www.secret-opportunity.com Open in urlscan Pro
2600:9000:234b:bc00:7:edbe:8fc0:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://prosperitedigitale33347.activehosted.com/lt.php?x=3DZy~GDDV3Cf6836_dPOUhJx2KJVjNH2v-djZKXLI3bM6HKvzEy.0.Jv2n7zidL2k_Y1bHjJJnm
Effective URL:
https://www.secret-opportunity.com/fr-t2/contrat/etape1
Submission: On January 03 via api (January 3rd 2025, 7:07:39 am UTC) from US — Scanned from NZ

Summary HTTP 40 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 12 domains to perform 40 HTTP transactions. The main IP is 2600:9000:234b:bc00:7:edbe:8fc0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.secret-opportunity.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on June 13th 2024. Valid for: a year.

This is the only time www.secret-opportunity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6811:cd1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:234... 2600:9000:234b:bc00:7:edbe:8fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:25f... 2600:9000:25f2:3000:1c:d937:ae40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2404:6800:400... 2404:6800:4006:80f::2008	15169 (GOOGLE) (GOOGLE)
3	2600:9000:221... 2600:9000:2215:c000:2:5a9d:3800:21	16509 (AMAZON-02) (AMAZON-02)
5	44.193.127.81 44.193.127.81	14618 (AMAZON-AES) (AMAZON-AES)
3	142.250.66.232 142.250.66.232	15169 (GOOGLE) (GOOGLE)
4	2600:9000:277... 2600:9000:2774:4800:f:e793:dc40:21	16509 (AMAZON-02) (AMAZON-02)
3	142.251.221.68 142.251.221.68	15169 (GOOGLE) (GOOGLE)
2	142.250.66.194 142.250.66.194	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
3	157.240.8.23 157.240.8.23	32934 (FACEBOOK) (FACEBOOK)
2	142.250.204.3 142.250.204.3	15169 (GOOGLE) (GOOGLE)
1	18.67.110.104 18.67.110.104	16509 (AMAZON-02) (AMAZON-02)
4	157.240.8.35 157.240.8.35	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:277... 2600:9000:2774:3000:a:625d:b500:21	16509 (AMAZON-02) (AMAZON-02)
2	44.210.6.48 44.210.6.48	14618 (AMAZON-AES) (AMAZON-AES)
40	16

1 2606:4700::6811:cd1f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

prosperitedigitale33347.activehosted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:234b:bc00:7:edbe:8fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.secret-opportunity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25f2:3000:1c:d937:ae40:93a1 (United States)

ASN16509 (AMAZON-02, US)

d3fit27i5nzkqh.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4006:80f::2008 (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2215:c000:2:5a9d:3800:21 (United States)

ASN16509 (AMAZON-02, US)

d33vglzdi1uj1c.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 44.193.127.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-127-81.compute-1.amazonaws.com

208771.t.hyros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.66.232 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2774:4800:f:e793:dc40:21 (United States)

ASN16509 (AMAZON-02, US)

d3syewzhvzylbl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.221.68 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.66.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:80f::2002 (Sydney, Australia)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.204.3 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f3.1e100.net

www.google.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.110.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-110-104.syd62.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2774:3000:a:625d:b500:21 (United States)

ASN16509 (AMAZON-02, US)

d2543nuuc0wvdg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.210.6.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-6-48.compute-1.amazonaws.com

lg.hyr.so	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	cloudfront.net d3fit27i5nzkqh.cloudfront.net d33vglzdi1uj1c.cloudfront.net d3syewzhvzylbl.cloudfront.net d2543nuuc0wvdg.cloudfront.net	750 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	434 KB
5	hyros.com 208771.t.hyros.com	87 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	425 B
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 td.doubleclick.net — Cisco Umbrella Rank: 182	4 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	78 KB
3	google.com www.google.com — Cisco Umbrella Rank: 3	128 B
2	hyr.so lg.hyr.so — Cisco Umbrella Rank: 38716	384 B
2	google.co.nz www.google.co.nz — Cisco Umbrella Rank: 41106	128 B
1	stripe.com js.stripe.com — Cisco Umbrella Rank: 1073	167 KB
1	secret-opportunity.com www.secret-opportunity.com	14 KB
1	activehosted.com 1 redirects prosperitedigitale33347.activehosted.com	810 B
40	12

	Domain	Requested by
6	www.googletagmanager.com	www.secret-opportunity.com www.googletagmanager.com
5	208771.t.hyros.com	www.secret-opportunity.com 208771.t.hyros.com
4	www.facebook.com	www.secret-opportunity.com
4	d3syewzhvzylbl.cloudfront.net	www.secret-opportunity.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	www.google.com	www.googletagmanager.com www.secret-opportunity.com
3	d33vglzdi1uj1c.cloudfront.net	www.secret-opportunity.com
2	lg.hyr.so	208771.t.hyros.com
2	www.google.co.nz	www.secret-opportunity.com
2	td.doubleclick.net	www.googletagmanager.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
1	d2543nuuc0wvdg.cloudfront.net
1	js.stripe.com	d33vglzdi1uj1c.cloudfront.net
1	d3fit27i5nzkqh.cloudfront.net	www.secret-opportunity.com
1	www.secret-opportunity.com
1	prosperitedigitale33347.activehosted.com	1 redirects
40	16

This site contains links to these domains. Also see Links.

Domain
www.liberte-intemporelle.fr

Subject Issuer	Validity	Valid
secret-opportunity.com Amazon RSA 2048 M03	`2024-06-13` - `2025-07-12`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
t.hyros.com Amazon RSA 2048 M03	`2024-12-23` - `2026-01-21`	a year	crt.sh
*.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-10-12` - `2025-01-10`	3 months	crt.sh
*.google.co.nz WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-12-16` - `2025-04-03`	4 months	crt.sh
hyr.so Amazon RSA 2048 M02	`2024-12-12` - `2026-01-09`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.secret-opportunity.com/fr-t2/contrat/etape1
Frame ID: 377069D5EC219FDF456B322D704B2C73
Requests: 34 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/11012937004?random=1735888053780&cv=11&fst=1735888053780&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v895962660za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secret-opportunity.com%2Ffr-t2%2Fcontrat%2Fetape1&hn=www.googleadservices.com&frm=0&tiba=URGENT&npa=0&pscdl=noapi&auid=1766711170.1735888054&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 8DAD3EAE32331623A941FF9373AF12CD
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwww.secret-opportunity.com
Frame ID: 5CFAC41EF3839D28F193E5B9E3761967
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/11492632714?random=1735888053925&cv=11&fst=1735888053925&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb895962660&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secret-opportunity.com%2Ffr-t2%2Fcontrat%2Fetape1&hn=www.googleadservices.com&frm=0&tiba=URGENT&npa=0&pscdl=noapi&auid=1766711170.1735888054&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: B0C05F9CFC70CEAF3E6624BC13955192
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

URGENT

Page URL History Show full URLs

https://prosperitedigitale33347.activehosted.com/lt.php?x=3DZy~GDDV3Cf6836_dPOUhJx2KJVjNH2v-djZKXLI3bM6HKvzEy.0.Jv2n7zidL2k_Y... HTTP 302
https://www.secret-opportunity.com/fr-t2/contrat/etape1 Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

40
Requests

100 %
HTTPS

47 %
IPv6

12
Domains

16
Subdomains

16
IPs

2
Countries

1535 kB
Transfer

4973 kB
Size

8
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.liberte-intemporelle.fr/pdc01-e3881c5a
Title: Politique de confidentialité

Search URL Search Domain Scan URL

URL: https://www.liberte-intemporelle.fr/cgv-1-2ad172db
Title: Conditions générales de vente et d'utilisation

Search URL Search Domain Scan URL

URL: https://www.liberte-intemporelle.fr/avertissements-1-7cea8f58
Title: Avertissement

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://prosperitedigitale33347.activehosted.com/lt.php?x=3DZy~GDDV3Cf6836_dPOUhJx2KJVjNH2v-djZKXLI3bM6HKvzEy.0.Jv2n7zidL2k_Y1bHjJJnm HTTP 302
https://www.secret-opportunity.com/fr-t2/contrat/etape1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request etape1 Show response
www.secret-opportunity.com/fr-t2/contrat/
Redirect Chain

https://prosperitedigitale33347.activehosted.com/lt.php?x=3DZy~GDDV3Cf6836_dPOUhJx2KJVjNH2v-djZKXLI3bM6HKvzEy.0.Jv2n7zidL2k_Y1bHjJJnm
https://www.secret-opportunity.com/fr-t2/contrat/etape1

64 KB
14 KB

1481ms
540ms

Document
text/html

2600:9000:234b:bc00:7:edbe:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secret-opportunity.com/fr-t2/contrat/etape1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:234b:bc00:7:edbe:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

9b9d3c91cec5e3c20dec23079adc7f69d1fa36786ae57a62fcdb3b5356e9066c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 03 Jan 2025 07:07:32 GMT
server: nginx/1.24.0
vary: Accept-Encoding
via: 1.1 442d080ad536f368b087d8fa4ff33ee6.cloudfront.net (CloudFront)
x-amz-cf-id: 5ANWjdc_Q4dyNv-tFJW078Fj2WSmBxSA87Q1udtDqVrtuR726tppVw==
x-amz-cf-pop: SFO5-P2
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8fc126fd5ca8d9a3-AKL
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 03 Jan 2025 07:07:31 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://www.secret-opportunity.com/fr-t2/contrat/etape1
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
x-request-id: c3d88e3693d3c1b00da839aec1f562fc
x-robots-tag: noindex

GET
H2 200 all.min.css
d3fit27i5nzkqh.cloudfront.net/assets/css/ 486 KB
87 KB 629ms
226ms Stylesheet
text/css 2600:9000:25f2:3000:1c:d937:ae40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3fit27i5nzkqh.cloudfront.net/assets/css/all.min.css
Requested by: Host: www.secret-opportunity.com
URL: https://www.secret-opportunity.com/fr-t2/contrat/etape1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25f2:3000:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secret-opportunity.com/

Response headers

cache-control: max-age=31536000,public
content-encoding: br
etag: W/"325672b036bab9b57f6873aed5eccc43"
age: 4498368
via: 1.1 6b195068aea9dae53cab6ca0716fb2f6.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 0JLOgvyHiWFCj03EhxzX2AMRWjyNJFl_NU2PbJ5p187A71pOPHtv1g==
date: Tue, 12 Nov 2024 05:34:46 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 12:25:57 GMT
server: AmazonS3
x-amz-cf-pop: SFO53-P6
vary: accept-encoding, Origin

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 256 KB
92 KB 433ms
199ms Script
application/javascript 2404:6800:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11012937004

Requested by

Host: www.secret-opportunity.com
URL: https://www.secret-opportunity.com/fr-t2/contrat/etape1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80f::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32422dd0c48035653e99b7a340cb75fbd4a533f2d32d9e0f21c5c9b52fb61e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secret-opportunity.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 03 Jan 2025 07:07:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 03 Jan 2025 07:07:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 03 Jan 2025 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 93755
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 283 KB
98 KB 182ms
181ms Script
application/javascript 2404:6800:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11492632714

Requested by

Host: www.secret-opportunity.com
URL: https://www.secret-opportunity.com/fr-t2/contrat/etape1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80f::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1787069d78312718f37fd7cd3cc5c8a25199c8fbe861e442927db69a07b42b32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secret-opportunity.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 03 Jan 2025 07:07:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 03 Jan 2025 07:07:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 03 Jan 2025 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 100025
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 runtime.5b9b08486eb6a6315d39.js Show response
d33vglzdi1uj1c.cloudfront.net/ 3 KB
2 KB 222ms
70ms Script
application/x-javascript 2600:9000:2215:c000:2:5a9d:3800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d33vglzdi1uj1c.cloudfront.net/runtime.5b9b08486eb6a6315d39.js
Requested by: Host: www.secret-opportunity.com
URL: https://www.secret-opportunity.com/fr-t2/contrat/etape1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2215:c000:2:5a9d:3800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5f890d304a41e247309b08aa70cdad3145706151b56059098ca8887094693a0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secret-opportunity.com/

Response headers

content-encoding: gzip
x-amz-meta-codebuild-content-md5: 080edf141fa5f8eff2c9ca2ede6cf1f0
etag: W/"12d74e7c990c2e277e66b4ae3cf11534"
age: 78690
x-cache: Hit from cloudfront
x-amz-cf-id: ZFhmJPpfDfANKtM-XEYmV9hcfvnUs6gCR3YGVxAfZNCGvy_BRrALeg==
date: Thu, 02 Jan 2025 09:16:04 GMT
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:308636154300:build/ProdPageEditorBuildPublisher:9003e980-fbfa-4858-be31-d33c8cbe0c6d
vary: accept-encoding, Origin
content-type: application/x-javascript
last-modified: Fri, 27 Dec 2024 10:53:41 GMT
via: 1.1 72d783f19e38dd5db23a648a65feb4f2.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P2
server: AmazonS3
x-amz-meta-codebuild-content-sha256: 95370a6d152224505b2b2fd110920f651ed22a19015291a6568c814bea790caa
x-amz-server-side-encryption: AES256

GET
H2 200 page.6cbedd61ba4cfaf6f8fd.js Show response
d33vglzdi1uj1c.cloudfront.net/ 1 MB
202 KB 218ms
82ms Script
application/x-javascript 2600:9000:2215:c000:2:5a9d:3800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d33vglzdi1uj1c.cloudfront.net/page.6cbedd61ba4cfaf6f8fd.js
Requested by: Host: www.secret-opportunity.com
URL: https://www.secret-opportunity.com/fr-t2/contrat/etape1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2215:c000:2:5a9d:3800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29b95f6c587699e55285f1570f36eb3403d06dd1ee71efce6dddd16d70ae729f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secret-opportunity.com/

Response headers

content-encoding: gzip
x-amz-meta-codebuild-content-md5: a98d4810b11a89409259c9aebf14bda7
etag: W/"908a56d2ae8664ca09655d21ef038c5d"
age: 76796
x-cache: Hit from cloudfront
x-amz-cf-id: pxtzvFSJdz12OeJk-WbMo3ofdwZgSUvkfhmkOtak1mtonpCkcAM3ew==
date: Thu, 02 Jan 2025 09:47:38 GMT
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:308636154300:build/ProdPageEditorBuildPublisher:b4bc5bb2-5c18-42df-a6cf-2229eb879cf3
vary: accept-encoding, Origin
content-type: application/x-javascript
last-modified: Fri, 27 Dec 2024 08:48:45 GMT
via: 1.1 72d783f19e38dd5db23a648a65feb4f2.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P2
server: AmazonS3
x-amz-meta-codebuild-content-sha256: 5e71d9c39203ca5611dc44dab207ba9e092667b7c549b2719670b94f21d61327
x-amz-server-side-encryption: AES256

GET
H2 200 vendors~page.1a6e6e90d905f027a993.js Show response
d33vglzdi1uj1c.cloudfront.net/ 808 KB
243 KB 418ms
282ms Script
application/x-javascript 2600:9000:2215:c000:2:5a9d:3800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d33vglzdi1uj1c.cloudfront.net/vendors~page.1a6e6e90d905f027a993.js
Requested by: Host: www.secret-opportunity.com
URL: https://www.secret-opportunity.com/fr-t2/contrat/etape1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2215:c000:2:5a9d:3800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 55b69dbd40c5e9ae07487a0258cdaedb329286d46bda837e8b5ec7b11c11b5f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secret-opportunity.com/

Response headers

content-encoding: gzip
x-amz-meta-codebuild-content-md5: 080edf141fa5f8eff2c9ca2ede6cf1f0
etag: W/"dd136cd7aa920e8f9735bdd278033264"
age: 40924
x-cache: Hit from cloudfront
x-amz-cf-id: 1dTj6Ey1i_iGIEj9xG0GBTGHnKBpNbYrG9z_lc8PRgJ1_JMEa5Clhw==
date: Thu, 02 Jan 2025 19:45:29 GMT
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:308636154300:build/ProdPageEditorBuildPublisher:9003e980-fbfa-4858-be31-d33c8cbe0c6d
vary: accept-encoding, Origin
content-type: application/x-javascript
last-modified: Fri, 27 Dec 2024 10:53:42 GMT
via: 1.1 72d783f19e38dd5db23a648a65feb4f2.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P2
server: AmazonS3
x-amz-meta-codebuild-content-sha256: 95370a6d152224505b2b2fd110920f651ed22a19015291a6568c814bea790caa
x-amz-server-side-encryption: AES256

GET
H2 200 universal-script Show response
208771.t.hyros.com/v1/lst/ 86 KB
87 KB 788ms
269ms Script
text/javascript 44.193.127.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://208771.t.hyros.com/v1/lst/universal-script?ph=4062d3b10619bc0b3bb641a9fa49edec475c5ddf2b9f66e1e579163c7b63b25e&tag=!clicked&ref_url=https://www.secret-opportunity.com/fr-t2/contrat/etape1

Requested by

Host: www.secret-opportunity.com
URL: https://www.secret-opportunity.com/fr-t2/contrat/etape1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.127.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-127-81.compute-1.amazonaws.com

Software

Resource Hash

258ead614d5eda85ad55c4045a485f3af00fde92b8ebc9176863683054503868

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secret-opportunity.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
access-control-expose-headers: Session-ID, L-Gen-ID
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
content-length: 88206
date: Fri, 03 Jan 2025 07:07:34 GMT
content-type: text/javascript;charset=ISO-8859-1

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 206 KB
73 KB 184ms
183ms Script
application/javascript 142.250.66.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KBF3T9Z

Requested by

Host: www.secret-opportunity.com
URL: https://www.secret-opportunity.com/fr-t2/contrat/etape1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

15b8a8afe59c8ad1bed75055ee5040674872e1b9b7b7cd0c1a6f3cef38e55289

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secret-opportunity.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 03 Jan 2025 07:07:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 03 Jan 2025 07:07:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 03 Jan 2025 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 74590
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 206 KB
73 KB 191ms
191ms Script
application/javascript 142.250.66.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MPH7RPBB

Requested by

Host: www.secret-opportunity.com
URL: https://www.secret-opportunity.com/fr-t2/contrat/etape1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8493f5a950c5eb6615f29a10225aadc2e6c1d177fd512f3359e57eadfb6b4764

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secret-opportunity.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 03 Jan 2025 07:07:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 03 Jan 2025 07:07:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 03 Jan 2025 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 74599
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 regular.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/lato/ 27 KB
27 KB 289ms
139ms Font
font/woff2 2600:9000:2774:4800:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/lato/regular.woff2
Requested by: Host: www.secret-opportunity.com
URL: https://www.secret-opportunity.com/fr-t2/contrat/etape1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2774:4800:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1d54c74d19f494918ce108f22448fdde7fa80859353844f2567edb9915f8e29

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.secret-opportunity.com
Referer: https://www.secret-opportunity.com/

Response headers

access-control-max-age: 31536000
etag: "bff0b0a5b744de3f7e529207a402e3a7"
age: 10737
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: T4Q_T9fo7CSV7aeXy7njasAXBYfEqaPSqvumyCP_a8mm9Gu2EHgb_A==
date: Fri, 03 Jan 2025 04:10:01 GMT
content-type: font/woff2
vary: accept-encoding
last-modified: Fri, 14 Apr 2023 06:24:09 GMT
via: 1.1 1a3ae026221703eb33062b70eac5e094.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27260
x-amz-cf-pop: SYD62-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 700italic.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/lato/ 28 KB
28 KB 221ms
72ms Font
font/woff2 2600:9000:2774:4800:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/lato/700italic.woff2
Requested by: Host: www.secret-opportunity.com
URL: https://www.secret-opportunity.com/fr-t2/contrat/etape1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2774:4800:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec4c9dae262a22184820394a4a02aab81c1b4f398bb4f047e8fe910c7be43e58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.secret-opportunity.com
Referer: https://www.secret-opportunity.com/

Response headers

access-control-max-age: 31536000
etag: "28c6db7fae3158bc192d4e5036e1713f"
age: 14051
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: 5MmXcNAd7YX2K4HAV6KeDudGh34rfBlc39zZsAxcyviwVR__DfgzEQ==
date: Fri, 03 Jan 2025 03:13:22 GMT
content-type: font/woff2
vary: accept-encoding
last-modified: Fri, 14 Apr 2023 06:24:08 GMT
via: 1.1 1a3ae026221703eb33062b70eac5e094.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 28360
x-amz-cf-pop: SYD62-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 700.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/lato/ 26 KB
26 KB 221ms
72ms Font
font/woff2 2600:9000:2774:4800:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/lato/700.woff2
Requested by: Host: www.secret-opportunity.com
URL: https://www.secret-opportunity.com/fr-t2/contrat/etape1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2774:4800:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60eecd68a7969e3c408c459cfe5190a95d800fcc52508630b44f7e9b6899c4a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.secret-opportunity.com
Referer: https://www.secret-opportunity.com/

Response headers

access-control-max-age: 31536000
etag: "26929ed1cf1c4a2da9d6857efc027bfb"
age: 20510
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: aUNrP2zGV6P6kKp_KfMx46l2YZXfuNpJk67JWXTP962bNVOUAuLP6Q==
date: Fri, 03 Jan 2025 01:25:44 GMT
content-type: font/woff2
vary: accept-encoding
last-modified: Fri, 14 Apr 2023 06:24:08 GMT
via: 1.1 1a3ae026221703eb33062b70eac5e094.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26544
x-amz-cf-pop: SYD62-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 italic.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/lato/ 28 KB
28 KB 291ms
143ms Font
font/woff2 2600:9000:2774:4800:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/lato/italic.woff2
Requested by: Host: www.secret-opportunity.com
URL: https://www.secret-opportunity.com/fr-t2/contrat/etape1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2774:4800:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b8e85a03c7739b372cd8d60841dfb8a9c94694e97fc79e09273d56d212e238c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.secret-opportunity.com
Referer: https://www.secret-opportunity.com/

Response headers

access-control-max-age: 31536000
etag: "f0048c6423092eb08c211e7b0a2e1e3e"
age: 37158
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: 7aVgKatNW3SRKXQtqLjt5aCJxGo99385m7YDgE5p4NmUsM-naGHWpw==
date: Thu, 02 Jan 2025 20:49:09 GMT
content-type: font/woff2
vary: accept-encoding
last-modified: Fri, 14 Apr 2023 06:24:08 GMT
via: 1.1 1a3ae026221703eb33062b70eac5e094.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 28232
x-amz-cf-pop: SYD62-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H3 200 collect
www.google.com/ccm/ 0
0 333ms
167ms Ping
text/plain 142.251.221.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.secret-opportunity.com%2Ffr-t2%2Fcontrat%2Fetape1&scrsrc=www.googletagmanager.com&frm=0&rnd=637617281.1735888054&dt=URGENT&auid=1766711170.1735888054&navt=n&npa=0&gtm=45be4cc1v895962660za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1735888053786&tfd=3107&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11012937004
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.221.68 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s31-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secret-opportunity.com/

Response headers

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11012937004/ 5 KB
2 KB 350ms
185ms Script
text/javascript 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11012937004/?random=1735888053780&cv=11&fst=1735888053780&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v895962660za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secret-opportunity.com%2Ffr-t2%2Fcontrat%2Fetape1&hn=www.googleadservices.com&frm=0&tiba=URGENT&npa=0&pscdl=noapi&auid=1766711170.1735888054&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11012937004

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e5f43481f4a5e9b4e61456372b93b8219bc999f24082d7a0e73a6d7832cec5b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secret-opportunity.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2265
date: Fri, 03 Jan 2025 07:07:34 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 11012937004
td.doubleclick.net/td/rul/ Frame 8DAD 0
0 409ms
177ms Document
text/html 2404:6800:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/11012937004?random=1735888053780&cv=11&fst=1735888053780&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v895962660za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secret-opportunity.com%2Ffr-t2%2Fcontrat%2Fetape1&hn=www.googleadservices.com&frm=0&tiba=URGENT&npa=0&pscdl=noapi&auid=1766711170.1735888054&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11012937004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80f::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.secret-opportunity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jan 2025 07:07:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 283 KB
98 KB 238ms
238ms Script
application/javascript 142.250.66.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11492632714&l=dataLayer&cx=c&gtm=45be4cc1v895962660za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11012937004

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2d706ae3bbe75bd80bac7475f7e979ecb5e198d6f0e802a34f00c06a8d9520bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secret-opportunity.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 03 Jan 2025 07:07:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 03 Jan 2025 07:07:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 03 Jan 2025 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 100129
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 5CFA 0
0 299ms
70ms Document
text/html 2404:6800:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwww.secret-opportunity.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11012937004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80f::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 453609
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Dec 2024 01:07:25 GMT
expires: Mon, 29 Dec 2025 01:07:25 GMT
last-modified: Thu, 12 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11492632714/ 5 KB
2 KB 203ms
181ms Script
text/javascript 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11492632714/?random=1735888053925&cv=11&fst=1735888053925&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb895962660&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secret-opportunity.com%2Ffr-t2%2Fcontrat%2Fetape1&hn=www.googleadservices.com&frm=0&tiba=URGENT&npa=0&pscdl=noapi&auid=1766711170.1735888054&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11492632714

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

33447c5487d9aa12e869026a10ca3b8ab7d74c8cc5d9ed0abb5276d49fd173b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secret-opportunity.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2270
date: Fri, 03 Jan 2025 07:07:34 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 11492632714
td.doubleclick.net/td/rul/ Frame B0C0 0
0 268ms
178ms Document
text/html 2404:6800:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/11492632714?random=1735888053925&cv=11&fst=1735888053925&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb895962660&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secret-opportunity.com%2Ffr-t2%2Fcontrat%2Fetape1&hn=www.googleadservices.com&frm=0&tiba=URGENT&npa=0&pscdl=noapi&auid=1766711170.1735888054&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11492632714

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80f::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.secret-opportunity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jan 2025 07:07:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 149ms
71ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBF3T9Z

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

4b851bd9af5635c2682387427eb718d453b8e7aeefdbb01c8521ab32a49004b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-XCKtYzA7' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secret-opportunity.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 03 Jan 2025 07:07:34 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-XCKtYzA7' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=68, rtx=0, c=23, mss=1232, tbw=4522, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 6eZ/KiBi7RW3zDRjfY3O0okPyREd5ZkUfcZy/99FbXYFXPlK4JU77IAOxE6PLU9RAh1dLANbF2rUVZ/sG3fJSw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62279
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.google.com/pagead/1p-user-list/11012937004/ 42 B
64 B 172ms
171ms Image
image/gif 142.251.221.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11012937004/?random=1735888053780&cv=11&fst=1735887600000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v895962660za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secret-opportunity.com%2Ffr-t2%2Fcontrat%2Fetape1&hn=www.googleadservices.com&frm=0&tiba=URGENT&npa=0&pscdl=noapi&auid=1766711170.1735888054&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7d2vaE71fSav5NrgMPC1NK00jNxiPh6w&random=1749580472&rmt_tld=0&ipr=y

Requested by

Host: www.secret-opportunity.com
URL: https://www.secret-opportunity.com/fr-t2/contrat/etape1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.68 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secret-opportunity.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 03 Jan 2025 07:07:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.nz/pagead/1p-user-list/11012937004/ 42 B
64 B 337ms
171ms Image
image/gif 142.250.204.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.nz/pagead/1p-user-list/11012937004/?random=1735888053780&cv=11&fst=1735887600000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v895962660za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secret-opportunity.com%2Ffr-t2%2Fcontrat%2Fetape1&hn=www.googleadservices.com&frm=0&tiba=URGENT&npa=0&pscdl=noapi&auid=1766711170.1735888054&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7d2vaE71fSav5NrgMPC1NK00jNxiPh6w&random=1749580472&rmt_tld=1&ipr=y

Requested by

Host: www.secret-opportunity.com
URL: https://www.secret-opportunity.com/fr-t2/contrat/etape1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secret-opportunity.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 03 Jan 2025 07:07:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/11492632714/ 42 B
64 B 172ms
171ms Image
image/gif 142.251.221.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11492632714/?random=1735888053925&cv=11&fst=1735887600000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb895962660&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secret-opportunity.com%2Ffr-t2%2Fcontrat%2Fetape1&hn=www.googleadservices.com&frm=0&tiba=URGENT&npa=0&pscdl=noapi&auid=1766711170.1735888054&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dEYZFdfgwrRg6tBAYoAMXivFT1Rudfg&random=3444099761&rmt_tld=0&ipr=y

Requested by

Host: www.secret-opportunity.com
URL: https://www.secret-opportunity.com/fr-t2/contrat/etape1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.68 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secret-opportunity.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 03 Jan 2025 07:07:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.nz/pagead/1p-user-list/11492632714/ 42 B
64 B 335ms
170ms Image
image/gif 142.250.204.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.nz/pagead/1p-user-list/11492632714/?random=1735888053925&cv=11&fst=1735887600000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200zb895962660&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secret-opportunity.com%2Ffr-t2%2Fcontrat%2Fetape1&hn=www.googleadservices.com&frm=0&tiba=URGENT&npa=0&pscdl=noapi&auid=1766711170.1735888054&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dEYZFdfgwrRg6tBAYoAMXivFT1Rudfg&random=3444099761&rmt_tld=1&ipr=y

Requested by

Host: www.secret-opportunity.com
URL: https://www.secret-opportunity.com/fr-t2/contrat/etape1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secret-opportunity.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 03 Jan 2025 07:07:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 v3 Show response
js.stripe.com/ 694 KB
167 KB 244ms
80ms Script
text/javascript 18.67.110.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: d33vglzdi1uj1c.cloudfront.net
URL: https://d33vglzdi1uj1c.cloudfront.net/vendors~page.1a6e6e90d905f027a993.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.110.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-110-104.syd62.r.cloudfront.net

Software

Cloudfront /

Resource Hash

49eb91ccb014544e86ffd670d8f1f1c2048d59e663c41655ad02651b0a1e302f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secret-opportunity.com/

Response headers

content-encoding: br
etag: W/"057d0c0fbd2c6945e582717c1b7e7e73"
age: 10
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: gLt7j9BGLw4sLLenYWKbLDmfNeBri3bD4oszdFma38erIS_8z8y2-Q==
date: Fri, 03 Jan 2025 07:07:25 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 23 Dec 2024 22:36:49 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=60
timing-allow-origin: *
via: 1.1 df166554184adf2da43f53000107ac74.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SYD62-P2
server: Cloudfront

GET
H3 200 990841722140272 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 346ms
346ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/990841722140272?v=2.9.179&r=stable&domain=www.secret-opportunity.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

502a27b300435518face98fdf2c6d62253d2d0a9839d2aa5afbfc0043add71f4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-Aa969gG2' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secret-opportunity.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 03 Jan 2025 07:07:34 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-Aa969gG2' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=68, rtx=0, c=77, mss=1232, tbw=70506, tp=65, tpl=0, uplat=275, ullat=0
pragma: public
x-fb-debug: 9lixashns3cjEvanlFF5r8W7Psg00L3NSm3KSg0kI8uB8jRJKLPxJ8NT/ZLkXQPqGvMfyXzSATqdYjUI7oTubw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 957279179049028 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 353ms
352ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/957279179049028?v=2.9.179&r=stable&domain=www.secret-opportunity.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

1e38737cdbb393e299694fcbdd7458dcc04f31b7a91c12e5840672bc49ed9249

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-NCfS3RFa' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secret-opportunity.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 03 Jan 2025 07:07:35 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-NCfS3RFa' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=68, rtx=0, c=89, mss=1232, tbw=85802, tp=81, tpl=0, uplat=281, ullat=0
pragma: public
x-fb-debug: kJaiuT4DRgsEFSMQ38d4LZBw3zgdOzr3fZLzrJtghglyvjdIct4uVPMcZ4UIuy2kTBH5DraMlDk+iBQn4CAY4Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 149ms
71ms Image
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=990841722140272&ev=PageView&dl=https%3A%2F%2Fwww.secret-opportunity.com%2Ffr-t2%2Fcontrat%2Fetape1&rl=&if=false&ts=1735888054857&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1735888054857.440735397573685316&ler=empty&cdl=API_unavailable&it=1735888054447&coo=false&tm=1&rqm=GET

Requested by

Host: www.secret-opportunity.com
URL: https://www.secret-opportunity.com/fr-t2/contrat/etape1

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secret-opportunity.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=68, rtx=0, c=23, mss=1232, tbw=4537, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 03 Jan 2025 07:07:34 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
202 B 413ms
335ms Image
image/png 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=990841722140272&ev=PageView&dl=https%3A%2F%2Fwww.secret-opportunity.com%2Ffr-t2%2Fcontrat%2Fetape1&rl=&if=false&ts=1735888054857&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1735888054857.440735397573685316&ler=empty&cdl=API_unavailable&it=1735888054447&coo=false&tm=1&rqm=FGET

Requested by

Host: www.secret-opportunity.com
URL: https://www.secret-opportunity.com/fr-t2/contrat/etape1

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secret-opportunity.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7455582425826241427"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 03 Jan 2025 07:07:35 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 0VuLUp77qIe7XCNQc6sp7bwRqZGB6aIvZDVICKU3dSa3qMBy2D+VLSJUVwhXIE2Nu04gqRDwQebevHLckfsxMg==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7455582425826241427", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=68, rtx=0, c=23, mss=1232, tbw=4905, tp=13, tpl=0, uplat=264, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 gusid Show response
208771.t.hyros.com/v1/lst/ 0
536 B 261ms
260ms XHR
text/plain 44.193.127.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://208771.t.hyros.com/v1/lst/gusid

Requested by

Host: 208771.t.hyros.com
URL: https://208771.t.hyros.com/v1/lst/universal-script?ph=4062d3b10619bc0b3bb641a9fa49edec475c5ddf2b9f66e1e579163c7b63b25e&tag=!clicked&ref_url=https://www.secret-opportunity.com/fr-t2/contrat/etape1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.127.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-127-81.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Ref-Url: https://www.secret-opportunity.com/fr-t2/contrat/etape1
Referer: https://www.secret-opportunity.com/
Product-ID: 208771
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
fp: 5a442b9447fed32df39b4852b5daaae4

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
access-control-expose-headers: Session-ID, L-Gen-ID
etag: HB-ET_6002e87da1b25f9d05505605e60dc0a1c98c2754fb66794e08b052f200acdafb
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://www.secret-opportunity.com
content-length: 0
date: Fri, 03 Jan 2025 07:07:35 GMT
session-id: HB-ET_6002e87da1b25f9d05505605e60dc0a1c98c2754fb66794e08b052f200acdafb

OPTIONS
H2 200 gusid
208771.t.hyros.com/v1/lst/ Frame 0
0 762ms
254ms Preflight 44.193.127.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://208771.t.hyros.com/v1/lst/gusid

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.127.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-127-81.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: fp,product-id,ref-url
Access-Control-Request-Method: GET
Origin: https://www.secret-opportunity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: fp,product-id,ref-url
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://www.secret-opportunity.com
access-control-expose-headers: Session-ID, L-Gen-ID
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE, PATCH
content-length: 0
date: Fri, 03 Jan 2025 07:07:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 71ms
71ms Image
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=957279179049028&ev=PageView&dl=https%3A%2F%2Fwww.secret-opportunity.com%2Ffr-t2%2Fcontrat%2Fetape1&rl=&if=false&ts=1735888055217&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1735888054857.440735397573685316&ler=empty&cdl=API_unavailable&it=1735888054447&coo=false&tm=1&rqm=GET

Requested by

Host: www.secret-opportunity.com
URL: https://www.secret-opportunity.com/fr-t2/contrat/etape1

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secret-opportunity.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=68, rtx=0, c=23, mss=1232, tbw=8329, tp=19, tpl=0, uplat=0, ullat=1
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 03 Jan 2025 07:07:35 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
191 B 299ms
298ms Image
image/png 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=957279179049028&ev=PageView&dl=https%3A%2F%2Fwww.secret-opportunity.com%2Ffr-t2%2Fcontrat%2Fetape1&rl=&if=false&ts=1735888055217&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1735888054857.440735397573685316&ler=empty&cdl=API_unavailable&it=1735888054447&coo=false&tm=1&rqm=FGET

Requested by

Host: www.secret-opportunity.com
URL: https://www.secret-opportunity.com/fr-t2/contrat/etape1

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secret-opportunity.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7455582427739349154"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 03 Jan 2025 07:07:35 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: BrI9jaLMm2vqfbUIv7vs03KgocpTE4/8owsDgP7SnbmfKrd4Vty13VXg6dE5rByCNZhsOYENcuqsVIehyzM/6g==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7455582427739349154", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=68, rtx=0, c=26, mss=1232, tbw=8537, tp=22, tpl=0, uplat=228, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 favicon.ico
d2543nuuc0wvdg.cloudfront.net/ 105 KB
106 KB 237ms
81ms Other
image/x-icon 2600:9000:2774:3000:a:625d:b500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2543nuuc0wvdg.cloudfront.net/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2774:3000:a:625d:b500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a3f31746c28415015a70910ee9cfbe1c02badc387864d917d12da0027f18c11

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.secret-opportunity.com/

Response headers

etag: "f55949ec10d9a837c0602a861265edff"
age: 19690
via: 1.1 ece2a231e09716eb97b51099bf5928fe.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 107684
x-amz-cf-id: CoPXKjmsV5KU6X9Wgau5EnaykpgqJ6W7v2r7Uw75tcaCI4WrGcjrrw==
date: Fri, 03 Jan 2025 01:39:26 GMT
content-type: image/x-icon
last-modified: Fri, 21 May 2021 09:07:36 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P3
vary: accept-encoding

GET
H2 200 session Show response
lg.hyr.so/v1/lst/ 0
384 B 760ms
254ms XHR
text/plain 44.210.6.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://lg.hyr.so/v1/lst/session

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.210.6.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-210-6-48.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Access-Control-Allow-Origin: *
Referer: https://www.secret-opportunity.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json; charset=utf-8
Access-Control-Allow-Headers: *

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
access-control-expose-headers: Session-ID, L-Gen-ID
etag: LS_7385af8692b4523446dda2e8f00853b2946a6cb98a7e4d960fc1d104a348b653
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://www.secret-opportunity.com
content-length: 0
date: Fri, 03 Jan 2025 07:07:37 GMT
l-gen-id: LS_7385af8692b4523446dda2e8f00853b2946a6cb98a7e4d960fc1d104a348b653

OPTIONS
H2 200 session
lg.hyr.so/v1/lst/ Frame 0
0 791ms
254ms Preflight 44.210.6.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://lg.hyr.so/v1/lst/session

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.210.6.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-210-6-48.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type
Access-Control-Request-Method: GET
Origin: https://www.secret-opportunity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: access-control-allow-headers,access-control-allow-origin,content-type
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://www.secret-opportunity.com
access-control-expose-headers: Session-ID, L-Gen-ID
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE, PATCH
content-length: 0
date: Fri, 03 Jan 2025 07:07:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 pc Show response
208771.t.hyros.com/v1/lst/ 117 B
431 B 262ms
262ms XHR
application/json 44.193.127.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://208771.t.hyros.com/v1/lst/pc?ref_url=https%3A%2F%2Fwww.secret-opportunity.com%2Ffr-t2%2Fcontrat%2Fetape1&u_agent=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F131.0.0.0+Safari%2F537.36&fp=5a442b9447fed32df39b4852b5daaae4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.127.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-127-81.compute-1.amazonaws.com

Software

Resource Hash

45d83a063546bafa5b56ace9119aee2ad8a6880ff9e3019614c3bb06ce4db855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Session-ID: HB-ET_6002e87da1b25f9d05505605e60dc0a1c98c2754fb66794e08b052f200acdafb
Referer: https://www.secret-opportunity.com/
Product-ID: 208771
Access-Control-Allow-Origin: *
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json; charset=utf-8
L-Gen-ID: LS_7385af8692b4523446dda2e8f00853b2946a6cb98a7e4d960fc1d104a348b653
Access-Control-Allow-Headers: *

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
access-control-expose-headers: Session-ID, L-Gen-ID
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://www.secret-opportunity.com
content-length: 117
date: Fri, 03 Jan 2025 07:07:38 GMT
content-type: application/json;charset=UTF-8

OPTIONS
H2 200 pc
208771.t.hyros.com/v1/lst/ Frame 0
0 256ms
255ms Preflight 44.193.127.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.127.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-127-81.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type,l-gen-id,product-id,session-id
Access-Control-Request-Method: GET
Origin: https://www.secret-opportunity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: access-control-allow-headers,access-control-allow-origin,content-type,l-gen-id,product-id,session-id
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://www.secret-opportunity.com
access-control-expose-headers: Session-ID, L-Gen-ID
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE, PATCH
content-length: 0
date: Fri, 03 Jan 2025 07:07:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
208771.t.hyros.com/v1/lst	1970-01-21 11:47:28	Name: __mh_tt_s Value: HB-ET_6002e87da1b25f9d05505605e60dc0a1c98c2754fb66794e08b052f200acdafb
prosperitedigitale33347.activehosted.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: f5e9cb3a08b778dd9fdb8387e378be35
.prosperitedigitale33347.activehosted.com/	1970-01-21 02:54:40	Name: cmp801421791 Value: 94811f2f0a2442ef8b3d89db101e7c69
.activehosted.com/	1970-01-21 02:11:29	Name: __cf_bm Value: 0Beh3iE70FXjSDL3k2RllLEIrqdLr1DoepVOMUec5ZI-1735888051-1.0.1.1-mD5tOk0R.0CzNAcatIKpyvJfBP8re346SQ7PVvrXQxrfueJ02cD8HfSVEsCGOrYSPhylR6oHSIqMuSvXt1WgbQ
www.secret-opportunity.com/	1970-01-21 11:47:28	Name: v Value: 01JGNFV8AMV6Q2KTMADR92FXYH
.secret-opportunity.com/	1970-01-21 04:21:04	Name: _gcl_au Value: 1.1.1766711170.1735888054
.doubleclick.net/	1970-01-21 02:11:28	Name: test_cookie Value: CheckForPermission
.secret-opportunity.com/	1970-01-21 04:21:04	Name: _fbp Value: fb.1.1735888054857.440735397573685316

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

208771.t.hyros.com
connect.facebook.net
d2543nuuc0wvdg.cloudfront.net
d33vglzdi1uj1c.cloudfront.net
d3fit27i5nzkqh.cloudfront.net
d3syewzhvzylbl.cloudfront.net
googleads.g.doubleclick.net
js.stripe.com
lg.hyr.so
prosperitedigitale33347.activehosted.com
td.doubleclick.net
www.facebook.com
www.google.co.nz
www.google.com
www.googletagmanager.com
www.secret-opportunity.com
142.250.204.3
142.250.66.194
142.250.66.232
142.251.221.68
157.240.8.23
157.240.8.35
18.67.110.104
2404:6800:4006:80f::2002
2404:6800:4006:80f::2008
2600:9000:2215:c000:2:5a9d:3800:21
2600:9000:234b:bc00:7:edbe:8fc0:93a1
2600:9000:25f2:3000:1c:d937:ae40:93a1
2600:9000:2774:3000:a:625d:b500:21
2600:9000:2774:4800:f:e793:dc40:21
2606:4700::6811:cd1f
44.193.127.81
44.210.6.48
15b8a8afe59c8ad1bed75055ee5040674872e1b9b7b7cd0c1a6f3cef38e55289
1787069d78312718f37fd7cd3cc5c8a25199c8fbe861e442927db69a07b42b32
1e38737cdbb393e299694fcbdd7458dcc04f31b7a91c12e5840672bc49ed9249
258ead614d5eda85ad55c4045a485f3af00fde92b8ebc9176863683054503868
29b95f6c587699e55285f1570f36eb3403d06dd1ee71efce6dddd16d70ae729f
2d706ae3bbe75bd80bac7475f7e979ecb5e198d6f0e802a34f00c06a8d9520bc
32422dd0c48035653e99b7a340cb75fbd4a533f2d32d9e0f21c5c9b52fb61e55
33447c5487d9aa12e869026a10ca3b8ab7d74c8cc5d9ed0abb5276d49fd173b2
45d83a063546bafa5b56ace9119aee2ad8a6880ff9e3019614c3bb06ce4db855
49eb91ccb014544e86ffd670d8f1f1c2048d59e663c41655ad02651b0a1e302f
4b851bd9af5635c2682387427eb718d453b8e7aeefdbb01c8521ab32a49004b3
502a27b300435518face98fdf2c6d62253d2d0a9839d2aa5afbfc0043add71f4
55b69dbd40c5e9ae07487a0258cdaedb329286d46bda837e8b5ec7b11c11b5f5
60eecd68a7969e3c408c459cfe5190a95d800fcc52508630b44f7e9b6899c4a9
8493f5a950c5eb6615f29a10225aadc2e6c1d177fd512f3359e57eadfb6b4764
9a3f31746c28415015a70910ee9cfbe1c02badc387864d917d12da0027f18c11
9b8e85a03c7739b372cd8d60841dfb8a9c94694e97fc79e09273d56d212e238c
9b9d3c91cec5e3c20dec23079adc7f69d1fa36786ae57a62fcdb3b5356e9066c
a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b1d54c74d19f494918ce108f22448fdde7fa80859353844f2567edb9915f8e29
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f43481f4a5e9b4e61456372b93b8219bc999f24082d7a0e73a6d7832cec5b9
ec4c9dae262a22184820394a4a02aab81c1b4f398bb4f047e8fe910c7be43e58
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5f890d304a41e247309b08aa70cdad3145706151b56059098ca8887094693a0

www.secret-opportunity.com Open in urlscan Pro 2600:9000:234b:bc00:7:edbe:8fc0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

100 %HTTPS

47 %IPv6

12 Domains

16 Subdomains

16 IPs

2 Countries

1535 kBTransfer

4973 kBSize

8 Cookies

3 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.secret-opportunity.com Open in urlscan Pro
2600:9000:234b:bc00:7:edbe:8fc0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

100 %
HTTPS

47 %
IPv6

12
Domains

16
Subdomains

16
IPs

2
Countries

1535 kB
Transfer

4973 kB
Size

8
Cookies

40 HTTP transactions
0 data transactions