urlscan.io logo urlscan.io
SecurityTrails logo

randomtarotcard.com Open in urlscan Pro
34.174.65.43  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://randomtarotcard.com/
Effective URL: https://randomtarotcard.com/
Submission: On November 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 30 HTTP transactions. The main IP is 34.174.65.43, located in Dallas, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is randomtarotcard.com.
TLS certificate: Issued by R3 on September 8th 2023. Valid for: 3 months.
This is the only time randomtarotcard.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    34.174.65.43 (Dallas, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 43.65.174.34.bc.googleusercontent.com
randomtarotcard.com
7    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
9    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
www.googleadservices.com
Apex Domain
Subdomains		 Transfer
16 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
390 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
47 KB
5 randomtarotcard.com
randomtarotcard.com
206 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1181
www.googleadservices.com — Cisco Umbrella Rank: 145
608 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
60 KB
30 6
Domain Requested by
9 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 pagead2.googlesyndication.com randomtarotcard.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
6 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 randomtarotcard.com 1 redirects randomtarotcard.com
2 www.googleadservices.com
2 www.google.com 1 redirects tpc.googlesyndication.com
1 www.googletagservices.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
30 8

This site contains no links.

Subject Issuer Validity Valid
*.randomtarotcard.com
R3		 2023-09-08 -
2023-12-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://randomtarotcard.com/
Frame ID: 287A95D5440958448627DA6A5623B9BE
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html
Frame ID: 11C0D6960EA0DC8F098868DB04BD8609
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890691947221885&output=html&adk=1812271804&adf=3025194257&lmt=1598848447&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Frandomtarotcard.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699201656312&bpp=4&bdt=118&idt=176&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6065758780843&frm=20&pv=2&ga_vid=2115297760.1699201657&ga_sid=1699201657&ga_hid=1554693611&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079347%2C44807048%2C44807336%2C44807454%2C44807460%2C31078301%2C31079381%2C31079155%2C44806139&oid=2&pvsid=4213004227042819&tmod=1440396034&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=192
Frame ID: D50F2786BBBD1D9F48ED3D216C6D00E1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890691947221885&output=html&h=280&slotname=4310044477&adk=3868255332&adf=1839787983&pi=t.ma~as.4310044477&w=1200&fwrn=4&fwrnh=100&lmt=1598848447&rafmt=1&format=1200x280&url=https%3A%2F%2Frandomtarotcard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699201656332&bpp=4&bdt=137&idt=177&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6065758780843&frm=20&pv=1&ga_vid=2115297760.1699201657&ga_sid=1699201657&ga_hid=1554693611&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=1634&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079347%2C44807048%2C44807336%2C44807454%2C44807460%2C31078301%2C31079381%2C31079155%2C44806139&oid=2&pvsid=4213004227042819&tmod=1440396034&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=lLcGrPB8aj&p=https%3A//randomtarotcard.com&dtd=180
Frame ID: 1034CF24CF2E5F80082B48603913A6EB
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E27F7EE9E5E48E0053E41CDE07988893
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dq7XSZMeOny_zs0cDs__BulTyuvw0_s4UMxrCFcwjBQ.js
Frame ID: 399602996DAED8D365492FFE7875E912
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 947E18D466132F2758AC804EF3B505ED
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F9E089DE484BA2116D37385CB2534073
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Random Tarot Card

Page URL History Show full URLs

  1. http://randomtarotcard.com/ HTTP 301
    https://randomtarotcard.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

30
Requests

97 %
HTTPS

75 %
IPv6

6
Domains

8
Subdomains

9
IPs

2
Countries

704 kB
Transfer

1416 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://randomtarotcard.com/ HTTP 301
    https://randomtarotcard.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 19
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CTW9jeMJHZcCvKLCwpt8PuYKouAeAw5T4c7ve8MuyEbCQHxABIJiG3m1glYKAgJgHoAHsn6vSAsgBAqgDAcgDyQSqBPQBT9B1vAIZWpJCwk24tkYN3jzfue1Krvvp3Gf3AAJQAo13bF8dr0MCebiaSmXSt3gjBNTBkYlNCxZWAXVJwxvwrwi-R47FD21jKODUI0YpMCW35WjAlyEiZkMyej5QJxXvLR4RB72IJD5YF-ry4uQ7EBDbMPZzaPamairFWAQw0kDVrnA6w0svh6oj14fZghpAMdkf4b5Vw_pFQ9g2k3urFdALPIuIJmsRfOt4BCGh4Z7v5qb41B6ob6S-u-gwb3BB_PUZI_b74KEb2Z0wTut1gxhHBIMDbT7CbbscbflWIKvDbpyvAnyoNqPheK_whUyYRkEfL8AEyKi14qwEiAXSks_-SpIFBAgEGAGSBQQIBRgEoAYCgAf839StAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEP7dBNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCT1odHRwczovL2wuYXN0cm9sb2d5YW5zd2Vycy5jb20vZmUvdHBnL21haW4_YWRfaWQ9NjU4NDUzMzI2NjM4gAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTY4OTA2OTE5NDcyMjE4ODUYAA&sigh=0gkVW212nB0&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNxjcqeDwube6fiflJ8riONtHNrIzFS_5rUwi85jmZx92AFOHo5F0FKMLGYiIVsMz7oxMphisw3Xmi-O55f_gzGcB57t13bUEYAQ&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214246113671342176343%22,%22debug_reporting%22:true,%22destination%22:%22https://astrologyanswers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22709545964%22],%224%22:[%2211-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224286118102188553969%22}&andc=true

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
randomtarotcard.com/
Redirect Chain
  • http://randomtarotcard.com/
  • https://randomtarotcard.com/
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://randomtarotcard.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.65.43 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
43.65.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6ddd38c13d8f439ac230573a2f5e713733791279003b9e0ac2cb127bff673312

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-type
text/html
date
Sun, 05 Nov 2023 16:27:36 GMT
etag
W/"dd9-5ae24e9c92075"
host-header
8441280b0c35cbc1147f8ba998a563a7
last-modified
Mon, 31 Aug 2020 04:34:07 GMT
server
nginx
vary
Accept-Encoding
x-httpd
1
x-proxy-cache
HIT

Redirect headers

Connection
keep-alive
Content-Length
24
Content-Type
text/plain
Date
Sun, 05 Nov 2023 16:27:35 GMT
Host-Header
8441280b0c35cbc1147f8ba998a563a7
Location
https://randomtarotcard.com/
Server
nginx
X-Proxy-Cache-Info
DT:1
style.css
randomtarotcard.com/ 		1 KB
552 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://randomtarotcard.com/style.css
Requested by
Host: randomtarotcard.com
URL: https://randomtarotcard.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.65.43 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
43.65.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8c819dfddab4226445c86d9e40b58d02053e290029c258aebc2b0635419a884a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randomtarotcard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 16:27:36 GMT
content-encoding
br
last-modified
Mon, 31 Aug 2020 04:36:03 GMT
server
nginx
etag
W/"5f4c7e33-503"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Mon, 04 Nov 2024 16:27:36 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: randomtarotcard.com
URL: https://randomtarotcard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd85219415fae72145ddaaf43866ff86727e2d11d5025dafb984302f7f255223
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randomtarotcard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 16:27:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51903
x-xss-protection
0
server
cafe
etag
10648004551643050215
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 16:27:36 GMT
Randomizer.js
randomtarotcard.com/ 		1 KB
523 B 		Script
General
Check archive.org
Download Go to
Full URL
https://randomtarotcard.com/Randomizer.js
Requested by
Host: randomtarotcard.com
URL: https://randomtarotcard.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.65.43 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
43.65.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
abe5c4cc365dfe3e20d175cb82efb0a0ce4c8b73e319805e24f962dd39b86a2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randomtarotcard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 16:27:36 GMT
content-encoding
br
last-modified
Sat, 09 Mar 2019 20:56:02 GMT
server
nginx
etag
W/"5c842862-4db"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Mon, 04 Nov 2024 16:27:36 GMT
RoseLilyRed.jpg
randomtarotcard.com/ 		203 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://randomtarotcard.com/RoseLilyRed.jpg
Requested by
Host: randomtarotcard.com
URL: https://randomtarotcard.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.65.43 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
43.65.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6fa3015a29b633e666fa816103a75283f807cc4e7aeb5adcda39db5e08857f1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randomtarotcard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 16:27:36 GMT
last-modified
Sat, 27 Oct 2018 17:34:51 GMT
server
nginx
etag
"5bd4a1bb-32c35"
x-proxy-cache-info
DT:1
content-type
image/jpeg
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
207925
expires
Mon, 04 Nov 2024 16:27:36 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/ 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890691947221885&plah=randomtarotcard.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4bb3212ecbd17299698c937c8559154925660f8fe9ddbe28943f1e57e59de637
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randomtarotcard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 16:27:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138238
x-xss-protection
0
server
cafe
etag
13934536114061002272
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 16:27:36 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/ Frame 11C0 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://randomtarotcard.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84278
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Nov 2023 17:02:58 GMT
etag
251720774729838433
expires
Sat, 18 Nov 2023 17:02:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		405 B
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=randomtarotcard.com&callback=_gfp_s_&client=ca-pub-6890691947221885
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890691947221885&plah=randomtarotcard.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
210226967404aaf587bd76c24d0e07be07da9dd0ac97eddfb339816a5321d36d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randomtarotcard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 16:27:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D50F 		0
190 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890691947221885&output=html&adk=1812271804&adf=3025194257&lmt=1598848447&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Frandomtarotcard.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699201656312&bpp=4&bdt=118&idt=176&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6065758780843&frm=20&pv=2&ga_vid=2115297760.1699201657&ga_sid=1699201657&ga_hid=1554693611&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079347%2C44807048%2C44807336%2C44807454%2C44807460%2C31078301%2C31079381%2C31079155%2C44806139&oid=2&pvsid=4213004227042819&tmod=1440396034&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=192
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890691947221885&plah=randomtarotcard.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://randomtarotcard.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 16:27:36 GMT
expires
Sun, 05 Nov 2023 16:27:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1034 		132 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890691947221885&output=html&h=280&slotname=4310044477&adk=3868255332&adf=1839787983&pi=t.ma~as.4310044477&w=1200&fwrn=4&fwrnh=100&lmt=1598848447&rafmt=1&format=1200x280&url=https%3A%2F%2Frandomtarotcard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699201656332&bpp=4&bdt=137&idt=177&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6065758780843&frm=20&pv=1&ga_vid=2115297760.1699201657&ga_sid=1699201657&ga_hid=1554693611&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=1634&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079347%2C44807048%2C44807336%2C44807454%2C44807460%2C31078301%2C31079381%2C31079155%2C44806139&oid=2&pvsid=4213004227042819&tmod=1440396034&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=lLcGrPB8aj&p=https%3A//randomtarotcard.com&dtd=180
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890691947221885&plah=randomtarotcard.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9850d783e1c2c4cbb9daf8b0cbdb2f5e07339a03c0cd2383ba6b17e44a5d62e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://randomtarotcard.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42343
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 16:27:37 GMT
expires
Sun, 05 Nov 2023 16:27:37 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
8909684679132324703
tpc.googlesyndication.com/simgad/ Frame 1034 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8909684679132324703?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkOaPWtGIYnfbmuFcJKtswMWu5OQQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890691947221885&output=html&h=280&slotname=4310044477&adk=3868255332&adf=1839787983&pi=t.ma~as.4310044477&w=1200&fwrn=4&fwrnh=100&lmt=1598848447&rafmt=1&format=1200x280&url=https%3A%2F%2Frandomtarotcard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699201656332&bpp=4&bdt=137&idt=177&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6065758780843&frm=20&pv=1&ga_vid=2115297760.1699201657&ga_sid=1699201657&ga_hid=1554693611&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=1634&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079347%2C44807048%2C44807336%2C44807454%2C44807460%2C31078301%2C31079381%2C31079155%2C44806139&oid=2&pvsid=4213004227042819&tmod=1440396034&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=lLcGrPB8aj&p=https%3A//randomtarotcard.com&dtd=180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d191b0e1c74b5c097961ae92968bf80043496774450047fd74a9c117615c7c84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 05:31:11 GMT
x-content-type-options
nosniff
age
125786
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114367
x-xss-protection
0
last-modified
Sat, 08 Oct 2022 00:53:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 03 Nov 2024 05:31:11 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 1034 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890691947221885&output=html&h=280&slotname=4310044477&adk=3868255332&adf=1839787983&pi=t.ma~as.4310044477&w=1200&fwrn=4&fwrnh=100&lmt=1598848447&rafmt=1&format=1200x280&url=https%3A%2F%2Frandomtarotcard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699201656332&bpp=4&bdt=137&idt=177&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6065758780843&frm=20&pv=1&ga_vid=2115297760.1699201657&ga_sid=1699201657&ga_hid=1554693611&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=1634&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079347%2C44807048%2C44807336%2C44807454%2C44807460%2C31078301%2C31079381%2C31079155%2C44806139&oid=2&pvsid=4213004227042819&tmod=1440396034&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=lLcGrPB8aj&p=https%3A//randomtarotcard.com&dtd=180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 03:09:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
47893
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9345
x-xss-protection
0
server
cafe
etag
15168757854195530193
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 03:09:24 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame E27F 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890691947221885&output=html&h=280&slotname=4310044477&adk=3868255332&adf=1839787983&pi=t.ma~as.4310044477&w=1200&fwrn=4&fwrnh=100&lmt=1598848447&rafmt=1&format=1200x280&url=https%3A%2F%2Frandomtarotcard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699201656332&bpp=4&bdt=137&idt=177&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6065758780843&frm=20&pv=1&ga_vid=2115297760.1699201657&ga_sid=1699201657&ga_hid=1554693611&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=1634&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079347%2C44807048%2C44807336%2C44807454%2C44807460%2C31078301%2C31079381%2C31079155%2C44806139&oid=2&pvsid=4213004227042819&tmod=1440396034&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=lLcGrPB8aj&p=https%3A//randomtarotcard.com&dtd=180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890691947221885&output=html&h=280&slotname=4310044477&adk=3868255332&adf=1839787983&pi=t.ma~as.4310044477&w=1200&fwrn=4&fwrnh=100&lmt=1598848447&rafmt=1&format=1200x280&url=https%3A%2F%2Frandomtarotcard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699201656332&bpp=4&bdt=137&idt=177&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6065758780843&frm=20&pv=1&ga_vid=2115297760.1699201657&ga_sid=1699201657&ga_hid=1554693611&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=1634&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079347%2C44807048%2C44807336%2C44807454%2C44807460%2C31078301%2C31079381%2C31079155%2C44806139&oid=2&pvsid=4213004227042819&tmod=1440396034&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=lLcGrPB8aj&p=https%3A//randomtarotcard.com&dtd=180
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1054
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 16:10:03 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 1034 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890691947221885&output=html&h=280&slotname=4310044477&adk=3868255332&adf=1839787983&pi=t.ma~as.4310044477&w=1200&fwrn=4&fwrnh=100&lmt=1598848447&rafmt=1&format=1200x280&url=https%3A%2F%2Frandomtarotcard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699201656332&bpp=4&bdt=137&idt=177&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6065758780843&frm=20&pv=1&ga_vid=2115297760.1699201657&ga_sid=1699201657&ga_hid=1554693611&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=1634&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079347%2C44807048%2C44807336%2C44807454%2C44807460%2C31078301%2C31079381%2C31079155%2C44806139&oid=2&pvsid=4213004227042819&tmod=1440396034&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=lLcGrPB8aj&p=https%3A//randomtarotcard.com&dtd=180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 12:36:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
13867
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 12:36:30 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 1034 		67 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890691947221885&output=html&h=280&slotname=4310044477&adk=3868255332&adf=1839787983&pi=t.ma~as.4310044477&w=1200&fwrn=4&fwrnh=100&lmt=1598848447&rafmt=1&format=1200x280&url=https%3A%2F%2Frandomtarotcard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699201656332&bpp=4&bdt=137&idt=177&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6065758780843&frm=20&pv=1&ga_vid=2115297760.1699201657&ga_sid=1699201657&ga_hid=1554693611&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=1634&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079347%2C44807048%2C44807336%2C44807454%2C44807460%2C31078301%2C31079381%2C31079155%2C44806139&oid=2&pvsid=4213004227042819&tmod=1440396034&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=lLcGrPB8aj&p=https%3A//randomtarotcard.com&dtd=180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 06:49:38 GMT
x-content-type-options
nosniff
server
cafe
age
34679
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67
x-xss-protection
0
expires
Mon, 06 Nov 2023 06:49:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 1034 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890691947221885&output=html&h=280&slotname=4310044477&adk=3868255332&adf=1839787983&pi=t.ma~as.4310044477&w=1200&fwrn=4&fwrnh=100&lmt=1598848447&rafmt=1&format=1200x280&url=https%3A%2F%2Frandomtarotcard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699201656332&bpp=4&bdt=137&idt=177&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6065758780843&frm=20&pv=1&ga_vid=2115297760.1699201657&ga_sid=1699201657&ga_hid=1554693611&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=1634&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079347%2C44807048%2C44807336%2C44807454%2C44807460%2C31078301%2C31079381%2C31079155%2C44806139&oid=2&pvsid=4213004227042819&tmod=1440396034&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=lLcGrPB8aj&p=https%3A//randomtarotcard.com&dtd=180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 19:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
76057
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 19:20:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1034 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890691947221885&output=html&h=280&slotname=4310044477&adk=3868255332&adf=1839787983&pi=t.ma~as.4310044477&w=1200&fwrn=4&fwrnh=100&lmt=1598848447&rafmt=1&format=1200x280&url=https%3A%2F%2Frandomtarotcard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699201656332&bpp=4&bdt=137&idt=177&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6065758780843&frm=20&pv=1&ga_vid=2115297760.1699201657&ga_sid=1699201657&ga_hid=1554693611&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=1634&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079347%2C44807048%2C44807336%2C44807454%2C44807460%2C31078301%2C31079381%2C31079155%2C44806139&oid=2&pvsid=4213004227042819&tmod=1440396034&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=lLcGrPB8aj&p=https%3A//randomtarotcard.com&dtd=180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 16:27:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Nov 2023 16:27:37 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 1034 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890691947221885&output=html&h=280&slotname=4310044477&adk=3868255332&adf=1839787983&pi=t.ma~as.4310044477&w=1200&fwrn=4&fwrnh=100&lmt=1598848447&rafmt=1&format=1200x280&url=https%3A%2F%2Frandomtarotcard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699201656332&bpp=4&bdt=137&idt=177&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6065758780843&frm=20&pv=1&ga_vid=2115297760.1699201657&ga_sid=1699201657&ga_hid=1554693611&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=1634&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079347%2C44807048%2C44807336%2C44807454%2C44807460%2C31078301%2C31079381%2C31079155%2C44806139&oid=2&pvsid=4213004227042819&tmod=1440396034&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=lLcGrPB8aj&p=https%3A//randomtarotcard.com&dtd=180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
471e787ea8040e2ab945b49b81fb9e41f63e0198ba7f31af08011dae93769a6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 19:24:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
75786
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14703
x-xss-protection
0
server
cafe
etag
17460182615079463251
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 19:24:31 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame E27F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890691947221885&output=html&h=280&slotname=4310044477&adk=3868255332&adf=1839787983&pi=t.ma~as.4310044477&w=1200&fwrn=4&fwrnh=100&lmt=1598848447&rafmt=1&format=1200x280&url=https%3A%2F%2Frandomtarotcard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699201656332&bpp=4&bdt=137&idt=177&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6065758780843&frm=20&pv=1&ga_vid=2115297760.1699201657&ga_sid=1699201657&ga_hid=1554693611&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=1634&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079347%2C44807048%2C44807336%2C44807454%2C44807460%2C31078301%2C31079381%2C31079155%2C44806139&oid=2&pvsid=4213004227042819&tmod=1440396034&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=lLcGrPB8aj&p=https%3A//randomtarotcard.com&dtd=180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 16:27:37 GMT
expires
Sun, 05 Nov 2023 16:27:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 16:27:37 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1034 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbd28a776161bf1891d08822ceea805eddc7c24ec7fda53eece72eeaa23b6f4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame 1034
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CTW9jeMJHZcCvKLCwpt8PuYKouAeAw5T4c7ve8MuyEbCQHxABIJiG3m1glYKAgJgHoAHsn6vSAsgBAqgDAcgDyQSqBPQBT9B1vAIZWpJCwk24tkYN3jzfue1Krvvp3Gf3AAJQAo13bF8dr0M...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214246113671342176343%22,%22debug_reporting%22:true,%22destination%22:%22https://astrologyanswers.com%22,%22event_report_wi...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214246113671342176343%22,%22debug_reporting%22:true,%22destination%22:%22https://astrologyanswers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22709545964%22],%224%22:[%2211-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224286118102188553969%22}&andc=true
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 16:27:37 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"14246113671342176343","debug_reporting":true,"destination":"https://astrologyanswers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["709545964"],"4":["11-05"],"6":["true"]},"priority":"500","source_event_id":"4286118102188553969"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 05 Nov 2023 16:27:37 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 05 Nov 2023 16:27:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"14246113671342176343","debug_reporting":true,"destination":"https://astrologyanswers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["709545964"],"4":["11-05"],"6":["true"]},"priority":"500","source_event_id":"4286118102188553969"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231101&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890691947221885&plah=randomtarotcard.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f1e00fbfde347b7ef96fcfcf27ba0483e6c2aa2378bf297eea739673b3f1bcf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randomtarotcard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 16:27:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12188
x-xss-protection
0
Dq7XSZMeOny_zs0cDs__BulTyuvw0_s4UMxrCFcwjBQ.js
pagead2.googlesyndication.com/bg/ Frame 3996 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dq7XSZMeOny_zs0cDs__BulTyuvw0_s4UMxrCFcwjBQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890691947221885&output=html&h=280&slotname=4310044477&adk=3868255332&adf=1839787983&pi=t.ma~as.4310044477&w=1200&fwrn=4&fwrnh=100&lmt=1598848447&rafmt=1&format=1200x280&url=https%3A%2F%2Frandomtarotcard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699201656332&bpp=4&bdt=137&idt=177&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6065758780843&frm=20&pv=1&ga_vid=2115297760.1699201657&ga_sid=1699201657&ga_hid=1554693611&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=1634&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079347%2C44807048%2C44807336%2C44807454%2C44807460%2C31078301%2C31079381%2C31079155%2C44806139&oid=2&pvsid=4213004227042819&tmod=1440396034&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=lLcGrPB8aj&p=https%3A//randomtarotcard.com&dtd=180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaed749931e3a7cbfcecd1c0ecfff06e953caebf0d3fb3850cc6b0857308c14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 19:38:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
334162
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19631
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Oct 2024 19:38:15 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214246113671342176343%22,%22debug_reporting%22:true,%22destination%22:%22https://astrologyanswers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22709545964%22],%224%22:[%2211-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224286118102188553969%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 05 Nov 2023 16:27:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890691947221885&plah=randomtarotcard.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randomtarotcard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 16:27:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 05 Nov 2023 16:27:37 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 947E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://randomtarotcard.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
161892
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 19:29:25 GMT
expires
Sat, 02 Nov 2024 19:29:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F9E0 		829 B
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
85116ea134f4442ea778d2343f59c8e8fe90564b4878650e2711e4564c6b944b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_RqKsx0XJuya-Zig3_qY1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://randomtarotcard.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-_RqKsx0XJuya-Zig3_qY1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 16:27:37 GMT
expires
Sun, 05 Nov 2023 16:27:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 947E 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 13:29:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
10716
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Nov 2024 13:29:01 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F9E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231101&jk=4213004227042819&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 947E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?3Jr2ig
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 16:27:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231101&jk=4213004227042819&bg=!xsWlxYrNAAb4oU7C2KE7ADQBe5WfOE7n19YnqZ_8_qCFJSlgKN2RH3v6FBOB9kGFdF03rCB38TEavDMjWt5ia522gxRZAgAAANxSAAAAB2gBBwoATzmGhE6HgRYrpkUmdQCqXeYwm6WS01laSXoUKlSAvXJ5Y3Ne4I28-B3kX0Wtm5W-uOACrlYuLdJ0nYFKHyd8mrczIOfkQBBL7Tqtz5wyBxKZAvnFVgnbqpVwn_TrzH5BrNpeOHEhiUF8p_S0UNYAAukvj7OzCnM0jORystmA0kZHnP5PwDHawVFF9CA30DNr-DKq-LlFPmHQv_AXx6mfk4aLo28-WiCKPHQYFZbj8kobrBNhiOyR4RX8hfhwgv3hTca38BJ6E1oFeVBOZGE84JTYS5I7qSagD_3D5hHf16qxj7I-xfNkRqBEvdv2TVuabbO1A2M1WkBu3MMsyBXjUPzZeOoMfXem1D6TPjdzzPbPIyDEiIyGxtM4U7ajga1WqbDGDlgpblEDMXBeoRPtJZzGzlI23bDxeS1FVH8UqDCVMulJNtT2wym5FDbetPLnIydgE72sEixavIpZvdN0kUvz8IsP8C6JW4MbopSsw7VsfnvMfQB13PB2WSSPGBp0R_k1O16FC-T45KO29M4GRFu0wQo8Qzw0XNiV4NLB14q9Af-6Yk7l3QLIvaT9EBD6Uq7bKdSgVE_h-SYoGF-NuQpmLzuKELDSLrObmg7K0D1HiXR1_pCA_eP5Ijjhb5PT4ZBMnwk0RijEt_Ct2MZuhtOEJG83yUE_xcyAJPcNmPPjsrLFVHfhnh83u5GsAmb13IQ35MD3kPOoR_FSAc6fLjvbqbG76nYE0dwRe1FhnjrXQIXim1GvQImAfEuH78VFfGgNy3SfnfClo_-8fKkN9gfbXBJmAaq9hWYyqO1bJZQ-hPn50H5U_ZHDMnZyvMBjAYUx8c27NJGXJyf0z3W863ZogjY2tzFCa2dJiyCHWEnkFxE63Y7fow3kis6cVEOqnSRtlPMzemtNqdIUZmlv2zgZAnnu1qQFo7FaTu41fDtt3S8gZBCugX9qdUpR4ZbU-Vro6Xg1xB1gt55KuNQkRUWD-R9yPZnjcKAVs9N0-zmq5ZONqRKXNiVmikGNHGGeXXlNeexqnCX-k021acvJFVgGEX7qxG2R48yDCeLfr2JYrQH3joDiW_CEOvEjfR-T8uBLa9t7cgvNngUXAIjF0R7aBMJgFRfz7vf-wA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://randomtarotcard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| newPage function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.randomtarotcard.com/ Name: __gads
Value: ID=8f956ad1903e5d7c:T=1699201656:RT=1699201656:S=ALNI_MbVvwPwAlUlwv7H2NlhWZwmtGuomQ
.randomtarotcard.com/ Name: __gpi
Value: UID=00000cb53fb51d0a:T=1699201656:RT=1699201656:S=ALNI_MaeN_qL7UJpmLMFH4uTD48ZHmStOw
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUnnRGXKd_KUxb7j3uV-zHGNzzbSF6KHzk9usv0kVcd-I08G7PSH9ona-BnSb3Q
.googleadservices.com/ Name: ar_debug
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
randomtarotcard.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
172.217.18.2
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:827::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
34.174.65.43
0eaed749931e3a7cbfcecd1c0ecfff06e953caebf0d3fb3850cc6b0857308c14
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
210226967404aaf587bd76c24d0e07be07da9dd0ac97eddfb339816a5321d36d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
471e787ea8040e2ab945b49b81fb9e41f63e0198ba7f31af08011dae93769a6f
4bb3212ecbd17299698c937c8559154925660f8fe9ddbe28943f1e57e59de637
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
6ddd38c13d8f439ac230573a2f5e713733791279003b9e0ac2cb127bff673312
6fa3015a29b633e666fa816103a75283f807cc4e7aeb5adcda39db5e08857f1f
85116ea134f4442ea778d2343f59c8e8fe90564b4878650e2711e4564c6b944b
8c819dfddab4226445c86d9e40b58d02053e290029c258aebc2b0635419a884a
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
9850d783e1c2c4cbb9daf8b0cbdb2f5e07339a03c0cd2383ba6b17e44a5d62e9
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
abe5c4cc365dfe3e20d175cb82efb0a0ce4c8b73e319805e24f962dd39b86a2e
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
d191b0e1c74b5c097961ae92968bf80043496774450047fd74a9c117615c7c84
dd85219415fae72145ddaaf43866ff86727e2d11d5025dafb984302f7f255223
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1e00fbfde347b7ef96fcfcf27ba0483e6c2aa2378bf297eea739673b3f1bcf8
fbd28a776161bf1891d08822ceea805eddc7c24ec7fda53eece72eeaa23b6f4f