URL: https://valleysecrets.yooco.org/
Submission: On December 17 via api from US — Scanned from DE

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 23 HTTP transactions. The main IP is 2606:4700:20::681a:968, located in United States and belongs to CLOUDFLARENET, US. The main domain is valleysecrets.yooco.org.
TLS certificate: Issued by WE1 on December 8th 2024. Valid for: 3 months.
This is the only time valleysecrets.yooco.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 5 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a02:2638:3::a 44788 (ASN-CRITE...)
23 4
Apex Domain
Subdomains
Transfer
15 yooco.org
valleysecrets.yooco.org
100 KB
5 yooco.de
static2.yooco.de
static.yooco.de
96 KB
4 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 415
55 KB
1 criteo.com
cas.criteo.com — Cisco Umbrella Rank: 28069
56 B
23 4
Domain Requested by
15 valleysecrets.yooco.org valleysecrets.yooco.org
4 ajax.googleapis.com valleysecrets.yooco.org
ajax.googleapis.com
3 static.yooco.de valleysecrets.yooco.org
2 static2.yooco.de 2 redirects
1 cas.criteo.com valleysecrets.yooco.org
23 5

This site contains links to these domains. Also see Links.

Domain
www.yooco.org
Subject Issuer Validity Valid
yooco.org
WE1
2024-12-08 -
2025-03-08
3 months crt.sh
upload.video.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
yooco.de
WE1
2024-10-26 -
2025-01-24
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-12-03 -
2025-03-03
3 months crt.sh

This page contains 2 frames:

Primary Page: https://valleysecrets.yooco.org/
Frame ID: FBAEFCA33873FF1A6E2A71242B7DC95F
Requests: 20 HTTP requests in this frame

Frame: https://valleysecrets.yooco.org/banner.php?s=160x600&us=1
Frame ID: 79F584627D60CC03D701DEB9158C4F84
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

valleysecrets

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Overall confidence: 100%
Detected patterns
  • //(?:cas\.criteo\.com|(?:[^/]\.)?criteo\.net)/

Overall confidence: 100%
Detected patterns
  • /(?:scriptaculous|protoaculous)(?:\.js|/)

Page Statistics

23
Requests

91 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

250 kB
Transfer

504 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://static2.yooco.de/n2/25/523091/u/fb/2555708/images/profile/small/bed35ae8995008d3a5938cef0df858e0.jpg HTTP 301
  • https://static.yooco.de/n2/25/523091/u/fb/2555708/images/profile/small/bed35ae8995008d3a5938cef0df858e0.jpg
Request Chain 10
  • https://static2.yooco.de/n2/25/523091/images/background/orig/343986485a5d8f1cdb5fc3e720c2ecb5.jpg HTTP 301
  • https://static.yooco.de/n2/25/523091/images/background/orig/343986485a5d8f1cdb5fc3e720c2ecb5.jpg

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
valleysecrets.yooco.org/
12 KB
4 KB
Document
General
Full URL
https://valleysecrets.yooco.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:968 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cca7c17f941652953f84053181382b3554f1be907a581333f122d081465e1893

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8f37216e8face508-TXL
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 17 Dec 2024 13:06:28 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SoJSNYyTV3csq%2B%2FJE3eIng39Ug9iDV%2BpGXNkRElXoRTb4Bpr%2FhtFdicbCRO%2FTg%2BCDwjFk8tFVVM6G5BLaM6%2B8sA6J%2FIIJkdRWYSOhX9aFSCcVn8Wv7j%2BqofopxWVbXyShSVWz25yU6u%2Bz%2Bumu1j9VI%2ByaaYw"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=17247&min_rtt=16279&rtt_var=3157&sent=8&recv=13&lost=0&retrans=0&sent_bytes=3997&recv_bytes=2362&delivery_rate=247445&cwnd=254&unsent_bytes=0&cid=0f951c2c3e22f541&ts=160&x=0"
vary
Accept-Encoding
prototype.js
ajax.googleapis.com/ajax/libs/prototype/1.7.0.0/
159 KB
37 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/prototype/1.7.0.0/prototype.js
Requested by
Host: valleysecrets.yooco.org
URL: https://valleysecrets.yooco.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dedea3aa22a087b3745c9635e7a3d65e772d57ce590b541a6a32069a0b1d60b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://valleysecrets.yooco.org/

Response headers

content-encoding
gzip
age
14763
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 09:00:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 09:00:25 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
37418
x-xss-protection
0
server
sffe
scriptaculous.js
ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/
3 KB
2 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/scriptaculous.js?load=effects,dragdrop
Requested by
Host: valleysecrets.yooco.org
URL: https://valleysecrets.yooco.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a361f7a0236899778a357fa532dc307867137c6066d87b967f0314409c279018
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://valleysecrets.yooco.org/

Response headers

content-encoding
gzip
age
353189
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Sat, 13 Dec 2025 10:59:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 10:59:59 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
1514
x-xss-protection
0
server
sffe
general-proto-user.min.js
valleysecrets.yooco.org/js/
36 KB
11 KB
Script
General
Full URL
https://valleysecrets.yooco.org/js/general-proto-user.min.js?15030401
Requested by
Host: valleysecrets.yooco.org
URL: https://valleysecrets.yooco.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:968 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac742b842712a29e6ded5b3456eead374d0582d26d0bf8e37d828c29e919cb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://valleysecrets.yooco.org/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"5998c29e-8eee"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2F6NntTpaWxT3tvrnETCBd9YAy9zDyv87zB3KiEx5V0gFktK4TnXisTLvszRj6YKJm%2FeyAr2JYnA0S5BIoJ2KeM2LJ6RKGYeAv9Qqne0dWL7m%2BBnBCMBMPEuxQq5SHrL4nOfm2hrqzQpdIgj%2FWgw6TMYGzwf"}],"group":"cf-nel","max_age":604800}
cf-ray
8f37216f2a2fe508-TXL
server-timing
cfL4;desc="?proto=TCP&rtt=18000&min_rtt=16279&rtt_var=2760&sent=31&recv=19&lost=0&retrans=0&sent_bytes=22131&recv_bytes=2862&delivery_rate=358988&cwnd=256&unsent_bytes=0&cid=0f951c2c3e22f541&ts=246&x=0"
date
Tue, 17 Dec 2024 13:06:28 GMT
content-type
application/javascript
last-modified
Sat, 19 Aug 2017 22:58:38 GMT
vary
Accept-Encoding
server
cloudflare
general-rounded-user-a-min.css
valleysecrets.yooco.org/templates/core/
62 KB
12 KB
Stylesheet
General
Full URL
https://valleysecrets.yooco.org/templates/core/general-rounded-user-a-min.css?13040901&15030401
Requested by
Host: valleysecrets.yooco.org
URL: https://valleysecrets.yooco.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:968 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddfb208964d8f0af4a52e38d6a146cb9c042eb1d869555514829cfa60cc070b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://valleysecrets.yooco.org/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"5998c29e-f64f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qe%2FV87qjdOxG2IJkOD585JChHnloJXpXjsD8urA3GHL%2FoZWapMojdwo3u%2BmOeU0KGnYaIkdNtcCADolQJXBxRHmi2R5OZlEchusjFroSeathQpdstNsQ%2B8PMJ86Eh3EGV9KrVe6YAmOyD4RsXYXA1WVT8L1T"}],"group":"cf-nel","max_age":604800}
cf-ray
8f37216f1a2ae508-TXL
server-timing
cfL4;desc="?proto=TCP&rtt=18000&min_rtt=16279&rtt_var=2760&sent=18&recv=19&lost=0&retrans=0&sent_bytes=9298&recv_bytes=2862&delivery_rate=358988&cwnd=256&unsent_bytes=0&cid=0f951c2c3e22f541&ts=245&x=0"
date
Tue, 17 Dec 2024 13:06:28 GMT
content-type
text/css
last-modified
Sat, 19 Aug 2017 22:58:38 GMT
vary
Accept-Encoding
server
cloudflare
us.gif
valleysecrets.yooco.org/templates/core/images/flags/
367 B
874 B
Image
General
Full URL
https://valleysecrets.yooco.org/templates/core/images/flags/us.gif
Requested by
Host: valleysecrets.yooco.org
URL: https://valleysecrets.yooco.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:968 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b92f4eb6e7e071a728ae3fb103c1dfe56c0b0f1423171c94afd1709ea466fdab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://valleysecrets.yooco.org/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"5998c29e-16f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RmT3i3IoI7AxEigXjkq2odKpcM%2BjF8uY4FR2zwVxHOlHbsbhaP66Kyqi%2F90VMjNCl6tplAgtcIjrrI7dmRKpDaMsgu6qvoSU8EBfAY09ZKnF6xzvZsTO7DVOiTJcWQN2NaO4rubg3wlUCsfO%2BZs9s13q%2B9La"}],"group":"cf-nel","max_age":604800}
cf-ray
8f37216f2a31e508-TXL
accept-ranges
bytes
server-timing
cfL4;desc="?proto=TCP&rtt=18000&min_rtt=16279&rtt_var=2760&sent=15&recv=19&lost=0&retrans=0&sent_bytes=8358&recv_bytes=2862&delivery_rate=358988&cwnd=256&unsent_bytes=0&cid=0f951c2c3e22f541&ts=233&x=0"
content-length
367
date
Tue, 17 Dec 2024 13:06:28 GMT
content-type
image/gif
last-modified
Sat, 19 Aug 2017 22:58:38 GMT
vary
Accept-Encoding
server
cloudflare
bed35ae8995008d3a5938cef0df858e0.jpg
static.yooco.de/n2/25/523091/u/fb/2555708/images/profile/small/
Redirect Chain
  • https://static2.yooco.de/n2/25/523091/u/fb/2555708/images/profile/small/bed35ae8995008d3a5938cef0df858e0.jpg
  • https://static.yooco.de/n2/25/523091/u/fb/2555708/images/profile/small/bed35ae8995008d3a5938cef0df858e0.jpg
3 KB
3 KB
Image
General
Full URL
https://static.yooco.de/n2/25/523091/u/fb/2555708/images/profile/small/bed35ae8995008d3a5938cef0df858e0.jpg
Requested by
Host: valleysecrets.yooco.org
URL: https://valleysecrets.yooco.org/
Protocol
H2
Server
2606:4700:20::681a:696 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04fa9da95cdc010ae108e588b481e6a55060fd56e5c601aa5f98c8ad7f20e648

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://valleysecrets.yooco.org/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
etag
"5bded5e0-bc2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cLaGNqdsTevg2JYzsqa39IvC9gGDRfb%2FPnAAfeGZaKHC%2FBVeq3%2FQ3ZcjHPetUwBLsapfSyBfgjNkE2YVL9zu8XCdMQIm8Sds3VLD9HIY7xv49HU5gsxuSFjagYp8pYKLpxb6CHF1on9ZAdA6PA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f3721707e09e507-TXL
accept-ranges
bytes
server-timing
cfL4;desc="?proto=TCP&rtt=20052&min_rtt=16279&rtt_var=8612&sent=12&recv=15&lost=0&retrans=0&sent_bytes=4888&recv_bytes=2469&delivery_rate=246315&cwnd=257&unsent_bytes=0&cid=f795a8a48d14ebf0&ts=223&x=0"
content-length
3010
date
Tue, 17 Dec 2024 13:06:28 GMT
content-type
image/jpeg
last-modified
Sun, 04 Nov 2018 11:20:00 GMT
vary
Accept-Encoding
server
cloudflare

Redirect headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
https://static.yooco.de/n2/25/523091/u/fb/2555708/images/profile/small/bed35ae8995008d3a5938cef0df858e0.jpg
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nZb9d8M2LLW4W0%2BYVQVVdxCyiW2y69Jg4tAEGpNFTRZnHA4jn6XuL%2F9pUCG5AG8ilofTcPThke8aXcmDDMeAqK5BRd5qDbxvQbc0YAHKb8HYPCsV3Zny4iNzmr65Nc5cDC9f%2BkyJ0%2FbQBT3xnTA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f3721700c83e507-TXL
server-timing
cfL4;desc="?proto=TCP&rtt=16381&min_rtt=16279&rtt_var=2618&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3986&recv_bytes=2348&delivery_rate=246315&cwnd=253&unsent_bytes=0&cid=f795a8a48d14ebf0&ts=146&x=0"
date
Tue, 17 Dec 2024 13:06:28 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
effects.js
ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/
38 KB
9 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/effects.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/scriptaculous.js?load=effects,dragdrop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
055be203cf7225e94dec4a5f72ba1f469a499ac78c24d9366705c1099de812d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://valleysecrets.yooco.org/

Response headers

content-encoding
gzip
age
507813
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 16:02:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 16:02:55 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
8719
x-xss-protection
0
server
sffe
dragdrop.js
ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/
30 KB
7 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/dragdrop.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/scriptaculous.js?load=effects,dragdrop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b88542d1458cd86dacd3de3cb9635ded83c01edcae01be5f49451611985cff8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://valleysecrets.yooco.org/

Response headers

content-encoding
gzip
age
14635
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 09:02:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 09:02:33 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
7539
x-xss-protection
0
server
sffe
banner.php
valleysecrets.yooco.org/ Frame 79F5
2 KB
1 KB
Document
General
Full URL
https://valleysecrets.yooco.org/banner.php?s=160x600&us=1
Requested by
Host: valleysecrets.yooco.org
URL: https://valleysecrets.yooco.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:968 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e631ec193ce8c62caeefbd320d399de2a044dbffd7a6fbfc629776b27d7ea367

Request headers

Referer
https://valleysecrets.yooco.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8f3721727eafe508-TXL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 17 Dec 2024 13:06:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UzxAAEICP7BlxP9iEByef5NvWz62PdmjuAWhvNu5fcTxm65bxremSMxjV4ynueKl3vT7t627%2Fx3RYpDCpZ8SGnC3HPesg2XTAJArMQfdPeQdSa5vHDSXYHJMtWbvZm91mApkpXK750zAIWrOxnUsDWv8G0TR"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=17424&min_rtt=16229&rtt_var=1365&sent=68&recv=64&lost=0&retrans=0&sent_bytes=44125&recv_bytes=4027&delivery_rate=1233135&cwnd=256&unsent_bytes=0&cid=0f951c2c3e22f541&ts=749&x=0"
vary
Accept-Encoding
60degree_gray.png
static.yooco.de/templates/core/images/tiles2/
1 KB
2 KB
Image
General
Full URL
https://static.yooco.de/templates/core/images/tiles2/60degree_gray.png
Requested by
Host: valleysecrets.yooco.org
URL: https://valleysecrets.yooco.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:696 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5887740dd1535d72264542d6ad91c08ee4701374089ab15ffc287c83a94bc7ae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://valleysecrets.yooco.org/

Response headers

cf-cache-status
HIT
etag
"5998c29e-41f"
age
4236080
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q4MK5RqGByx2LQ09WCt%2BJLeCuFPEqiF93UHt9Utqxe3sNTwOZNajYteVj2z71VTu7OiGgM1iw6mj5LYGJCMJREhxT%2F8UCWy%2B0l1SGcFQa2KWxkXG7K1Fx%2FBuV8iuuXpLi3BxlIIOhYEGAU0eDg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 29 Oct 2025 12:25:08 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=23997&min_rtt=16279&rtt_var=14357&sent=19&recv=20&lost=0&retrans=0&sent_bytes=8496&recv_bytes=2657&delivery_rate=327283&cwnd=257&unsent_bytes=0&cid=f795a8a48d14ebf0&ts=426&x=0"
date
Tue, 17 Dec 2024 13:06:28 GMT
content-type
image/png
last-modified
Sat, 19 Aug 2017 22:58:38 GMT
vary
Accept-Encoding
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f372171ec38e507-TXL
accept-ranges
bytes
content-length
1055
server
cloudflare
343986485a5d8f1cdb5fc3e720c2ecb5.jpg
static.yooco.de/n2/25/523091/images/background/orig/
Redirect Chain
  • https://static2.yooco.de/n2/25/523091/images/background/orig/343986485a5d8f1cdb5fc3e720c2ecb5.jpg
  • https://static.yooco.de/n2/25/523091/images/background/orig/343986485a5d8f1cdb5fc3e720c2ecb5.jpg
89 KB
90 KB
Image
General
Full URL
https://static.yooco.de/n2/25/523091/images/background/orig/343986485a5d8f1cdb5fc3e720c2ecb5.jpg
Requested by
Host: valleysecrets.yooco.org
URL: https://valleysecrets.yooco.org/
Protocol
H2
Server
2606:4700:20::681a:696 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fab710dd109bfc1728ae5392848af990b7f16f8632bab5951076fe967c3f4dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://valleysecrets.yooco.org/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
etag
"5bded110-164ee"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rT4LU3x1l5YAwup8KD8XAn34iPH0EHxCw3C6EYlHD8G7AiwPc9gsWRhBow39XxvKJIcc6k870xX4tg79%2B%2BaDHY67q4Ccc1HOi06KMtKbrizBaa8d%2FOb4Cv5rST6U7NZsqydNuGNHCSNw0m063A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f3721723d7fe507-TXL
accept-ranges
bytes
server-timing
cfL4;desc="?proto=TCP&rtt=20066&min_rtt=16262&rtt_var=6255&sent=26&recv=27&lost=0&retrans=0&sent_bytes=10881&recv_bytes=2765&delivery_rate=327283&cwnd=257&unsent_bytes=0&cid=f795a8a48d14ebf0&ts=524&x=0"
content-length
91374
date
Tue, 17 Dec 2024 13:06:28 GMT
content-type
image/jpeg
last-modified
Sun, 04 Nov 2018 10:59:28 GMT
vary
Accept-Encoding
server
cloudflare

Redirect headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
https://static.yooco.de/n2/25/523091/images/background/orig/343986485a5d8f1cdb5fc3e720c2ecb5.jpg
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0h0WHFeqETtHmB7P0wCvG4gs23yrQFbFVWyPgAttQ4INTdzrOn8Jte0YRKLkTSEsUXZpc4%2FEQQz4qssa7tzsWTWj70PdiatotNS3%2BHTcDISJopXrLjNAeCAkTx3U%2BCeBkB3gD8GXSCFeGv%2BYsv8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f372171ec3de507-TXL
server-timing
cfL4;desc="?proto=TCP&rtt=21451&min_rtt=16262&rtt_var=9887&sent=22&recv=23&lost=0&retrans=0&sent_bytes=10152&recv_bytes=2657&delivery_rate=327283&cwnd=257&unsent_bytes=0&cid=f795a8a48d14ebf0&ts=446&x=0"
date
Tue, 17 Dec 2024 13:06:28 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
bg_button_v2.gif
valleysecrets.yooco.org/templates/core/images/
1 KB
2 KB
Image
General
Full URL
https://valleysecrets.yooco.org/templates/core/images/bg_button_v2.gif
Requested by
Host: valleysecrets.yooco.org
URL: https://valleysecrets.yooco.org/templates/core/general-rounded-user-a-min.css?13040901&15030401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:968 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e341c8683bc5b43117f3ed4e233b0cb8ab1d3bcefaedc6104d037a252a234f78

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://valleysecrets.yooco.org/templates/core/general-rounded-user-a-min.css?13040901&15030401

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"5998c29e-4c4"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kyGFAR5tmcWlRJKZRqTTmVwQdaTrmvZmomq8XKx0uDHhzw25Wqt72MmW1dDLjUBftxT23iIBiUPqDMhPhyKpVlmt6NscryrZcFhhnasdDNcvukpFT85A%2FSHV6merUVSjUmJ8PwoodCF0Qwq%2BcxCz3cbOKUGb"}],"group":"cf-nel","max_age":604800}
cf-ray
8f3721720cd4e508-TXL
accept-ranges
bytes
server-timing
cfL4;desc="?proto=TCP&rtt=22158&min_rtt=16279&rtt_var=10790&sent=46&recv=45&lost=0&retrans=0&sent_bytes=33638&recv_bytes=3944&delivery_rate=1233135&cwnd=256&unsent_bytes=0&cid=0f951c2c3e22f541&ts=692&x=0"
content-length
1220
date
Tue, 17 Dec 2024 13:06:28 GMT
content-type
image/gif
last-modified
Sat, 19 Aug 2017 22:58:38 GMT
vary
Accept-Encoding
server
cloudflare
shadow_black_5.png
valleysecrets.yooco.org/templates/core/images/rounded/
1008 B
1 KB
Image
General
Full URL
https://valleysecrets.yooco.org/templates/core/images/rounded/shadow_black_5.png
Requested by
Host: valleysecrets.yooco.org
URL: https://valleysecrets.yooco.org/templates/core/general-rounded-user-a-min.css?13040901&15030401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:968 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd7c72b4fa4f190d7ed664d78eccacaf5402b1b8a1308298a86c9598d08f61bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://valleysecrets.yooco.org/templates/core/general-rounded-user-a-min.css?13040901&15030401

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"5998c29e-3f0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qXWf5TmZ2cmM01rnl%2BUKk9kJz93KJmDUlfvi%2Fkk6rQhpGHjVRa2YKOoPqBxokdKplyGN2%2BuDP3ksIvn4%2FZ99Z3%2B%2F%2BfFIijSVeH40bICCPLrzDdLRJX%2BPOn0Fo1PQ81a2bP49G5BhUd18iznuiT3Ay9mcMGWZ"}],"group":"cf-nel","max_age":604800}
cf-ray
8f3721720cd6e508-TXL
accept-ranges
bytes
server-timing
cfL4;desc="?proto=TCP&rtt=22158&min_rtt=16279&rtt_var=10790&sent=52&recv=45&lost=0&retrans=0&sent_bytes=36951&recv_bytes=3944&delivery_rate=1233135&cwnd=256&unsent_bytes=0&cid=0f951c2c3e22f541&ts=694&x=0"
content-length
1008
date
Tue, 17 Dec 2024 13:06:28 GMT
content-type
image/png
last-modified
Sat, 19 Aug 2017 22:58:38 GMT
vary
Accept-Encoding
server
cloudflare
navi_separator.png
valleysecrets.yooco.org/templates/core/images/rounded/
933 B
1 KB
Image
General
Full URL
https://valleysecrets.yooco.org/templates/core/images/rounded/navi_separator.png
Requested by
Host: valleysecrets.yooco.org
URL: https://valleysecrets.yooco.org/templates/core/general-rounded-user-a-min.css?13040901&15030401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:968 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ba45a8b5b6e186f324579edcfd0c4f43edab220be24d412db9c88e5bfac4988

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://valleysecrets.yooco.org/templates/core/general-rounded-user-a-min.css?13040901&15030401

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"5998c29e-3a5"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kACnYI6%2B2nDDuYD7qip3RfVVJ%2FWmfgfhDJdW%2Bbdh6cCLi2NLtYjuuU22yGhT%2BSuSKlCEL%2FLpRdFN%2F6C0zY1F%2FIen%2FxTgjvqVVl%2Bwk4cDFZ2NRymYcTtEBqAIqKrms5vIno%2BKrgmSeiH82CbB6WLwbdAJSund"}],"group":"cf-nel","max_age":604800}
cf-ray
8f3721720cd7e508-TXL
accept-ranges
bytes
server-timing
cfL4;desc="?proto=TCP&rtt=22158&min_rtt=16279&rtt_var=10790&sent=49&recv=45&lost=0&retrans=0&sent_bytes=35415&recv_bytes=3944&delivery_rate=1233135&cwnd=256&unsent_bytes=0&cid=0f951c2c3e22f541&ts=693&x=0"
content-length
933
date
Tue, 17 Dec 2024 13:06:28 GMT
content-type
image/png
last-modified
Sat, 19 Aug 2017 22:58:38 GMT
vary
Accept-Encoding
server
cloudflare
shadow_white_25.png
valleysecrets.yooco.org/templates/core/images/rounded/
955 B
1 KB
Image
General
Full URL
https://valleysecrets.yooco.org/templates/core/images/rounded/shadow_white_25.png
Requested by
Host: valleysecrets.yooco.org
URL: https://valleysecrets.yooco.org/templates/core/general-rounded-user-a-min.css?13040901&15030401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:968 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d7b67e24737b24472de446dd162c77092284c8f67bce63bafbb4482513097d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://valleysecrets.yooco.org/templates/core/general-rounded-user-a-min.css?13040901&15030401

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"5998c29e-3bb"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q43MU86oZBCkpPR32T7fGBdHWJsORTdc%2F5LoWLfohYdc2DeSGaHjhHs7kLiWJR%2BC60Z7v8mi53LOZLNbguOOkRNkOgrjKr%2FcvmpnYmtFmpasOgl9PnrxNCyN1pl%2BDdNKCSq%2FiJtFkZe83I1xxNligqVZeyLY"}],"group":"cf-nel","max_age":604800}
cf-ray
8f3721720cd9e508-TXL
accept-ranges
bytes
server-timing
cfL4;desc="?proto=TCP&rtt=22158&min_rtt=16279&rtt_var=10790&sent=55&recv=45&lost=0&retrans=0&sent_bytes=38543&recv_bytes=3944&delivery_rate=1233135&cwnd=256&unsent_bytes=0&cid=0f951c2c3e22f541&ts=695&x=0"
content-length
955
date
Tue, 17 Dec 2024 13:06:28 GMT
content-type
image/png
last-modified
Sat, 19 Aug 2017 22:58:38 GMT
vary
Accept-Encoding
server
cloudflare
px_black_10.png
valleysecrets.yooco.org/templates/core/images/rounded/
921 B
1 KB
Image
General
Full URL
https://valleysecrets.yooco.org/templates/core/images/rounded/px_black_10.png
Requested by
Host: valleysecrets.yooco.org
URL: https://valleysecrets.yooco.org/templates/core/general-rounded-user-a-min.css?13040901&15030401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:968 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d097b110a9672ee689906c6a67647f05a536f20046c3c6daf6b228af908e5fd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://valleysecrets.yooco.org/templates/core/general-rounded-user-a-min.css?13040901&15030401

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"5998c29e-399"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bbHcodwL30QaKlMFwBDLxkffHa7j4O9naCW%2BOcepksuFlDC1FAgtQCmJFeVfPhBlQGfoCXiLspiph3P8rCF9TA4rEfPk0PEUFDsp6EjlFHrxULPyERzKqApn%2FE4zITartBcO1ixWJJFoh6LZDDjnnUc1aDxE"}],"group":"cf-nel","max_age":604800}
cf-ray
8f3721720cdbe508-TXL
accept-ranges
bytes
server-timing
cfL4;desc="?proto=TCP&rtt=22158&min_rtt=16279&rtt_var=10790&sent=61&recv=45&lost=0&retrans=0&sent_bytes=40655&recv_bytes=3944&delivery_rate=1233135&cwnd=256&unsent_bytes=0&cid=0f951c2c3e22f541&ts=700&x=0"
content-length
921
date
Tue, 17 Dec 2024 13:06:28 GMT
content-type
image/png
last-modified
Sat, 19 Aug 2017 22:58:38 GMT
vary
Accept-Encoding
server
cloudflare
px_black_15.png
valleysecrets.yooco.org/templates/core/images/rounded/
921 B
1 KB
Image
General
Full URL
https://valleysecrets.yooco.org/templates/core/images/rounded/px_black_15.png
Requested by
Host: valleysecrets.yooco.org
URL: https://valleysecrets.yooco.org/templates/core/general-rounded-user-a-min.css?13040901&15030401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:968 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc7a34a9fe37bb5ab96eb3883b4a9648b7d38bef7d7f20135745a66efaa2d0e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://valleysecrets.yooco.org/templates/core/general-rounded-user-a-min.css?13040901&15030401

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"5998c29e-399"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f90GGOnbavbd3JGgzSEGDpipRB5xM1uQQj61xNEQoVYy%2Be8GHf2RxqyfXb1M%2Fa4NbGhQMZoq4EzimMhrMnJlFhsvUboQc3v8GQOnmXpJSbdr4SOm64k8RNGz9t1w3eITpZ%2BRujQHoTr1%2BQWqLf6d1tUKyUHe"}],"group":"cf-nel","max_age":604800}
cf-ray
8f3721720cdde508-TXL
accept-ranges
bytes
server-timing
cfL4;desc="?proto=TCP&rtt=22158&min_rtt=16279&rtt_var=10790&sent=64&recv=45&lost=0&retrans=0&sent_bytes=42131&recv_bytes=3944&delivery_rate=1233135&cwnd=256&unsent_bytes=0&cid=0f951c2c3e22f541&ts=704&x=0"
content-length
921
date
Tue, 17 Dec 2024 13:06:28 GMT
content-type
image/png
last-modified
Sat, 19 Aug 2017 22:58:38 GMT
vary
Accept-Encoding
server
cloudflare
bg_input.gif
valleysecrets.yooco.org/templates/core/images/
96 B
564 B
Image
General
Full URL
https://valleysecrets.yooco.org/templates/core/images/bg_input.gif
Requested by
Host: valleysecrets.yooco.org
URL: https://valleysecrets.yooco.org/templates/core/general-rounded-user-a-min.css?13040901&15030401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:968 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2288efc3fab74e077a88dbc38733cf6f1fddb5cf54d86356c9a395d58f491f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://valleysecrets.yooco.org/templates/core/general-rounded-user-a-min.css?13040901&15030401

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"5998c29e-60"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NKPUZLpY%2BBkQC9sZErrBAPLxBf9Gmq6mb4K1uPXkfFpeuqlehVjN69fhSLinrqEfreTbXH%2BmFk%2F6ZzkgK2NrEoCaeP6VoMMFRsYgY2twewjjRXmkDabvBkGMAh7%2Fus9GqflT0%2BjksFvZ6GyDaRj6A6X4QXNv"}],"group":"cf-nel","max_age":604800}
cf-ray
8f3721720cdee508-TXL
accept-ranges
bytes
server-timing
cfL4;desc="?proto=TCP&rtt=22158&min_rtt=16279&rtt_var=10790&sent=58&recv=45&lost=0&retrans=0&sent_bytes=40025&recv_bytes=3944&delivery_rate=1233135&cwnd=256&unsent_bytes=0&cid=0f951c2c3e22f541&ts=695&x=0"
content-length
96
date
Tue, 17 Dec 2024 13:06:28 GMT
content-type
image/gif
last-modified
Sat, 19 Aug 2017 22:58:38 GMT
vary
Accept-Encoding
server
cloudflare
523091.js
valleysecrets.yooco.org/t/en/
0
535 B
Script
General
Full URL
https://valleysecrets.yooco.org/t/en/523091.js?442279365071549524
Requested by
Host: valleysecrets.yooco.org
URL: https://valleysecrets.yooco.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:968 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://valleysecrets.yooco.org/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5eF1odKygcmtwnpNoTLG0oKDBr2lqO5FdH8hqO%2FgHng3%2B65gHyIWYJ0We40XFqflb%2FiR73BPWRs%2B5Usu%2BHHTIw45D4CSDOx%2BkSxCd%2FfZ%2B7bCR4m7anZBuL9L4q5%2BpnwgHXurh%2BZdVqW2vgoztULDlFwtsDkA"}],"group":"cf-nel","max_age":604800}
cf-ray
8f3721721d31e508-TXL
accept-ranges
bytes
server-timing
cfL4;desc="?proto=TCP&rtt=17424&min_rtt=16229&rtt_var=1818&sent=67&recv=62&lost=0&retrans=0&sent_bytes=43568&recv_bytes=3944&delivery_rate=1233135&cwnd=256&unsent_bytes=0&cid=0f951c2c3e22f541&ts=721&x=0"
content-length
0
date
Tue, 17 Dec 2024 13:06:28 GMT
content-type
application/javascript
last-modified
Tue, 17 Dec 2024 13:06:28 GMT
vary
Accept-Encoding
server
cloudflare
us-160x600-1.gif
valleysecrets.yooco.org/ads/yooco/ Frame 79F5
59 KB
59 KB
Image
General
Full URL
https://valleysecrets.yooco.org/ads/yooco/us-160x600-1.gif
Requested by
Host: valleysecrets.yooco.org
URL: https://valleysecrets.yooco.org/banner.php?s=160x600&us=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:968 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d37f7c2400464cce4f6020d7a122d13b9701e402402eea9f5f2fb0d490d70952

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://valleysecrets.yooco.org/banner.php?s=160x600&us=1

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"5998c29d-ea5d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=16%2FhbyD7s9ev4UHWCoWh%2BeBGt3V1lbyZjU52o5WznLVCjvgjtpNDQCqWDF1AXwcPoUehnl9WhTD8UOY1NwEbBrQK6T%2BLsQpSHDyALBPz7DmZO3ulwXnij2ROOOkRLpgs04xyoor8RA2eSsXt%2Bf7WTQryq2m0"}],"group":"cf-nel","max_age":604800}
cf-ray
8f372172dfd9e508-TXL
accept-ranges
bytes
server-timing
cfL4;desc="?proto=TCP&rtt=20918&min_rtt=16229&rtt_var=6029&sent=73&recv=67&lost=0&retrans=0&sent_bytes=45397&recv_bytes=4143&delivery_rate=1233135&cwnd=256&unsent_bytes=0&cid=0f951c2c3e22f541&ts=862&x=0"
content-length
59997
date
Tue, 17 Dec 2024 13:06:29 GMT
content-type
image/gif
last-modified
Sat, 19 Aug 2017 22:58:37 GMT
vary
Accept-Encoding
server
cloudflare
ajs.php
cas.criteo.com/delivery/ Frame 79F5
1 B
56 B
Script
General
Full URL
https://cas.criteo.com/delivery/ajs.php?zoneid=148917&nodis=1&cb=41214565663&exclude=undefined&charset=UTF-8&loc=https%3A//valleysecrets.yooco.org/banner.php%3Fs%3D160x600%26us%3D1&referer=https%3A//valleysecrets.yooco.org/
Requested by
Host: valleysecrets.yooco.org
URL: https://valleysecrets.yooco.org/banner.php?s=160x600&us=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::a , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://valleysecrets.yooco.org/

Response headers

expires
-1
content-type
text/html
cache-control
private, max-age=0
favicon.ico
valleysecrets.yooco.org/
5 KB
2 KB
Other
General
Full URL
https://valleysecrets.yooco.org/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:968 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
546f9f9aeac56d09ce4e3f308144147821375bf715930fe0c8a06fa5bf78de6c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://valleysecrets.yooco.org/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NehChouAD%2FnPZZqcZu7Rp9p3tsTHDI%2FBXW0LtI%2By2N2JpvA%2BHhS7QKxgLTT8rbYxjfWRtSPQP9EXxJSm3gjGRT8rjkiij%2F3r1fEGFzVeoNLf7hf1EDdwmYApESrcXGtLMPyo0NlTm88ZJoNjRzDw7xvjL2%2BV"}],"group":"cf-nel","max_age":604800}
cf-ray
8f372173db68e508-TXL
server-timing
cfL4;desc="?proto=TCP&rtt=17032&min_rtt=16229&rtt_var=416&sent=124&recv=90&lost=0&retrans=0&sent_bytes=106358&recv_bytes=4214&delivery_rate=3740288&cwnd=256&unsent_bytes=0&cid=0f951c2c3e22f541&ts=993&x=0"
date
Tue, 17 Dec 2024 13:06:29 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| Prototype object| Abstract object| Try object| Class function| PeriodicalExecuter function| Template object| $break object| Enumerable function| $A function| $w function| $H function| Hash function| $R function| ObjectRange object| Ajax function| $ object| Form object| Field function| $F object| Toggle object| Insertion object| $continue object| Position function| $$ function| Selector object| Scriptaculous object| Effect object| Droppables object| Draggables function| Draggable function| SortableObserver object| Sortable object| Shadowbox function| sendPing function| initPing function| processPong function| setMyAccountActive function| setMyAccountInactive function| toggleMyAccount function| hideMyAccount function| popupWriteIM function| popupEditSidebarModule function| popupHelpVideo function| popupWindow function| textCounter function| htmlspecialchars function| showBox function| showImgBox function| showPrivChatRequest function| openPrivChat object| s

5 Cookies

Domain/Path Name / Value
valleysecrets.yooco.org/ Name: PHPSESSID
Value: 1be2e1d7d5cd5175725d20d4fec5789e
valleysecrets.yooco.org/ Name: uh
Value: 47057d6e039e8ff887b450612c31e0ff7a79e0f7
valleysecrets.yooco.org/ Name: lang_id
Value: 4
.valleysecrets.yooco.org/ Name: lachan
Value: %5B32%5D
valleysecrets.yooco.org/ Name: SRV
Value: srv4

6 Console Messages

Source Level URL
Text
javascript warning URL: https://ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/scriptaculous.js?load=effects,dragdrop(Line 30)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/effects.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/scriptaculous.js?load=effects,dragdrop(Line 30)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/effects.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/scriptaculous.js?load=effects,dragdrop(Line 30)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/dragdrop.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other verbose URL: https://valleysecrets.yooco.org/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq)
recommendation verbose URL: https://valleysecrets.yooco.org/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://valleysecrets.yooco.org/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cas.criteo.com
static.yooco.de
static2.yooco.de
valleysecrets.yooco.org
2606:4700:20::681a:696
2606:4700:20::681a:968
2a00:1450:4001:813::200a
2a02:2638:3::a
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
04fa9da95cdc010ae108e588b481e6a55060fd56e5c601aa5f98c8ad7f20e648
055be203cf7225e94dec4a5f72ba1f469a499ac78c24d9366705c1099de812d0
1b88542d1458cd86dacd3de3cb9635ded83c01edcae01be5f49451611985cff8
2ac742b842712a29e6ded5b3456eead374d0582d26d0bf8e37d828c29e919cb3
2fab710dd109bfc1728ae5392848af990b7f16f8632bab5951076fe967c3f4dd
546f9f9aeac56d09ce4e3f308144147821375bf715930fe0c8a06fa5bf78de6c
5887740dd1535d72264542d6ad91c08ee4701374089ab15ffc287c83a94bc7ae
5ba45a8b5b6e186f324579edcfd0c4f43edab220be24d412db9c88e5bfac4988
5cc7a34a9fe37bb5ab96eb3883b4a9648b7d38bef7d7f20135745a66efaa2d0e
6d097b110a9672ee689906c6a67647f05a536f20046c3c6daf6b228af908e5fd
7d7b67e24737b24472de446dd162c77092284c8f67bce63bafbb4482513097d5
a361f7a0236899778a357fa532dc307867137c6066d87b967f0314409c279018
b2288efc3fab74e077a88dbc38733cf6f1fddb5cf54d86356c9a395d58f491f3
b92f4eb6e7e071a728ae3fb103c1dfe56c0b0f1423171c94afd1709ea466fdab
cca7c17f941652953f84053181382b3554f1be907a581333f122d081465e1893
cd7c72b4fa4f190d7ed664d78eccacaf5402b1b8a1308298a86c9598d08f61bf
d37f7c2400464cce4f6020d7a122d13b9701e402402eea9f5f2fb0d490d70952
ddfb208964d8f0af4a52e38d6a146cb9c042eb1d869555514829cfa60cc070b0
dedea3aa22a087b3745c9635e7a3d65e772d57ce590b541a6a32069a0b1d60b9
e341c8683bc5b43117f3ed4e233b0cb8ab1d3bcefaedc6104d037a252a234f78
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e631ec193ce8c62caeefbd320d399de2a044dbffd7a6fbfc629776b27d7ea367