4e1d5fb3543b3ffc7def7391eed7e716%2C1%2C%2C%2Cfr.buddysecret.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.99.209 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-99-209.prg50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PRG50-C1
x-amz-rid: XGDFF2APH7YQFCKTAAQW
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://fr.buddysecret.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: DXpk9yAHwIaqVZswG5D3QANrq66Jj-fsRQsyez6QcINtgFAoKKHHnw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 110ms
50ms XHR
application/javascript 65.9.90.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-90-93.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 07:16:38 GMT
x-amz-version-id: BeoItWAXLH_Ztd131J1ILFBRpuOxsQkH
content-encoding: gzip
via: 1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 39389
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 13 Apr 2023 22:29:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: XF3uBfDnWJwj5jYm19hqUlBdQwnqDWyEvnmWo2an9-vxZBppYJ9Iqw==

GET
H3 200 GoUX Show response
fr.buddysecret.com/s/other-user-stats/ 765 B
927 B 488ms
487ms XHR
text/html 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fr.buddysecret.com/s/other-user-stats/GoUX

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/public/js/angular.js?v=20230213

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d25bd5330cd688c4b04c5c661a1f043121df76a2577ecda3bb00411e006831bc

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

Accept: application/json, text/plain, */*
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi--web
date: Fri, 21 Apr 2023 18:13:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-sol: pub_site
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pagespeed: off
response: 200
server: cloudflare
vary: Accept-Encoding,Origin
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TcQMDGiltOLtdtMM6sZsviz%2BmacJTVDpKYeH%2Bff4GKyYcon9%2B1wn0SC16AAJuvR2AGW30MRF12Un22l92s6m3gkD3AoX7ztcKras294o2xrClmIrbHnZOe7ajy8dUfKNx7HNE73ltyfHRGEYchhE2IY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7bb7995e4bd33a5e-FRA
expires: Thu, 20 Apr 2023 18:13:07 GMT

GET
H3 200 paper_background.png
fr.buddysecret.com/public/images/surpriseforu/ 34 KB
35 KB 31ms
31ms Image
image/webp 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fr.buddysecret.com/public/images/surpriseforu/paper_background.png

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/public/css/surpriseforu/style.css?v=20230214

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aafc9e6058700946b019027e9e9e91eb67624597b8431b03cc82f0f928dd8184

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/public/css/surpriseforu/style.css?v=20230214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi-179-web
date: Fri, 21 Apr 2023 18:13:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 1642636
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ezoic-excludewebp: false
response: 200
last-modified: Wed, 29 Mar 2023 21:34:36 GMT
server: cloudflare
etag: W/"b8d3c-10c370-5bcb218b0e500-gzip"
vary: Accept-Encoding,Origin
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWfV5MkfJd2vj2c%2FO8YsCiiPd5kO3qa96BudWA1qY4ddvI1MXA8ynikxYP%2BCppSrHi85JcW%2BuHpwAH6ITjGaEgFZZr5BNqCMje5SXGGwt7%2BDyPyoSpPEwI7D7jyLlfiBA6Nve%2FC5dO%2BrndAW76G1BtI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 7bb7995e4bdd3a5e-FRA

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 79ms
25ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fr.buddysecret.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 05:03:35 GMT
x-content-type-options: nosniff
age: 133771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 05:03:35 GMT

GET
H3 200 hearts.png
fr.buddysecret.com/public/images/surpriseforu/ 4 KB
5 KB 33ms
32ms Image
image/webp 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fr.buddysecret.com/public/images/surpriseforu/hearts.png

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/public/css/surpriseforu/style.css?v=20230214

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12e7b6899a0cbdbc2cc8e515dfc379b3f6814c9d51c4f2ceae30ef275c61c3f8

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/public/css/surpriseforu/style.css?v=20230214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi-242-web
date: Fri, 21 Apr 2023 18:13:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 1292100
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ezoic-excludewebp: false
response: 200
last-modified: Thu, 06 Apr 2023 14:50:17 GMT
server: cloudflare
etag: W/"b8d2e-11ff-5bcb218b0e500-gzip"
vary: Accept-Encoding,Origin
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9H91%2B0Jrv8ZuTyK%2BFjTKE97pdYNNyfJThqZthJTwIzYOogLf%2FGXfdBZd6jXNJAC0wdGFtT%2B62lDfDEfPAZFf%2B5kDeyRO1ku%2FinAgOMHJwtNsRLa1gV7%2FyZvrsmWV1xab4CbnrJw3plFa6oJJdzgT08%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 7bb7995e5bf03a5e-FRA

GET
H3 200 tape.png
fr.buddysecret.com/public/images/surpriseforu/ 7 KB
8 KB 30ms
29ms Image
image/webp 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fr.buddysecret.com/public/images/surpriseforu/tape.png

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/public/css/surpriseforu/style.css?v=20230214

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f53061fe431368a06c0fd0136e468828f0a9bfd612e87e1161b7856d84bb9e1c

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/public/css/surpriseforu/style.css?v=20230214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi-225-web
date: Fri, 21 Apr 2023 18:13:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 1111195
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ezoic-excludewebp: false
response: 200
last-modified: Thu, 06 Apr 2023 14:50:17 GMT
server: cloudflare
etag: W/"b8b47-3644-5c857574e1c00-gzip"
vary: Accept-Encoding,Origin
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6r7D6vG4Da3H8IIoZz0aBOU0VxJlgMiS6VfglIjkLUk3lklgReOWg52Caoj3EpLpOuIQJ%2FgQmH2FrW531%2FdwSaCBRdwMCkx4Ybb%2FNrHOvlrotomU8M%2Fkw8g5unpXs7zPZw7kHNwCORTXVeoDk%2BcF%2Fs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 7bb7995e5bf43a5e-FRA

GET
H3 200 left_leave.png
fr.buddysecret.com/public/images/surpriseforu/ 4 KB
4 KB 30ms
29ms Image
image/webp 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fr.buddysecret.com/public/images/surpriseforu/left_leave.png

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/public/css/surpriseforu/style.css?v=20230214

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

391fb956aa4dc55504f7aaefe02f05a4fb953c78cb797e1b27bba548cbabeea8

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/public/css/surpriseforu/style.css?v=20230214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi-94-web
date: Fri, 21 Apr 2023 18:13:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 1280915
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ezoic-excludewebp: false
response: 200
last-modified: Thu, 06 Apr 2023 14:50:17 GMT
server: cloudflare
etag: W/"b8d34-1635-5bcb218b0e500-gzip"
vary: Accept-Encoding,Origin
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0Zpc2ixt74%2F09SdnWwl3FQUBRmJfBOfgy%2B3MrbUuVjhvUMbu1F4shzLpAI4ONU20HdtJC6ldnyF8wU8fjvEpUpcU1%2BniG%2B8AIiItZPkqHHDRm%2BXKdvuDFwyy35CjsEUtF2VZpWTCbKWnQjs5Lk2kEc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 7bb7995e5bf53a5e-FRA

GET
H3 200 right_leave.png
fr.buddysecret.com/public/images/surpriseforu/ 4 KB
4 KB 31ms
30ms Image
image/webp 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fr.buddysecret.com/public/images/surpriseforu/right_leave.png

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/public/css/surpriseforu/style.css?v=20230214

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4aa3f6707f926cbe074217b19c4196f9aa4ae5e3f7ec62d59ee92a6a34bfcdf3

Security Headers

Name	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/public/css/surpriseforu/style.css?v=20230214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server-host: as-hi-183-web
date: Fri, 21 Apr 2023 18:13:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 1280915
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ezoic-excludewebp: false
response: 200
last-modified: Thu, 06 Apr 2023 14:50:17 GMT
server: cloudflare
etag: W/"b8d3d-1699-5bcb218b0e500-gzip"
vary: Accept-Encoding,Origin
x-frame-options: ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zP2UOPgS537qwNHpQa%2BnvBpbuoHZegX1LjjTUzg25ylueC%2F%2FghqzAr6nbgiqJNZGdcCbMlBUfWwoo9LMewK3RVfCLyhxFweD68%2FNdfCxcunyb%2F00KPhHLoi3xXZ0utKcyH6LE0HGbqyggHNwqxc1RMw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 7bb7995e5bf73a5e-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
79 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-21EKGFLRB3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126527512-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dd427c943f75e9fa448236af731060b18c43b0067cf945aa1422f35349d4730d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80701
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Apr 2023 18:13:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-192512597-5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126527512-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4c27f8b7209c6041966d66b09c1f220bcb7c29078340427cb2b5c16de7f0cdd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45133
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Apr 2023 18:13:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 82ms
28ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126527512-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Apr 2023 16:27:45 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6322
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 21 Apr 2023 18:27:45 GMT

OPTIONS
H2 200 /
basher.ezodn.com/ Frame 0
0 107ms
33ms Preflight
application/json 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basher.ezodn.com/?did=319217&bf=160&dc=1254144
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-pingback
Access-Control-Request-Method: GET
Origin: https://fr.buddysecret.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-pingback
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://fr.buddysecret.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 7bb7995f99c72c20-FRA
content-length: 0
content-type: application/json
date: Fri, 21 Apr 2023 18:13:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1uiTxwDpVGjFLC5PaLRLOLPNUignADiC0zgjqRCEhu46SqfaMtGJyubgHm80tkELdq%2Bw0EQP6WroTGEHdt1VAsh%2BtwM18DbQrUIhs4vnSCaLviaPv22ejETG%2F8oXda%2FxxdJ%2BfnVFahVC%2B6%2BTbvL"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding

GET
H2 200 / Show response
basher.ezodn.com/ 3 KB
2 KB 30ms
28ms XHR
application/json 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basher.ezodn.com/?did=319217&bf=160&dc=1254144
Requested by: Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/porpoiseant/banger.js?cb=195-1&bv=213&v=74&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ec8261e5e156d489a1e3aef3310486bc484e13c69f74b664469cb11ced53b94

Request headers

Referer: https://fr.buddysecret.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
X-PINGBACK: pingpong
Content-Type: application/json

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 86400
vary: Origin, Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://fr.buddysecret.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRxiKcRVTkIqkXDCoJrE1pcNCjiZuzfycSOEOvhsYXG8XF8kWFQYNJOejSvtY%2BslargCpVyN%2BwvN%2BUXMh0CwkRoqXKeKNSyrjiFt%2B82r2O8LFN8OwVGQk%2B4i3JH7AyfDGayFa0CgvyuHA%2BpS5gTV"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: public, max-age=84400
cf-ray: 7bb7995fca632c20-FRA
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 imp.gif
fr.buddysecret.com/detroitchicago/ 43 B
657 B 34ms
34ms Ping
image/gif 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.buddysecret.com/detroitchicago/imp.gif?e=%7B%22ab_test_id%22%3A%22mod81%22%2C%22ad_cache_level%22%3A1%2C%22ad_count_adjustment%22%3A0%2C%22ad_lazyload_version%22%3A-1%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%226%2C5%2C4%2C1%22%2C%22adx_ad_count%22%3A3%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A3%2C%22city%22%3A%22%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A2%2C%22domain_id%22%3A319217%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A2%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221006%2C1100%2C1143%2C1145%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%2228e25fe7-e346-41bd-7c61-352495f5b5ca%22%2C%22position_selection_id%22%3A46%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A28960%2C%22response_time_orig%22%3A550%2C%22serverid%22%3A%22i-059f484a7343a4284%22%2C%22state%22%3A%22%22%2C%22sub_page_ad_positions%22%3A%221006%2C1100%2C1143%2C1145%22%2C%22t_epoch%22%3A1682100785%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Ffr.buddysecret.com%2Fs%2Fsync-quiz%2FGoUX%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A139%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/detroitchicago/cmbv2.js?gcb=195-1&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61&abt=VignetteAnchor
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-display: imp_sol
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: HEAD, PUT, POST, GET, OPTIONS
content-type: image/gif
access-control-allow-origin: https://fr.buddysecret.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krLU1wBbDCsfNnJQ1ZmNHmckRMUmDxld1lGaloQzQnDX%2FRpbqRERFlTP5OGzFGl8MipY9yd7%2B3DhH5uUC%2FiI7zB%2FfpC%2Bv1ePO2YN2JR2CMo4TRQMzWYrymr9W8SnMRQVlIUBnboNf7vanqkDF0A4MFo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
cf-ray: 7bb7995f2cf63a5e-FRA
access-control-allow-headers: Content-Type
expires: Thu, 20 Apr 2023 18:13:06 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 115ms
22ms Script
application/javascript 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/detroitchicago/cmbv2.js?gcb=195-1&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61&abt=VignetteAnchor
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
content-encoding: gzip
etag: "DUHyBE1e2vdA+NAhXV6BXg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 28 Apr 2023 18:13:07 GMT

GET
H3 200 cmbdv2.js Show response
fr.buddysecret.com/detroitchicago/ 41 KB
11 KB 53ms
53ms Script
application/javascript 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.buddysecret.com/detroitchicago/cmbdv2.js?gcb=195-1&cb=03-8y0c-6y1c-5y62-22&cmbcb=136&sj=x03x0cx1cx62&abt=VignetteAnchor
Requested by: Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0f424f15622aec46cd0f910c28a20e70c5c9f50d6ef5289d169e91bdd3bd154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 21 Apr 2023 18:13:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zC6e3Ib69e%2BMOm3PFsbfTwjXot5bAxExqxfwgbklaAs%2BrxUKJhkbsaiULq7%2Fx4PevE%2F8TMHns1crgDwkjfkyFaHRRmioP7f1YmyoA2UdqjXbbN5WQ%2BWat34P4dhTcJrBFnMFRWXt5mTnQ0Bo7bgm3w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
cf-ray: 7bb7995f2cf83a5e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304100102/ 345 KB
116 KB 126ms
80ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304100102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9369680060196134&plah=fr.buddysecret.com&bust=31074009

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9369680060196134

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4363c1d5715cf9b10961b9154d3c1a874f68126bc4e9c390538eeb03f4a2b23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118244
x-xss-protection: 0
server: cafe
etag: 7687226010229374876
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 18:13:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/ Frame 3C96 10 KB
5 KB 78ms
22ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9369680060196134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fr.buddysecret.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14669
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 14:08:38 GMT
etag: 2378337311435320485
expires: Fri, 05 May 2023 14:08:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 87ms
30ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fr.buddysecret.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 88ms
29ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fr.buddysecret.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
623 B 552ms
552ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3276802629404479&correlator=841005751842776&eid=31068366%2C44777898%2C21065725&output=ldjh&gdfp_req=1&vrg=202304170101&ptt=17&impl=fifs&iu_parts=1254144%3A38924784%2Cbuddysecret_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&adks=207463532&didk=524494701&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D2466035835089019%26eid%3D2466035835089019%26t%3D134%26d%3D319217%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod81%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dbuddysecret_com-medrectangle-2-2466035835089019%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10015%2C10063%2C11307%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D54%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D140%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C168%2C0%2C192%2C0%2C193%2C196%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3915%2C3919%2C3933%2C4184%2C4185%2C4186%2C4604%2C4605%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C2030%2C1893%2C4769%2C4769%2C4769%2C4769%2C4751%2C5136%2C774&eri=1&cust_params=amznbid%3D1%26amznp%3D1&sc=1&cookie_enabled=1&abxe=1&dt=1682100787132&lmt=1682100787&dlt=1682100786623&idt=384&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ffr.buddysecret.com%2Fs%2Fsync-quiz%2FGoUX&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=646057354.1682100787&ga_sid=1682100787&ga_hid=2109915687&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6287576091d784878dc0c6e239d5b80ec220adaef7fa014a8802c26a27064d45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 593
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fr.buddysecret.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
04958da7d73d3e9367b55474a062b31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9F76 6 KB
3 KB 139ms
31ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://04958da7d73d3e9367b55474a062b31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fr.buddysecret.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 18:13:07 GMT
expires: Sat, 20 Apr 2024 18:13:07 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://btloader.com/tag?aax_id=AAX65WOCF&upapi=true
https://btloader.com/tag?o=5112081056530432&upapi=true

223 KB
44 KB

43ms
43ms

Script
application/javascript

2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5112081056530432&upapi=true
Requested by: Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX
Protocol: H2
Server: 2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d55e7ae0474f0126993fecddca13a26b10b027baacc716b6d356bdce8f9619a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Apr 2023 17:59:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 784
etag: W/"dabd54d0962d2a79a3e03f33b0ebae88"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1vnXJhcyNaMph5hKiG%2BTEyE8EDc91vgW61NnFZpnUVHlW1fjM2DD3vGdeuyBgIkQbEv4SaUUKiiwi1bR85APGzpZXqIAyFdoppYQPLztjpQ7RGWT6dmEbror40vhqwstZmyvQ2MQW4UiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7bb79960be7d698b-FRA

Redirect headers

date: Fri, 21 Apr 2023 18:13:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kbd1MTbFASmBMM9d8uhodb3PAjGL205sIp6bxazedBP4yUlvjvwaKdhZu5eUdkCwhZQI4oISt70BwjGzPtZeic3SYWAdiRnXp2BKekwvePo2%2F523jgPKDQgvjA9K%2FFACv6Oi%2BD%2FWf0HSHA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?o=5112081056530432&upapi=true
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7bb799600dd9698b-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 101ms
34ms Script
application/javascript 2606:4700:10::ac43:246e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Ffr.buddysecret.com%2Fs%2Fsync-quiz%2FGoUX&ref=&_it=amazon&partner_id=524
Requested by: Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 10:57:44 GMT
server: cloudflare
x-amz-request-id: TC75RB0KRRP8NTXT
age: 374
etag: W/"2280e2148e4ee3c06f679f8fac039778"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7bb799602e886921-FRA
x-amz-id-2: tLisjgGnjFNgXFmNzCleIC1ScWAkgar/yal8BV1iI+YAX2kT+5EHWz67/yHvAUJpLxxzRZ7ivV0=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 101ms
35ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 12:00:04 GMT
server: cloudflare
x-amz-request-id: E6MT7PBY6EQKW5AR
age: 2545
etag: W/"b58faeda0c1d193bc50dd25a7640d8ba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7bb799602a3a085a-FRA
x-amz-id-2: u1WrkdVVFEoTU6YrngHfFr6RftQN5a9M9DWspimxQwoXV19NUExvqPZUarqq+rvOUt0FQM2HyI0=

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
450 B 117ms
115ms XHR
text/plain 35.168.115.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.115.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-115-78.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fr.buddysecret.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 21 Apr 2023 18:13:07 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 365ms
116ms Preflight 35.168.115.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.115.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-115-78.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fr.buddysecret.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 21 Apr 2023 18:13:07 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 dip.html Show response
pfx.api.botman.ninja/ 55 B
479 B 337ms
109ms XHR
text/html 5.161.35.131
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pfx.api.botman.ninja/dip.html?ak=f8fe1ae5c2968a9d211e3fdad4e6be1ede137ae5&m=PFX&module=JSTAG&f=SCR&vis=8&ifp=0&burl=https%3A%2F%2Ffr.buddysecret.com%2Fs%2Fsync-quiz%2FGoUX&uq=JBBzVU7YNqE6&ac=null&purl=&ih=1200&iw=1600&ow=1600&oh=1200&plf=Win32&cpu=undefined&lst=234lj4kl4dXfsDfkJitY323f6d3&aver=5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/112.0.5615.121%20Safari/537.36&uagt=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36&cen=UTF-8&aname=Netscape&acod=Mozilla&cd=24&zi=undefined&nlang=en-US&ndrv=false&win=true&dnt=8&hco=4&plg=true&layer=0&nmt=0&nbo=Etc/Unknown&fsa=false&ch=1200&cw=1600&sh=1200&sw=1600&bld=24&actv=visible&acc=Intel%20Iris%20OpenGL%20Engine&gyro=undefined&pop=false&brl=0&brt=1663.515625&brh=2&brb=1665.515625&als=Intel%20Inc.&cam=undefined&bt=undefined&ce=true&dlmax=9.4&ntype=4g&ofw=2&ofh=2&s1=NA&s2=NA&s3=NA&s4=NA&s5=NA&s6=NA&hless=false&s7=NA&s8=NA&s9=NA&s10=NA&s11=NA&s12=NA&s13=NA&s14=NA&s15=NA&s16=NA&s17=NA&s18=NA&s19=NA&s20=NA
Requested by: Host: p2e9r4n9.stackpathcdn.com
URL: https://p2e9r4n9.stackpathcdn.com/__pmon.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.161.35.131 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.131.35.161.5.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9a73ec51d0e62c2fdb04d631b841b43d1d61a18fd1c09ffc243db565ef05bbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
content-encoding: gzip
last-modified: Mon, 08 Aug 2022 12:51:27 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"62f106cf-37"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 22 Apr 2023 18:13:07 GMT

GET
H3 200 nmash.js
fr.buddysecret.com/porpoiseant/ 21 KB
7 KB 55ms
55ms Other
application/javascript 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.buddysecret.com/porpoiseant/nmash.js?v=213
Requested by: Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47176ade966a9ffbf425d7d9d0cfe693da4ae96cb8300da77e288039b2f130ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 21 Apr 2023 18:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v2UIomaW0u9Q0DvNIssUxyJY%2BsQR56wtDKrLwMw2bcnblCEiWC%2BrBdXpao7Hc5fc8CKep9KTah3t0dDCyBT7Wn%2BFiCoePSCVFoUZm4JD4I2U0l%2FWTkPF4Ob%2BtDkzU9LFbQopkqxm8ZHUaiF18oqrG%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=0, public
x-robots-tag: noindex
cf-ray: 7bb7995ffe1c3a5e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 95ms
94ms Fetch
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

750f95992d17dff3f50f16c3b15a8afeda7e3fd6d0d8c9d9518d6132a4731a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47774
x-xss-protection: 0
server: cafe
etag: 2375118463129805839
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 18:13:07 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 253 KB
84 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9QKBNZJYL1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBZ4PJR

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e802bffc7a419ab8f40bfbb3c021fdc2eead1d719e0ba1a726bbed3fddd5cc47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86461
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Apr 2023 18:13:07 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 83ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-21EKGFLRB3&gtm=45je34j0&_p=2109915687&cid=646057354.1682100787&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682100787&sct=1&seg=0&dl=https%3A%2F%2Ffr.buddysecret.com%2Fs%2Fsync-quiz%2FGoUX&dt=Journal%20de%20l%27amiti%C3%A9%202023%20!%20Invite%20tes%20ami(e)s%20%C3%A0%20%C3%A9crire%20dans%20ton%20journal%20intime%20maintenant.&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-21EKGFLRB3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 18:13:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fr.buddysecret.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 81ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-21EKGFLRB3&gtm=45je34j0&_p=2109915687&cid=646057354.1682100787&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1682100787&sct=1&seg=0&dl=https%3A%2F%2Ffr.buddysecret.com%2Fs%2Fsync-quiz%2FGoUX&dt=Journal%20de%20l%27amiti%C3%A9%202023%20!%20Invite%20tes%20ami(e)s%20%C3%A0%20%C3%A9crire%20dans%20ton%20journal%20intime%20maintenant.&en=userf%20-%20instruction%20page&_c=1&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-21EKGFLRB3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 18:13:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fr.buddysecret.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 29ms
28ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2109915687&t=pageview&_s=1&dl=https%3A%2F%2Ffr.buddysecret.com%2Fs%2Fsync-quiz%2FGoUX&ul=en-us&de=UTF-8&dt=Journal%20de%20l%27amiti%C3%A9%202023%20!%20Invite%20tes%20ami(e)s%20%C3%A0%20%C3%A9crire%20dans%20ton%20journal%20intime%20maintenant.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=40219577&gjid=255959743&cid=646057354.1682100787&tid=UA-126527512-14&_gid=1592094313.1682100787&_r=1&gtm=457e34j0&jsscut=1&z=99022112

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fr.buddysecret.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 18:13:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fr.buddysecret.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
68 B 28ms
27ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2109915687&t=pageview&_s=1&dl=https%3A%2F%2Ffr.buddysecret.com%2Fs%2Fsync-quiz%2FGoUX&ul=en-us&de=UTF-8&dt=Journal%20de%20l%27amiti%C3%A9%202023%20!%20Invite%20tes%20ami(e)s%20%C3%A0%20%C3%A9crire%20dans%20ton%20journal%20intime%20maintenant.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1354652008&gjid=1309303828&cid=646057354.1682100787&tid=UA-192512597-5&_gid=1592094313.1682100787&_r=1&gtm=457e34j0&jsscut=1&z=1481932337

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fr.buddysecret.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 18:13:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fr.buddysecret.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
71 B 30ms
30ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2109915687&t=pageview&_s=1&dl=https%3A%2F%2Ffr.buddysecret.com%2Fs%2Fsync-quiz%2FGoUX&ul=en-us&de=UTF-8&dt=Journal%20de%20l%27amiti%C3%A9%202023%20!%20Invite%20tes%20ami(e)s%20%C3%A0%20%C3%A9crire%20dans%20ton%20journal%20intime%20maintenant.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1705717875&gjid=177020464&cid=646057354.1682100787&tid=UA-126527512-43&_gid=1592094313.1682100787&_r=1&_slc=1&gtm=45He34j0n81MBZ4PJR&z=1747572162

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fr.buddysecret.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 18:13:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fr.buddysecret.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 29ms
28ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2109915687&t=event&ni=0&_s=1&dl=https%3A%2F%2Ffr.buddysecret.com%2Fs%2Fsync-quiz%2FGoUX&ul=en-us&de=UTF-8&dt=Journal%20de%20l%27amiti%C3%A9%202023%20!%20Invite%20tes%20ami(e)s%20%C3%A0%20%C3%A9crire%20dans%20ton%20journal%20intime%20maintenant.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Pageview&ea=Visit&_u=YADAAUABAAAAACAAI~&jid=2096043208&gjid=1107642431&cid=646057354.1682100787&tid=UA-126527512-14&_gid=1592094313.1682100787&_r=1&gtm=45He34j0n81MBZ4PJR&z=698655751

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fr.buddysecret.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 18:13:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fr.buddysecret.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
www.google-analytics.com/ 35 B
111 B 28ms
28ms Ping
image/gif 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fr.buddysecret.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 18:13:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://fr.buddysecret.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/ 160 B
633 B 106ms
26ms Script
application/javascript 2600:9000:2127:f800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:f800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 17:44:53 GMT
via: 1.1 4b7022ec3e11edfdd972039992f837de.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 1695
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 00:41:49 GMT
server: AmazonS3
etag: "af15ecfe46737cb2a37226fd060f23a6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: WF7Wc1CDpeaVZJf1NKFbPm_ujmKbs5njLZqheFJpFPhf13AyjH9ThA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 87ms
29ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-126527512-14&cid=646057354.1682100787&jid=40219577&gjid=255959743&_gid=1592094313.1682100787&_u=YADAAUAAAAAAACAAI~&z=1884930554

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fr.buddysecret.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 21 Apr 2023 18:13:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fr.buddysecret.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 100 B
290 B 115ms
114ms XHR
application/json 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=524&sync=0&domain=fr.buddysecret.com&url=https://fr.buddysecret.com/s/sync-quiz/GoUX
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Ffr.buddysecret.com%2Fs%2Fsync-quiz%2FGoUX&ref=&_it=amazon&partner_id=524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470afce88298dfb1c18f2339b0acdfbe0a19ee18e4e3c4cb599595b339acaff4

Request headers

Referer: https://fr.buddysecret.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 7bb799621bee0493-FRA

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 188ms
116ms Preflight
application/json 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=524&sync=0&domain=fr.buddysecret.com&url=https://fr.buddysecret.com/s/sync-quiz/GoUX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fr.buddysecret.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 7bb799615ac40493-FRA
content-length: 0
content-type: application/json
date: Fri, 21 Apr 2023 18:13:07 GMT
debug: OPTIONS block
expires: Sat, 20 Apr 2024 18:13:07 GMT
server: cloudflare

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 84ms
28ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-126527512-43&cid=646057354.1682100787&jid=1705717875&gjid=177020464&_gid=1592094313.1682100787&_u=YADAAUABAAAAACAAI~&z=956428716

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fr.buddysecret.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 21 Apr 2023 18:13:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fr.buddysecret.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 81ms
29ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-126527512-14&cid=646057354.1682100787&jid=2096043208&gjid=1107642431&_gid=1592094313.1682100787&_u=YADAAUABAAAAACAAI~&z=946541837

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fr.buddysecret.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 21 Apr 2023 18:13:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fr.buddysecret.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
405 B 78ms
24ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

c0473b1fce4e4ad563a5c91daec07a4d9e211f7ebc776af3da0c707a840b084c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://fr.buddysecret.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fr.buddysecret.com
date: Fri, 21 Apr 2023 18:13:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 32ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9QKBNZJYL1&gtm=45je34j0&_p=2109915687&_gaz=1&cid=646057354.1682100787&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Ag&_s=1&sid=1682100787&sct=1&seg=0&dl=https%3A%2F%2Ffr.buddysecret.com%2Fs%2Fsync-quiz%2FGoUX&dt=Journal%20de%20l%27amiti%C3%A9%202023%20!%20Invite%20tes%20ami(e)s%20%C3%A0%20%C3%A9crire%20dans%20ton%20journal%20intime%20maintenant.&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9QKBNZJYL1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 18:13:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fr.buddysecret.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 50ms
29ms Ping
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9QKBNZJYL1&cid=646057354.1682100787&gtm=45je34j0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9QKBNZJYL1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 18:13:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fr.buddysecret.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 111ms
58ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9QKBNZJYL1&cid=646057354.1682100787&gtm=45je34j0&aip=1&z=1961938260

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 18:13:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 31ms
31ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fr.buddysecret.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 29ms
29ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fr.buddysecret.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
646 B 764ms
764ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3276802629404479&correlator=3265337190406640&eid=31068366%2C44777898%2C21065725&output=ldjh&gdfp_req=1&vrg=202304170101&ptt=17&impl=fifs&iu_parts=1254144%3A38924784%2Cbuddysecret_com-box-2%2Cbuddysecret_com-medrectangle-1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x250%2C320x50%7C336x280%7C728x90%7C320x50%7C468x60%7C234x60&fluid=0%2Cheight&ifi=3&adks=1171769993%2C1867912623&didk=1004092366~524493760&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D8716160631095128%26eid%3D8716160631095128%26t%3D134%26d%3D319217%26t1%3D134%26pvc%3D0%26ap%3D1143%26sap%3D1143%26as%3Drevenue%26plat%3D1%26bra%3Dmod81%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dbuddysecret_com-box-2-8716160631095128%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26eba%3D1%26ebss%3D10015%2C10063%2C11307%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D54%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D120%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D179%2C168%2C0%2C67%2C0%2C131%2C196%2C0%2C192%2C209%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3919%2C3933%2C4184%2C4185%2C4186%2C4604%2C4605%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C2030%2C1893%2C4769%2C4769%2C4769%2C4769%2C4751%2C5136%2C774%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%7Ca%3D%257C0%257C%26iid1%3D1917328407114056%26eid%3D1917328407114056%26t%3D134%26d%3D319217%26t1%3D134%26pvc%3D0%26ap%3D1145%26sap%3D1145%26as%3Drevenue%26plat%3D1%26bra%3Dmod81%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D4%26al%3D1004%26compid%3D0%26tap%3Dbuddysecret_com-medrectangle-1-1917328407114056%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10015%2C10063%2C11307%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D54%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D140%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C168%2C0%2C67%2C0%2C131%2C153%2C0%2C192%2C209%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C815%2C817%2C899%2C903%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3919%2C3933%2C4184%2C4185%2C4186%2C4604%2C4605%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C2030%2C1893%2C4769%2C4769%2C4769%2C4769%2C4751%2C5136%2C774%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682100787399&lmt=1682100787&dlt=1682100786623&idt=384&adxs=650%2C456&adys=107%2C1088&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ffr.buddysecret.com%2Fs%2Fsync-quiz%2FGoUX&frm=20&vis=1&psz=688x250%7C688x280&msz=300x250%7C688x280&fws=4%2C4&ohw=748%2C748&ga_vid=646057354.1682100787&ga_sid=1682100787&ga_hid=2109915687&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2e14ccee9e55749b28f11a4cc0f8b29256e58f628820e224b926828256b0a7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 616
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fr.buddysecret.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
609 B 94ms
29ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=fr.buddysecret.com&callback=_gfp_s_&client=ca-pub-9369680060196134

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304100102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9369680060196134&plah=fr.buddysecret.com&bust=31074009

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b20c516247746f05238e45bdcd96aa0111c7d2d70e538b1ab885a01f081ac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 257
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=ez-cookie-banner&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 18:13:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 108ms
58ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-126527512-14&cid=646057354.1682100787&jid=40219577&_u=YADAAUAAAAAAACAAI~&z=348964567

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 18:13:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 93ms
92ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-126527512-14&cid=646057354.1682100787&jid=40219577&_u=YADAAUAAAAAAACAAI~&z=348964567

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 18:13:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 110ms
60ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-126527512-43&cid=646057354.1682100787&jid=1705717875&_u=YADAAUABAAAAACAAI~&z=559736101

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 18:13:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 60ms
58ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-126527512-43&cid=646057354.1682100787&jid=1705717875&_u=YADAAUABAAAAACAAI~&z=559736101

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 18:13:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 142ms
93ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-126527512-14&cid=646057354.1682100787&jid=2096043208&_u=YADAAUABAAAAACAAI~&z=39821808

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 18:13:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 94ms
94ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-126527512-14&cid=646057354.1682100787&jid=2096043208&_u=YADAAUABAAAAACAAI~&z=39821808

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 18:13:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 457.json Show response
id5-sync.com/g/v2/ 215 B
627 B 90ms
25ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/457.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

240e1ebc0ff91ce6cbf865b3fb321d5f7a110783d9e3fcf50888cc3272446fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://fr.buddysecret.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fr.buddysecret.com
date: Fri, 21 Apr 2023 18:13:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 px.gif
ad-delivery.net/ 43 B
867 B 79ms
28ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 345147
x-guploader-uploadid: ADPycdv8qge5fWlwp9rZXF6LbyExXl2o9Iy5jHQbOEZ0qlQxv_isrzPT7gE5TvR4yPQIXKy-veOtsiFQ4Jd5X0X9m6yejQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OWKYVif8WdQMYJ6CxZEJ7zChM%2FnYCtovAoCEUJuFs59GxPmxKgX9eHM5NtYJS0yWscF%2B0tGQlkfvp8YXw3mKXTb5%2FMCxlW1awVUmCZZ4iaZ%2BxXllE3RQPBFGpDqfvVNRmdB41Rb8ccB7zhWCYA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7bb79961ebbb37d1-FRA
expires: Mon, 17 Apr 2023 19:20:40 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 93ms
23ms Image
image/x-icon 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 03:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53671
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 03:18:36 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
341 B 80ms
29ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.7167780825507244
Requested by: Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 345147
x-guploader-uploadid: ADPycdv8qge5fWlwp9rZXF6LbyExXl2o9Iy5jHQbOEZ0qlQxv_isrzPT7gE5TvR4yPQIXKy-veOtsiFQ4Jd5X0X9m6yejQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vhFD4fuxYqHe64Be6m%2BFR%2B13W6y0CSdBz%2FsTpPdSJd%2BFi1ZgnP8AZN7phiI50vqjwZ65KWvEk8C0fDKDiayuhgqXcLkUq99YZiJbicBMeIPEOcyzlDUrlSCSXOdvGKmeK7wYNNPbc8VLBPCRwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7bb79961ebbc37d1-FRA
expires: Mon, 17 Apr 2023 19:20:40 GMT

GET
H2 200 pixel;r=126509021;labels=Domain.buddysecret_com%2CDomainId.319217;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Ffr.buddysecret.com%2Fs%2Fsync-quiz%2FGoUX;uht=2;fpan=1;fpa=P0-621340887-1682100787330;pbc=...
pixel.quantserve.com/ 35 B
371 B 36ms
21ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=126509021;labels=Domain.buddysecret_com%2CDomainId.319217;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Ffr.buddysecret.com%2Fs%2Fsync-quiz%2FGoUX;uht=2;fpan=1;fpa=P0-621340887-1682100787330;pbc=;ns=0;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gdpr=0;ref=;d=buddysecret.com;dst=0;et=1682100787449;tzo=0;ogl=site_name.https%3A%2F%2Ffr%252Ebuddysecret%252Ecom%2Curl.https%3A%2F%2Ffr%252Ebuddysecret%252Ecom%2Fs%2Fsync-quiz%2FGoUX%2Ctitle.Journal%20de%20l'amiti%C3%A9%20de%20Theo%202023%20!%2Cdescription.Accepte%20cette%20invitation%20exclusive%20%C3%A0%20%C3%A9crire%20dans%20mon%20Journal%20de%20lamiti%C3%A9%20!%2Ctype.website%2Cimage.https%3A%2F%2Fimg%252Eholaquiz%252Ecom%2Fpublic%2Fsite_content%2Fquiz%2Fck_editor%2Fimages%2Fbuddysecret%2FF%2Cimage%3Atype.image%2Fjpeg%2Cimage%3Awidth.800%2Cimage%3Aheight.420;ses=38b75c15-4341-4ded-9d8b-2208ed6ed1d4

Requested by

Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/s/sync-quiz/GoUX

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 18:13:07 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 country Show response
api.btloader.com/ 16 B
203 B 183ms
132ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?aax_id=AAX65WOCF&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 184ms
133ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=CUvnBnNb&w=4878799852797952&o=5112081056530432&cv=2.1.10-3-g4120aac&r=false&vr=1600x1200&pageURL=https%3A%2F%2Ffr.buddysecret.com%2Fs%2Fsync-quiz%2FGoUX&sid=Op6rI2Rk&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?aax_id=AAX65WOCF&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 21 Apr 2023 18:13:07 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

POST
H3 204 greenoaks.gif
fr.buddysecret.com/detroitchicago/ 0
539 B 31ms
30ms Ping
text/plain 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.buddysecret.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIyOGUyNWZlNy1lMzQ2LTQxYmQtN2M2MS0zNTI0OTVmNWI1Y2EiLCJkb21haW5faWQiOiIzMTkyMTciLCJ0X2Vwb2NoIjoxNjgyMTAwNzg1LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMjhlMjVmZTctZTM0Ni00MWJkLTdjNjEtMzUyNDk1ZjViNWNhIiwiZG9tYWluX2lkIjoiMzE5MjE3IiwidF9lcG9jaCI6MTY4MjEwMDc4NSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDQtMjEifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxOCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIyOGUyNWZlNy1lMzQ2LTQxYmQtN2M2MS0zNTI0OTVmNWI1Y2EiLCJkb21haW5faWQiOiIzMTkyMTciLCJ0X2Vwb2NoIjoxNjgyMTAwNzg1LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIyOGUyNWZlNy1lMzQ2LTQxYmQtN2M2MS0zNTI0OTVmNWI1Y2EiLCJkb21haW5faWQiOiIzMTkyMTciLCJ0X2Vwb2NoIjoxNjgyMTAwNzg1LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjI4ZTI1ZmU3LWUzNDYtNDFiZC03YzYxLTM1MjQ5NWY1YjVjYSIsImRvbWFpbl9pZCI6IjMxOTIxNyIsInRfZXBvY2giOjE2ODIxMDA3ODUsImRhdGEiOlt7Im5hbWUiOiJpc19hZF9ibG9ja2VkIiwidmFsIjoiZmFsc2UifV19XQ==
Requested by: Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/detroitchicago/cmbv2.js?gcb=195-1&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61&abt=VignetteAnchor
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2Bs6Lc88KBZhfkv6EJay8UOVXRe2nBN9xkcLznIklgNl1fTj6JJDq4gdcWbwKNXbpEv%2FvmhyG74PtqLoMNJfYtslps7bBmk4TdjYORpO0feLk%2Fi9YIHnC4XZiXCOpLhABN8lTjVkhRiDo0TUsNZIrDc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://fr.buddysecret.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7bb7996269443a5e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Apr 2023 18:13:05 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 70ms
69ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98c187b13882e37aead12b7982ee7817d2f60b17d5d37a1495be8e34dcae93c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11369
x-xss-protection: 0

GET
H2 200 524 Show response
a.ad.gt/api/v1/u/matches/ 11 KB
4 KB 105ms
34ms Script
application/javascript 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/524?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Ffr.buddysecret.com%2Fs%2Fsync-quiz%2FGoUX&ref=&_it=amazon&partner_id=524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d59158a0670c02c5079b8c4c7dd8d7519c7d4d0c1ddee932940592ffdc781f25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 21 Apr 2023 18:09:21 GMT
server: cloudflare
age: 226
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 7bb799634b23698f-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 97ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 21 Apr 2023 18:13:07 GMT

POST
H3 204 greenoaks.gif
fr.buddysecret.com/detroitchicago/ 0
538 B 31ms
31ms Ping
text/plain 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.buddysecret.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIyOGUyNWZlNy1lMzQ2LTQxYmQtN2M2MS0zNTI0OTVmNWI1Y2EiLCJkb21haW5faWQiOiIzMTkyMTciLCJ0X2Vwb2NoIjoxNjgyMTAwNzg1LCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjI4ZTI1ZmU3LWUzNDYtNDFiZC03YzYxLTM1MjQ5NWY1YjVjYSIsImRvbWFpbl9pZCI6IjMxOTIxNyIsInRfZXBvY2giOjE2ODIxMDA3ODUsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjcwIn0seyJuYW1lIjoicGVyZl9jb25uZWN0X3RvX3Jlc3Bfc3RhcnQiLCJ2YWwiOiI3OTYifSx7Im5hbWUiOiJwZXJmX3Jlc3BfdGltZSIsInZhbCI6IjUifSx7Im5hbWUiOiJwZXJmX2ludGVyYWN0aXZlIiwidmFsIjoiMjc0In0seyJuYW1lIjoicGVyZl9jb250ZW50bG9hZGVkIiwidmFsIjoiMjk4In0seyJuYW1lIjoicGVyZl9jb21wbGV0ZSIsInZhbCI6Ijk1MyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjI4ZTI1ZmU3LWUzNDYtNDFiZC03YzYxLTM1MjQ5NWY1YjVjYSIsImRvbWFpbl9pZCI6IjMxOTIxNyIsInRfZXBvY2giOjE2ODIxMDA3ODUsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9wYWludCIsInZhbCI6IjExODkifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIyOGUyNWZlNy1lMzQ2LTQxYmQtN2M2MS0zNTI0OTVmNWI1Y2EiLCJkb21haW5faWQiOiIzMTkyMTciLCJ0X2Vwb2NoIjoxNjgyMTAwNzg1LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfY29udGVudGZ1bF9wYWludCIsInZhbCI6IjExODkifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIyOGUyNWZlNy1lMzQ2LTQxYmQtN2M2MS0zNTI0OTVmNWI1Y2EiLCJkb21haW5faWQiOiIzMTkyMTciLCJ0X2Vwb2NoIjoxNjgyMTAwNzg1LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfV0=
Requested by: Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/detroitchicago/cmbv2.js?gcb=195-1&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61&abt=VignetteAnchor
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0mULFdF6oTVaqbjGTTllUugOA2Fi0JlSpG0fC0R73Zrs299c%2BCqU5oAHkFkKATESl8tRrCC771U959mpjevUtUKjbAvQ2RR24rpZHyJVE%2F4m%2FcJX%2BSTSOikjeBsPibO1YgameEkZ7RCshfXQyiim4cI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://fr.buddysecret.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7bb799632a443a5e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Apr 2023 18:13:08 GMT

POST
H3 204 greenoaks.gif
fr.buddysecret.com/detroitchicago/ 0
541 B 34ms
33ms Ping
text/plain 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.buddysecret.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIyOGUyNWZlNy1lMzQ2LTQxYmQtN2M2MS0zNTI0OTVmNWI1Y2EiLCJkb21haW5faWQiOiIzMTkyMTciLCJ0X2Vwb2NoIjoxNjgyMTAwNzg1LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjkuNCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjI4ZTI1ZmU3LWUzNDYtNDFiZC03YzYxLTM1MjQ5NWY1YjVjYSIsImRvbWFpbl9pZCI6IjMxOTIxNyIsInRfZXBvY2giOjE2ODIxMDA3ODUsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX3J0dCIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIyOGUyNWZlNy1lMzQ2LTQxYmQtN2M2MS0zNTI0OTVmNWI1Y2EiLCJkb21haW5faWQiOiIzMTkyMTciLCJ0X2Vwb2NoIjoxNjgyMTAwNzg1LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfcmVxdWVzdCIsInZhbCI6IjEwNTQifV19XQ==
Requested by: Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/detroitchicago/cmbv2.js?gcb=195-1&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61&abt=VignetteAnchor
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4RMCNIoLdJnSayKP0U7beeKoDssR0aFSAyP1999WTY41NiEofTkVqJpou38%2FSH3JHRFMxLcgg8uH5JUgY2aFFYgJg4IOkl5bC8wAyxo0wEDvKqAnzE2TF6JUIZ%2B8X5o1Ijj%2Fbj%2BtV1KjYqzaLL%2FiGE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://fr.buddysecret.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7bb799632a483a5e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Apr 2023 18:13:05 GMT

POST
H3 204 army.gif
fr.buddysecret.com/porpoiseant/ 0
545 B 35ms
35ms Ping
text/plain 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.buddysecret.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjQ2NjAzNTgzNTA4OTAxOSIsImRvbWFpbl9pZCI6IjMxOTIxNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWJ1ZGR5c2VjcmV0X2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY4MjEwMDc4NSwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiMjhlMjVmZTctZTM0Ni00MWJkLTdjNjEtMzUyNDk1ZjViNWNhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImFkX2xvYWRfdGltZSIsInZhbCI6IjEwNTQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/detroitchicago/cmbv2.js?gcb=195-1&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61&abt=VignetteAnchor
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rkDlr8D8SKS9aMVljOavzqpiTJTvlqemEhEZbeQsZ2wv7pi3N0DOB3U63rWCtqyk2U1%2BUY%2BTm2UP%2FBm9JVHp8NZ%2BByWJ%2BUjQakGxvoXprMIPXGyUPJhC4CxL9%2FlnoG9sX656H1lgpnyaT1ci4vNz%2FFs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://fr.buddysecret.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7bb799632a493a5e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Apr 2023 18:13:07 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1019 13 KB
5 KB 22ms
20ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fr.buddysecret.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 29729
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 09:57:38 GMT
expires: Sat, 20 Apr 2024 09:57:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2FAC 783 B
969 B 33ms
32ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4dd9d0bbf4a02462ea765787eddb27a6d0e7da1c82be9bd58a4b36606e9ed5ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ea73Pc8Qm63zotRI-wo_HA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fr.buddysecret.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-ea73Pc8Qm63zotRI-wo_HA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 18:13:07 GMT
expires: Fri, 21 Apr 2023 18:13:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1019 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:47:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 13:47:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2FAC 0
0 59ms
59ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304170101&jk=3276802629404479&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1019 0
10 B 26ms
26ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gyPQww
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 army.gif
fr.buddysecret.com/porpoiseant/ 0
540 B 36ms
36ms Ping
text/plain 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.buddysecret.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODcxNjE2MDYzMTA5NTEyOCIsImRvbWFpbl9pZCI6IjMxOTIxNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWJ1ZGR5c2VjcmV0X2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY4MjEwMDc4NSwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTQzLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiMjhlMjVmZTctZTM0Ni00MWJkLTdjNjEtMzUyNDk1ZjViNWNhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImFkX2xvYWRfdGltZSIsInZhbCI6IjE1MzAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/detroitchicago/cmbv2.js?gcb=195-1&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61&abt=VignetteAnchor
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SgM1Z79qN4EDEWmBKZnPLkkur6stFeu08nmRSowsaDfbypCRjg9aYvFv0pBP45s1VDaNn%2F3I4Dam6uyVCQebsh%2F3B23IoX3wZsDUW1pNZMoIq0hjk7zt9%2FLOP2nKVoVXw%2BMLfllVH3kNvTNzVQKSnRw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://fr.buddysecret.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7bb799661e7e3a5e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Apr 2023 18:13:07 GMT

POST
H3 204 army.gif
fr.buddysecret.com/porpoiseant/ 0
544 B 35ms
35ms Ping
text/plain 2606:4700:3035::6815:5702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.buddysecret.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTkxNzMyODQwNzExNDA1NiIsImRvbWFpbl9pZCI6IjMxOTIxNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWJ1ZGR5c2VjcmV0X2NvbS1tZWRyZWN0YW5nbGUtMS0wIiwidF9lcG9jaCI6MTY4MjEwMDc4NSwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTQ1LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiMjhlMjVmZTctZTM0Ni00MWJkLTdjNjEtMzUyNDk1ZjViNWNhIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImFkX2xvYWRfdGltZSIsInZhbCI6IjE1MzEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: fr.buddysecret.com
URL: https://fr.buddysecret.com/detroitchicago/cmbv2.js?gcb=195-1&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61&abt=VignetteAnchor
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/s/sync-quiz/GoUX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2FbbPjbdJNCCAxqR%2FBKdFvZxkD7lpu6eQgPqsF5rqZKIEtUzNLOc136XGdWMo803vDQwq6UU3hIEPYad1XqpwhTzt3KIpo9xMWH3EAhUpTnJVDwJQgq9lwVJnf%2Bii9mhhGLalOPWQ%2BE%2FRal%2BCHe1A8o%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://fr.buddysecret.com
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7bb799661e803a5e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Apr 2023 18:13:06 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304170101&jk=3276802629404479&bg=!EhGlEUXNAAYfNdXmPzU7ADkAdvg8WmVxJ0R0AYM_JZia5V9CU9aYcLVy5_ETmq2WaZH0baEOLmZB2mqxOplrN7-nq6REIVZz4RMCAAAAS1IAAAACaAEHCgBob-DhJBsiaZ3P7SZWwSVbN4sEyYGvLOBOSrK9m7p9aEOYtI6jB_qwpE4QpyaiCGn31-xkDCFPpCbT5tCCNJG8SrZrURE-jhVCi8jP88BNgerILHiLuVVVvzh3Yb5TUnfNPk_UNNVaND6ZAu9wvWEBZO3je-Jf-kLk4_2lRR6DjZ1xL2U0fdP2s2liCD3UzSl2Fw6HYB9f8mO64a8qwweF-pw3TSSZ_LUq7bAtPSurUcr1H7gqdkbmXtbQKY2T-Ov3B3oAcnsAgXWJtS7LAubm219dpwg9SY1Gi2tBsRux5yiUhLhnmIoxwre3O81ZTUu0ijKGtxHymcYilOMh-EPiDTAqFXfRDMoPMSeTB2S0e1c7T0wfNbFTU2a_0ja0xC3BcbknJHG6lkLikbVhaRFEJNjlKyBjX8NaUDNk2T0DrK0cORaRrTrvZYTejFdsfGSqWLwyUbCXvFbkHQfn_qz93KQKPM_3mvmtEFhMhfUYQZ-AM4KB-pGenWKsCFIUqZ_U_s3fuSM0QxkuCrZMGktjtZJFExhNc0VzchVuAuFgmkV8wrPAad6sIIC6H8yzgAhmkhtfEuOXyYv11LGaSNxcAByQyQTEJZp3VPDLoSCOqcis8YDNAn7HA4WTmWqOCgNsdZ973lwgVE__UOBrRkR5RbESGY4graVwqCHfZwYyeNjQDh0GGdHOEb3JZqHC0VU6Ujhm9O8Req7zozLo2BUrePd8uUOFeRL3NykHt6wM4Xw5-6ZbqAr6gy1SA1nuB5GoarpTSaVaNUe6HGq8H4I8V1drzWJLyasB4kmbM5x-qGPACxRdfybMC7gGlrBSLoKmjHiLuMpi6QQrZd_pNalqzMv3MErdQu1PHwhxNqkhk5plm6IBSd4llwjIYq3nFpq2EjVt4kD4U8lhWA5qH1VY75e1spEoYCJB_51aUGNEauqYHP0B5gfTsbjdRmmeanarxj8oRSCD3L0PG2aGc9LsZD78M3x5jK2nJ1uMVhknFnSwqhFPp71Ru34aHacve5QL5cPGM4u5qH9o2oLxfciPhLFJdWD-7DQqleQ9J6LZoZMU9yL9tEYq0KkEZEvczg1phLMbfutI7Fe_leCz0ouAL6FMPIGUeLJLEzXftT9y1ierNsltIVA6e0zd
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 33ms
33ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fr.buddysecret.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
29ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fr.buddysecret.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
484 B 540ms
540ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3276802629404479&correlator=3163761710772526&eid=31068366%2C44777898%2C21065725&output=ldjh&gdfp_req=1&vrg=202304170101&ptt=17&impl=fifs&iu_parts=1254144%3A38924784%2Cbuddysecret_com-medrectangle-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C336x280%7C728x90%7C320x50%7C468x60%7C234x60&fluid=height&ifi=5&adks=1867912623&didk=524493760&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D1917328407114056%26eid%3D1917328407114056%26t%3D134%26d%3D319217%26t1%3D134%26pvc%3D0%26ap%3D1145%26sap%3D1145%26as%3Drevenue%26plat%3D1%26bra%3Dmod81%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D4%26al%3D1004%26compid%3D0%26tap%3Dbuddysecret_com-medrectangle-1-1917328407114056%26eb_br%3D527e52c10635ac8136a4c84094ee49a8%26eba%3D1%26ebss%3D10015%2C10063%2C11307%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D54%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D70%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C168%2C0%2C67%2C0%2C131%2C153%2C0%2C192%2C209%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C815%2C817%2C899%2C903%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3919%2C3933%2C4184%2C4185%2C4186%2C4604%2C4605%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C2030%2C1893%2C4769%2C4769%2C4769%2C4769%2C4751%2C5136%2C774%2C19%2C2610%2C2688%2C3045%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D140%26reqt%3D1682100790825&eri=1&sc=1&cookie=ID%3D0a0d10caa462b9c5%3AT%3D1682100787%3AS%3DALNI_MaZDddbSVD1Cu7zAxXucFNmoSZjmg&gpic=UID%3D00000c06d6911769%3AT%3D1682100787%3ART%3D1682100787%3AS%3DALNI_MZsw0eT-nUEef7wUGnJKsI1Nw5ZWQ&abxe=1&dt=1682100790831&lmt=1682100790&dlt=1682100786623&idt=384&adxs=456&adys=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ffr.buddysecret.com%2Fs%2Fsync-quiz%2FGoUX&frm=20&vis=1&psz=688x280&msz=688x280&fws=4&ohw=748&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=646057354.1682100787&ga_sid=1682100787&ga_hid=2109915687&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aff84c22195d2da1d442b4fe90a1a28691226e2c2a58cdf4de94532a7ec07c04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fr.buddysecret.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
476 B 490ms
489ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3276802629404479&correlator=4369817070448387&eid=31068366%2C44777898%2C21065725&output=ldjh&gdfp_req=1&vrg=202304170101&ptt=17&impl=fifs&iu_parts=1254144%3A38924784%2Cbuddysecret_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=6&adks=1171769993&didk=1004092366&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D8716160631095128%26eid%3D8716160631095128%26t%3D134%26d%3D319217%26t1%3D134%26pvc%3D0%26ap%3D1143%26sap%3D1143%26as%3Drevenue%26plat%3D1%26bra%3Dmod81%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dbuddysecret_com-box-2-8716160631095128%26eb_br%3Dc352ba581bd3ffd8cea608cf2d55f519%26eba%3D1%26ebss%3D10015%2C10063%2C11307%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D54%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D60%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D179%2C168%2C0%2C67%2C0%2C131%2C196%2C0%2C192%2C209%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3919%2C3933%2C4184%2C4185%2C4186%2C4604%2C4605%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C2030%2C1893%2C4769%2C4769%2C4769%2C4769%2C4751%2C5136%2C774%2C19%2C2688%2C3045%2C4276%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D120%26reqt%3D1682100790834&eri=1&sc=1&cookie=ID%3D0a0d10caa462b9c5%3AT%3D1682100787%3AS%3DALNI_MaZDddbSVD1Cu7zAxXucFNmoSZjmg&gpic=UID%3D00000c06d6911769%3AT%3D1682100787%3ART%3D1682100787%3AS%3DALNI_MZsw0eT-nUEef7wUGnJKsI1Nw5ZWQ&abxe=1&dt=1682100790840&lmt=1682100790&dlt=1682100786623&idt=384&adxs=650&adys=107&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ffr.buddysecret.com%2Fs%2Fsync-quiz%2FGoUX&frm=20&vis=1&psz=688x250&msz=300x250&fws=4&ohw=748&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=646057354.1682100787&ga_sid=1682100787&ga_hid=2109915687&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa73fbae71a4a90e304fa638d32fb0a288eb36e60f5e8dfe3e47fb3dbe5ef71d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 445
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fr.buddysecret.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
484 B 599ms
599ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3276802629404479&correlator=4001928970513362&eid=31068366%2C44777898%2C21065725&output=ldjh&gdfp_req=1&vrg=202304170101&ptt=17&impl=fifs&iu_parts=1254144%3A38924784%2Cbuddysecret_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=7&adks=207463532&didk=524494701&sfv=1-0-40&ris=4&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D2466035835089019%26eid%3D2466035835089019%26t%3D134%26d%3D319217%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod81%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dbuddysecret_com-medrectangle-2-2466035835089019%26eb_br%3D527e52c10635ac8136a4c84094ee49a8%26eba%3D1%26ebss%3D10015%2C10063%2C11307%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D54%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D70%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C168%2C0%2C192%2C0%2C193%2C196%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3915%2C3919%2C3933%2C4184%2C4185%2C4186%2C4604%2C4605%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C2030%2C1893%2C4769%2C4769%2C4769%2C4769%2C4751%2C5136%2C774%2C19%2C2610%2C2688%2C3045%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26lb%3D140%26reqt%3D1682100790843&eri=1&sc=1&cookie=ID%3D0a0d10caa462b9c5%3AT%3D1682100787%3AS%3DALNI_MaZDddbSVD1Cu7zAxXucFNmoSZjmg&gpic=UID%3D00000c06d6911769%3AT%3D1682100787%3ART%3D1682100787%3AS%3DALNI_MZsw0eT-nUEef7wUGnJKsI1Nw5ZWQ&abxe=1&dt=1682100790850&lmt=1682100790&dlt=1682100786623&idt=384&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ffr.buddysecret.com%2Fs%2Fsync-quiz%2FGoUX&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=646057354.1682100787&ga_sid=1682100787&ga_hid=2109915687&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

891dc01cd27e0831f5c76ebf475aa0cd55340bdb4bd4550e376b56b36c3b4835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fr.buddysecret.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1 KB 93ms
27ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-1-55
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 18:13:11 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 1277015
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9LVyW4df7%2Bsbj4EAngHOVOzw65Hi9lWUL8JeKSxEMQ%2FhxU4hjpku5iNmO1UmcageEniY0Q1Rg%2B2qNAY1FaHcDghgxxvMBOghHx2YW8GPO5t%2Fy1BnkgbGw60FDxwZzfV9q%2F1nS%2B87P3zZ3L%2B"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7bb7997c6a403624-FRA

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
35 B 101ms
44ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-1-55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fr.buddysecret.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Apr 2023 18:13:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://fr.buddysecret.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7bb7997c6c3d9176-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
311 B 100ms
43ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-1-55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fr.buddysecret.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Apr 2023 18:13:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://fr.buddysecret.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7bb7997c6c419176-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 102ms
45ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-1-55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fr.buddysecret.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Apr 2023 18:13:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://fr.buddysecret.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7bb7997c6c449176-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
565 B 239ms
106ms XHR
application/json 185.86.138.124

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-1-55
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fr.buddysecret.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 18:13:11 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fr.buddysecret.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
560 B 238ms
105ms XHR
application/json 185.86.138.124

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-1-55
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fr.buddysecret.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 18:13:11 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fr.buddysecret.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
560 B 247ms
114ms XHR
application/json 185.86.138.124

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-1-55
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fr.buddysecret.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 18:13:11 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fr.buddysecret.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
23 KB 73ms
30ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 18:13:11 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 382513
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VOA1EjmtRXlVDIz2gCOxhTom%2Bj2AbouqxncDGS6qOKpiGju%2F6ynMeDP4g6zXkKstsyvNVicNJIXqHa79%2B%2Fe7BBVMKwhbk%2Bq89B4mNNl7OmKw3dhG4i%2BRv5KMkXcgWh1M%2Bx8Krd6nGF8Y8ncp"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7bb7997cee1c360e-FRA

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 32ms
32ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fr.buddysecret.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
31ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fr.buddysecret.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET ads
securepubads.g.doubleclick.net/gampad/ 0
0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 29ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9QKBNZJYL1&gtm=45je34j0&_p=2109915687&cid=646057354.1682100787&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=2&sid=1682100787&sct=1&seg=0&dl=https%3A%2F%2Ffr.buddysecret.com%2Fs%2Fsync-quiz%2FGoUX&dt=Journal%20de%20l%27amiti%C3%A9%202023%20!%20Invite%20tes%20ami(e)s%20%C3%A0%20%C3%A9crire%20dans%20ton%20journal%20intime%20maintenant.&en=page_location&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9QKBNZJYL1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 18:13:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fr.buddysecret.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ads
securepubads.g.doubleclick.net/gampad/ 0
0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 31ms
31ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fr.buddysecret.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
29ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fr.buddysecret.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fr.buddysecret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 18:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET ads
securepubads.g.doubleclick.net/gampad/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3276802629404479&correlator=1662741983868154&eid=31068366%2C44777898%2C21065725&output=ldjh&gdfp_req=1&vrg=202304170101&ptt=17&impl=fifs&iu_parts=1254144%3A38924784%2Cbuddysecret_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=8&adks=1171769993&didk=1004092366&sfv=1-0-40&ris=2&rcs=2&prev_scp=a%3D%257C0%257C%26iid1%3D8716160631095128%26eid%3D8716160631095128%26t%3D134%26d%3D319217%26t1%3D134%26pvc%3D0%26ap%3D1143%26sap%3D1143%26as%3Drevenue%26plat%3D1%26bra%3Dmod81%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dbuddysecret_com-box-2-8716160631095128%26eb_br%3D23b5ca1d9de2587e6a4ecfd33d61b709%26eba%3D1%26ebss%3D10015%2C10063%2C11307%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D54%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D38%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D179%2C168%2C0%2C67%2C0%2C131%2C196%2C0%2C192%2C209%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3919%2C3933%2C4184%2C4185%2C4186%2C4604%2C4605%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C2030%2C1893%2C4769%2C4769%2C4769%2C4769%2C4751%2C5136%2C774%2C19%2C2688%2C3045%2C4276%2C19%2C2688%2C2693%2C3045%2C4276%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D60%26reqt%3D1682100791344&eri=1&sc=1&cookie=ID%3D0a0d10caa462b9c5%3AT%3D1682100787%3AS%3DALNI_MaZDddbSVD1Cu7zAxXucFNmoSZjmg&gpic=UID%3D00000c06d6911769%3AT%3D1682100787%3ART%3D1682100787%3AS%3DALNI_MZsw0eT-nUEef7wUGnJKsI1Nw5ZWQ&abxe=1&dt=1682100792350&lmt=1682100792&dlt=1682100786623&idt=384&adxs=650&adys=107&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ffr.buddysecret.com%2Fs%2Fsync-quiz%2FGoUX&frm=20&vis=1&psz=688x250&msz=300x250&fws=4&ohw=748&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=646057354.1682100787&ga_sid=1682100787&ga_hid=2109915687&ga_fc=true

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3276802629404479&correlator=1594928826830237&eid=31068366%2C44777898%2C21065725&output=ldjh&gdfp_req=1&vrg=202304170101&ptt=17&impl=fifs&iu_parts=1254144%3A38924784%2Cbuddysecret_com-medrectangle-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C336x280%7C728x90%7C320x50%7C468x60%7C234x60&fluid=height&ifi=9&adks=1867912623&didk=524493760&sfv=1-0-40&ris=2&rcs=2&prev_scp=a%3D%257C0%257C%26iid1%3D1917328407114056%26eid%3D1917328407114056%26t%3D134%26d%3D319217%26t1%3D134%26pvc%3D0%26ap%3D1145%26sap%3D1145%26as%3Drevenue%26plat%3D1%26bra%3Dmod81%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D4%26al%3D1004%26compid%3D0%26tap%3Dbuddysecret_com-medrectangle-1-1917328407114056%26eb_br%3Da928cf2c3ad36f5e9ed2d90f655c1dc9%26eba%3D1%26ebss%3D10015%2C10063%2C11307%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D54%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D44%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C168%2C0%2C67%2C0%2C131%2C153%2C0%2C192%2C209%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C815%2C817%2C899%2C903%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3919%2C3933%2C4184%2C4185%2C4186%2C4604%2C4605%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C2030%2C1893%2C4769%2C4769%2C4769%2C4769%2C4751%2C5136%2C774%2C19%2C2610%2C2688%2C3045%2C19%2C2610%2C2688%2C2693%2C3045%2C4276%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D70%26reqt%3D1682100791392&eri=1&sc=1&cookie=ID%3D0a0d10caa462b9c5%3AT%3D1682100787%3AS%3DALNI_MaZDddbSVD1Cu7zAxXucFNmoSZjmg&gpic=UID%3D00000c06d6911769%3AT%3D1682100787%3ART%3D1682100787%3AS%3DALNI_MZsw0eT-nUEef7wUGnJKsI1Nw5ZWQ&abxe=1&dt=1682100792395&lmt=1682100792&dlt=1682100786623&idt=384&adxs=456&adys=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ffr.buddysecret.com%2Fs%2Fsync-quiz%2FGoUX&frm=20&vis=1&psz=688x280&msz=688x280&fws=4&ohw=748&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=646057354.1682100787&ga_sid=1682100787&ga_hid=2109915687&ga_fc=true

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3276802629404479&correlator=583732304046023&eid=31068366%2C44777898%2C21065725&output=ldjh&gdfp_req=1&vrg=202304170101&ptt=17&impl=fifs&iu_parts=1254144%3A38924784%2Cbuddysecret_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=10&adks=207463532&didk=524494701&sfv=1-0-40&ris=2&rcs=2&prev_scp=a%3D%257C0%257C%26iid1%3D2466035835089019%26eid%3D2466035835089019%26t%3D134%26d%3D319217%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod81%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dbuddysecret_com-medrectangle-2-2466035835089019%26eb_br%3Da928cf2c3ad36f5e9ed2d90f655c1dc9%26eba%3D1%26ebss%3D10015%2C10063%2C11307%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D54%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D44%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C168%2C0%2C192%2C0%2C193%2C196%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3915%2C3919%2C3933%2C4184%2C4185%2C4186%2C4604%2C4605%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C2030%2C1893%2C4769%2C4769%2C4769%2C4769%2C4751%2C5136%2C774%2C19%2C2610%2C2688%2C3045%2C19%2C2610%2C2688%2C2693%2C3045%2C4276%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26lb%3D70%26reqt%3D1682100791455&eri=1&sc=1&cookie=ID%3D0a0d10caa462b9c5%3AT%3D1682100787%3AS%3DALNI_MaZDddbSVD1Cu7zAxXucFNmoSZjmg&gpic=UID%3D00000c06d6911769%3AT%3D1682100787%3ART%3D1682100787%3AS%3DALNI_MZsw0eT-nUEef7wUGnJKsI1Nw5ZWQ&abxe=1&dt=1682100792460&lmt=1682100792&dlt=1682100786623&idt=384&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ffr.buddysecret.com%2Fs%2Fsync-quiz%2FGoUX&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=646057354.1682100787&ga_sid=1682100787&ga_hid=2109915687&ga_fc=true

Verdicts & Comments Add Verdict or Comment

396 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.buddysecret.com/	1970-01-20 11:15:02	Name: ezoadgid_319217 Value: -1
.buddysecret.com/	1970-01-20 11:15:07	Name: ezoref_319217 Value:
.buddysecret.com/	1970-01-20 20:00:36	Name: ezosuibasgeneris-1 Value: a0071773-c8cc-44dc-5648-d1047391aa5d
.buddysecret.com/	1970-01-20 11:15:07	Name: ezoab_319217 Value: mod81
.buddysecret.com/	1970-01-20 11:17:53	Name: active_template::319217 Value: pub_site.1682100785
.buddysecret.com/	1970-01-20 11:15:02	Name: ezopvc_319217 Value: 1
.buddysecret.com/	1970-01-20 11:16:27	Name: ezepvv Value: 0
.buddysecret.com/	1970-01-20 11:15:02	Name: ezovid_319217 Value: 1490062064
.buddysecret.com/	1970-01-20 11:15:02	Name: lp_319217 Value: https://fr.buddysecret.com/s/sync-quiz/GoUX
.buddysecret.com/	1970-01-20 11:17:53	Name: ezovuuidtime_319217 Value: 1682100786
.buddysecret.com/	1970-01-20 11:15:02	Name: ezovuuid_319217 Value: ee0bc125-78ff-4a4a-4f91-1676e3e11907
fr.buddysecret.com/	1970-01-20 20:51:00	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
fr.buddysecret.com/	1970-01-20 20:51:00	Name: ezohw Value: w%3D1600%2Ch%3D1200
fr.buddysecret.com/	1969-12-31 23:59:59	Name: ezouspvv Value: 0
fr.buddysecret.com/	1969-12-31 23:59:59	Name: ezouspva Value: 0
fr.buddysecret.com/	1970-01-20 11:58:12	Name: __bqs Value: aHR0cHMlM0ElMkYlMkZmci5idWRkeXNlY3JldC5jb20lMkZzJTJGc3luYy1xdWl6JTJGR29VWCZ1cT1KQkJ6VlU3WU5xRTY=
.buddysecret.com/	1970-01-20 20:51:00	Name: _ga_21EKGFLRB3 Value: GS1.1.1682100787.1.0.1682100787.0.0.0
.buddysecret.com/	1970-01-20 11:16:27	Name: _gid Value: GA1.2.1592094313.1682100787
.buddysecret.com/	1970-01-20 11:15:00	Name: _gat_gtag_UA_126527512_14 Value: 1
.buddysecret.com/	1970-01-20 11:15:00	Name: _gat_gtag_UA_192512597_5 Value: 1
.buddysecret.com/	1970-01-20 11:15:00	Name: _gat_UA-126527512-43 Value: 1
.buddysecret.com/	1970-01-20 11:15:00	Name: _gat_UA-126527512-14 Value: 1
.buddysecret.com/	1970-01-20 20:51:00	Name: _ga Value: GA1.1.646057354.1682100787
.buddysecret.com/	1970-01-20 20:51:00	Name: _ga_9QKBNZJYL1 Value: GS1.1.1682100787.1.0.1682100787.60.0.0
.quantserve.com/	1970-01-20 20:45:15	Name: mc Value: 6442d233-741d2-c562f-3efa3
.buddysecret.com/	1970-01-20 20:39:29	Name: __qca Value: P0-621340887-1682100787330
fr.buddysecret.com/	1970-01-20 20:00:36	Name: ezux_lpl_319217 Value: 1682100787580\|28e25fe7-e346-41bd-7c61-352495f5b5ca\|false
.buddysecret.com/	1970-01-20 20:36:36	Name: __gads Value: ID=0a0d10caa462b9c5:T=1682100787:S=ALNI_MaZDddbSVD1Cu7zAxXucFNmoSZjmg
.buddysecret.com/	1970-01-20 20:36:36	Name: __gpi Value: UID=00000c06d6911769:T=1682100787:RT=1682100787:S=ALNI_MZsw0eT-nUEef7wUGnJKsI1Nw5ZWQ
.doubleclick.net/	1970-01-20 20:36:36	Name: IDE Value: AHWqTUn7n-mY-de2pAuPEYsL27lsGdrzn9VsTxRyqMXP-gJfncgpRxIDP8DJY-IybaE
fr.buddysecret.com/	1970-01-20 11:58:12	Name: _pbjs_userid_consent_data Value: 3524755945110770
.buddysecret.com/	1970-01-20 20:00:36	Name: _sharedid Value: 237b33c7-38af-4f82-8790-5ecd582891fd

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

04958da7d73d3e9367b55474a062b31e.safeframe.googlesyndication.com
a.ad.gt
aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
adservice.google.com
adservice.google.de
api.btloader.com
basher.ezodn.com
btloader.com
c.amazon-adsystem.com
cdn.hadronid.net
cdn.id5-sync.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
fr.buddysecret.com
g.ezodn.com
go.ezodn.com
googleads.g.doubleclick.net
id.hadron.ad.gt
id5-sync.com
img.holaquiz.com
lb.eu-1-id5-sync.com
p2e9r4n9.stackpathcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
pfx.api.botman.ninja
pixel.quantserve.com
prebid.smilewanted.com
prg.smartadserver.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
region1.analytics.google.com
region1.google-analytics.com
rules.quantcount.com
script.4dex.io
secure.quantserve.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
superal.github.io
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
securepubads.g.doubleclick.net
104.22.69.131
130.211.23.194
142.250.185.134
151.139.128.10
162.19.138.117
162.19.138.118
185.86.138.124
2001:4860:4802:34::36
2001:4860:4802:36::178
2600:9000:2127:f800:6:44e3:f8c0:93a1
2606:4700:10::6816:445
2606:4700:10::ac43:246e
2606:4700:10::ac43:266a
2606:4700:20::681a:346
2606:4700:20::681a:8a9
2606:4700:20::ac43:4686
2606:4700:3035::6815:5702
2606:4700::6811:180e
2606:4700:e4::ac40:a602
2606:4700:e4::ac40:a702
2606:50c0:8001::153
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:806::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2008
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9c
2a06:98c1:3120::3
35.168.115.78
5.161.35.131
65.9.90.93
65.9.99.209
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0d55e7ae0474f0126993fecddca13a26b10b027baacc716b6d356bdce8f9619a
0e5efee6dbb6f3dee6c9856038b15b31f7ef546756272448788f86a2d5633ace
12e7b6899a0cbdbc2cc8e515dfc379b3f6814c9d51c4f2ceae30ef275c61c3f8
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825
14f328218ce3f2edab3d8cd2e58ddc1e4ef96f3c8aa02da92430a4a151a902b8
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
1a30b3c4468e6cb64aefdf6b3056e4d5a5ba3f3a44b376261be54e7b567066f5
1a4086f6b01ea01e73f42b352500e1ee3fc4a3dba5a50ecd41485f70d661dc30
1bf0dece38664d648e3be9f14fb1ca09ac8c8488e10e1a73ce18545b43d76d1d
1ca15678c5371520af135afde97eb1038d2f8618df9816230cb2efc13478cd41
240e1ebc0ff91ce6cbf865b3fb321d5f7a110783d9e3fcf50888cc3272446fdc
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a0182d790fb030792d5172ed46e0c8f17cedea697937210c6401f2ebafbe54e
2b104db680a9d1df48409a24d2f18c31e2867e67e921c44b00c72b22d9762bb8
3133d5701c08c2e700289c8b937a62febaf03b69292d3785dad25ff6fff23dbf
3530d16e8ee249bd4a37f640f88801795680af5c202fe50187aed10a9f958aff
374fec528851b7cdc6e959e18835e0be7641addaf03366886b12fe570cccaf48
391fb956aa4dc55504f7aaefe02f05a4fb953c78cb797e1b27bba548cbabeea8
3b6dfeb59f7464899e64068a09afaa80fdae61e9767a041f9bc60aae5362c599
432acd8192429c035f55370ab0501a7f58d69456a10b0a1bc213bd3efb6d2946
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
470afce88298dfb1c18f2339b0acdfbe0a19ee18e4e3c4cb599595b339acaff4
47176ade966a9ffbf425d7d9d0cfe693da4ae96cb8300da77e288039b2f130ba
4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426
47ad2136726a866de6e7229643298d402133c65f3fa775d6cda843b543ed2296
47bf6b2e0bb21849f205a4f2d90c8e40b2773f3fdf4c764471cd050ef0a87378
47ebbc6efa9afa687a96ec1e33fa5c8f227c28d21142edb5692e395f932eefd8
49262cbd305b40a32de0c41a27e4a5aafc65927c0b7f0e6163e0e5b3739eab85
49656e03f6fbfdc8fce3e83ef3b7fd4710faeb7a1796274e7bc45f379218e55a
4aa3f6707f926cbe074217b19c4196f9aa4ae5e3f7ec62d59ee92a6a34bfcdf3
4c27f8b7209c6041966d66b09c1f220bcb7c29078340427cb2b5c16de7f0cdd9
4dd9d0bbf4a02462ea765787eddb27a6d0e7da1c82be9bd58a4b36606e9ed5ae
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
597830acea0420d0c95ceae70e1db6fcfb1d35d259922ff472b1b6fb083e193f
5a5e6f7994c5f4b291424f145d1fede1bfb2793cac841138f0863fd954da721f
619329e8e95b21ac0224515e23f42c9c074a3cc0cad929356c5479204a65e397
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6287576091d784878dc0c6e239d5b80ec220adaef7fa014a8802c26a27064d45
6923498f78595bd12b0b85b4d8fb03395bb293984a9efb4251447a9b80f459bb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ec8261e5e156d489a1e3aef3310486bc484e13c69f74b664469cb11ced53b94
737473b145a0fb2d97963ba71104b42ea59d434e17d43de3db67ddffc24200ac
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
750f95992d17dff3f50f16c3b15a8afeda7e3fd6d0d8c9d9518d6132a4731a71
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
891dc01cd27e0831f5c76ebf475aa0cd55340bdb4bd4550e376b56b36c3b4835
93df6b932f78a94beb1a9aaf63e733e4969724b68bae11e4b60d8cb8ce4ff3ac
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
974fb86e61c1c7c1b795ce953fbd58c82a9287d7d314d593582bc33da6d262eb
98c187b13882e37aead12b7982ee7817d2f60b17d5d37a1495be8e34dcae93c2
99c99af258943f5efe5689a6803d0470de89dbb21bc19eaf3259a47bc07d2a88
9a03674bfe83fe09eee7aae6106943918be73a009be21468c2bdb1b4ce958fdc
9a73ec51d0e62c2fdb04d631b841b43d1d61a18fd1c09ffc243db565ef05bbe4
9d5c58353f0d90f2bf4392b2418d8aa06ee483645f48e4b34b0086bb46aa5d48
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0f424f15622aec46cd0f910c28a20e70c5c9f50d6ef5289d169e91bdd3bd154
a1b20c516247746f05238e45bdcd96aa0111c7d2d70e538b1ab885a01f081ac0
a37ddc4e7e30ec2675c6d2e628b57efee02b9f3ed430e7172946bf04c1744648
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a79fd8609a005581a852d3a6ce79e0434c1b10218edab4a611c8a87d4beef1d8
aa73fbae71a4a90e304fa638d32fb0a288eb36e60f5e8dfe3e47fb3dbe5ef71d
aafc9e6058700946b019027e9e9e91eb67624597b8431b03cc82f0f928dd8184
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aff84c22195d2da1d442b4fe90a1a28691226e2c2a58cdf4de94532a7ec07c04
b2e14ccee9e55749b28f11a4cc0f8b29256e58f628820e224b926828256b0a7d
b315cd1d137b144cd722b47da20ca34b2ddfd9ec6ff8ca7551900dfe55e8ae54
b8fe9022cf54c53863a7f1c251422ec1968630abef85a0743f2741f8e68bc3b1
c044a3c9cdb186fb83cea1eeb7cf8ee76e0e084835c45cead97e96c855f8d857
c0473b1fce4e4ad563a5c91daec07a4d9e211f7ebc776af3da0c707a840b084c
c09dda2cfc05892463b64a687169e7240f08686e41010bd050f4286d77c921f3
c4363c1d5715cf9b10961b9154d3c1a874f68126bc4e9c390538eeb03f4a2b23
c62d15b97395d0ee57d4dfe9584e6f181d70d175fe4fc4f0480b645753afc626
c72c5cdb8ee97ed1e23f49f9cc0884c795f9c70e85a566453d9701f12cebfe9f
c759ef2e91ce47c0601fe6006b6c18436478ffb4c6abee6a6ccb14cb6b12e78c
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ccc14c8f89759e4ee4328556294bfe4985f8d14237df2185e40b33e872ea03fa
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d25bd5330cd688c4b04c5c661a1f043121df76a2577ecda3bb00411e006831bc
d59158a0670c02c5079b8c4c7dd8d7519c7d4d0c1ddee932940592ffdc781f25
d777a901e1e816d86434cd1c98fd0e894b2a6c89b9bd59f33bb7584777e548c4
d903d2c28340c43faa76bc62dee3994f1d4e9704050d3c711a130fe7d08214c3
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
db668b70fd0021a224a50338fc80f62881fc5e678e84987ff62785d86ab3f320
dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd427c943f75e9fa448236af731060b18c43b0067cf945aa1422f35349d4730d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e04a40af8692b8e76780c014a3f5ad8d55d98fe8a6cd671bbebd32413117888d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e802bffc7a419ab8f40bfbb3c021fdc2eead1d719e0ba1a726bbed3fddd5cc47
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef46993c81da652e3c2581d2adab6051e1bd0570d7ce80f5e3ac2c6221a37a97
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e
f53061fe431368a06c0fd0136e468828f0a9bfd612e87e1161b7856d84bb9e1c
fd15dccc78b33bb29115461ac9504869f4af29b5bdc93111b8ecff5d58469206
ff4a985f8b2dc95aa25b773f60e8f2e8d7aa64891af2f76c6cac2c3ae9ee3c28

fr.buddysecret.com Open in urlscan Pro 2606:4700:3035::6815:5702 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

151 Requests

97 %HTTPS

73 %IPv6

29 Domains

45 Subdomains

42 IPs

5 Countries

2050 kBTransfer

5297 kBSize

32 Cookies

4 Outgoing links

Redirected requests

151 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fr.buddysecret.com Open in urlscan Pro
2606:4700:3035::6815:5702 Public Scan

Screenshot
Live screenshot

Full Image

151
Requests

97 %
HTTPS

73 %
IPv6

29
Domains

45
Subdomains

42
IPs

5
Countries

2050 kB
Transfer

5297 kB
Size

32
Cookies

151 HTTP transactions
0 data transactions