fortunehoroscope.com Open in urlscan Pro
165.232.159.158 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://xr.captain-star.com/e4c61a9dc44/6af13458e28/8f2f91a1cba/76da57718fd/0cafb9506cc/4c2cf3e29c4/53c84ff8780/dd157afe686/...
Effective URL:
https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&ut...
Submission: On March 18 via api (March 18th 2023, 11:36:24 pm UTC) from BE — Scanned from DE

Summary HTTP 98 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 24 domains to perform 98 HTTP transactions. The main IP is 165.232.159.158, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is fortunehoroscope.com.
TLS certificate: Issued by R3 on February 22nd 2023. Valid for: 3 months.

This is the only time fortunehoroscope.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	176.9.209.36 176.9.209.36	24940 (HETZNER-AS) (HETZNER-AS)
33	165.232.159.158 165.232.159.158	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223c:1e00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700:e6:... 2606:4700:e6::ac40:c317	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b140:318:4480:a19a:ad9	14618 (AMAZON-AES) (AMAZON-AES)
1	34.232.54.150 34.232.54.150	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2 6	34.226.103.191 34.226.103.191	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
4 4	3.64.174.171 3.64.174.171	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	54.194.182.124 54.194.182.124	16509 (AMAZON-02) (AMAZON-02)
1 2	184.30.17.14 184.30.17.14	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a04:4e42:200... 2a04:4e42:200::300	54113 (FASTLY) (FASTLY)
1 1	64.202.112.63 64.202.112.63	23352 (SERVERCEN...) (SERVERCENTRAL)
1	2600:1f18:ed:... 2600:1f18:ed:550a:167:31e0:ce26:2606	14618 (AMAZON-AES) (AMAZON-AES)
98	27

1 176.9.209.36 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: cold.captain-star.com

xr.captain-star.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 165.232.159.158 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: do08.astrozens.com

fortunehoroscope.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:1e00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:e6::ac40:c317 (United States)

ASN13335 (CLOUDFLARENET, US)

trk-keingent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.trk-keingent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b140:318:4480:a19a:ad9 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.232.54.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-54-150.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.226.103.191 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-103-191.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.64.174.171 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-174-171.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.182.124 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-182-124.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.17.14 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-14.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.63 (United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550a:167:31e0:ce26:2606 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	fortunehoroscope.com fortunehoroscope.com	545 KB
11	liadm.com 3 redirects b-code.liadm.com — Cisco Umbrella Rank: 2654 rp.liadm.com — Cisco Umbrella Rank: 1516 rp4.liadm.com — Cisco Umbrella Rank: 7039 i.liadm.com — Cisco Umbrella Rank: 568 i6.liadm.com — Cisco Umbrella Rank: 2227	25 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 134	202 KB
8	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 68	27 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	382 KB
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 32 stats.g.doubleclick.net — Cisco Umbrella Rank: 76	8 KB
5	trk-keingent.com trk-keingent.com — Cisco Umbrella Rank: 50734 event.trk-keingent.com — Cisco Umbrella Rank: 133235	3 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 285	1 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6069 adservice.google.de — Cisco Umbrella Rank: 8720	1 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 147	223 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	64 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	111 KB
2	addthis.com 1 redirects x.dlx.addthis.com — Cisco Umbrella Rank: 1276	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 201	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	260 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 530	291 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 682	372 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 776	765 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 295	265 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 460	665 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	611 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	6 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 686	30 KB
1	captain-star.com 1 redirects xr.captain-star.com	362 B
98	24

	Domain	Requested by
33	fortunehoroscope.com	fortunehoroscope.com
7	www.google.com	fortunehoroscope.com www.gstatic.com www.google.com tpc.googlesyndication.com
7	pagead2.googlesyndication.com	fortunehoroscope.com pagead2.googlesyndication.com tpc.googlesyndication.com
6	i.liadm.com	2 redirects b-code.liadm.com i.liadm.com
4	x.bidswitch.net	4 redirects
4	event.trk-keingent.com	trk-keingent.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	connect.facebook.net	fortunehoroscope.com connect.facebook.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	www.google.de	fortunehoroscope.com
3	googleads.g.doubleclick.net	www.googletagmanager.com pagead2.googlesyndication.com
3	www.googletagmanager.com	fortunehoroscope.com
2	x.dlx.addthis.com	1 redirects i.liadm.com
2	dpm.demdex.net	2 redirects
2	fonts.gstatic.com	www.google.com
2	www.facebook.com	fortunehoroscope.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	b-code.liadm.com	fortunehoroscope.com b-code.liadm.com
1	i6.liadm.com	i.liadm.com
1	b1sync.zemanta.com	1 redirects
1	trc.taboola.com	i.liadm.com
1	p.rfihub.com	1 redirects
1	match.adsrvr.org	i.liadm.com
1	sync.mathtag.com	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	rp4.liadm.com	fortunehoroscope.com
1	rp.liadm.com	1 redirects
1	trk-keingent.com	fortunehoroscope.com
1	cdnjs.cloudflare.com	fortunehoroscope.com
1	code.jquery.com	fortunehoroscope.com
1	xr.captain-star.com	1 redirects
98	34

This site contains links to these domains. Also see Links.

Domain
everydayhoroscopes.com
policies.google.com
www.facebook.com
www.arcamax.com
www.pixfuture.com
liveramp.com
encommerce.com
moon-bound.com
orientaloracle.com
m.me

Subject Issuer	Validity	Valid
www.fortunehoroscope.com R3	`2023-02-22` - `2023-05-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-30`	a year	crt.sh
*.trk-keingent.com GTS CA 1P5	`2023-02-08` - `2023-05-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-26`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
Frame ID: 3D4B711D594B29B7BBCC286D56B7F7A0
Requests: 81 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html
Frame ID: 7D42BBA2ADF14CD95112F88A005559D2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9067164180551135&output=html&adk=1812271804&adf=3025194257&lmt=1679182578&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Ffortunehoroscope.com%2Fprivacy%3Futm_source%3Dfhdhtofhtiburoncoreg18190500130323w1123%26utm_medium%3Demail%26utm_content%3DappDH%26utm_campaign%3DappDH%26token%3D96091b5788b607b2b5449591b48cbd9d&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679182578086&bpp=2&bdt=807&idt=145&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5053521634878&frm=20&pv=2&ga_vid=889471930.1679182578&ga_sid=1679182578&ga_hid=1094836666&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44777876%2C44759926%2C31072954%2C31073102%2C31073104%2C21065725&oid=2&pvsid=349627051049738&tmod=1805086071&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=165
Frame ID: 65F0E5371CC7D454BC245C110BBE55A9
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeiW9YUAAAAAFURhBO9f0G76vwVZw4tqxb-FW4K&co=aHR0cHM6Ly9mb3J0dW5laG9yb3Njb3BlLmNvbTo0NDM.&hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=2pts9v7bk18k
Frame ID: BB8E8868799EED3A9EAB451D33FAA407
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: FFC8688A98B9FA48AA6474B4AD6218CE
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-013c?s=&cim=&ps=true&ls=true&duid=c1d235365ad0--01gvvh9g9zs79vyfyste2g5w48&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: 188A6DB2CD8EA965B61172906D929517
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8B794AFA1B8CE34FE2F1980A08CBE8D2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9A1EAAC310CEC55651D76FD79F497EA7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Privacy Policy Details | FortuneHoroscope.com

Page URL History Show full URLs

https://xr.captain-star.com/e4c61a9dc44/6af13458e28/8f2f91a1cba/76da57718fd/0cafb9506cc/4c2cf3e29c4/53c8... HTTP 303
https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

98
Requests

94 %
HTTPS

67 %
IPv6

24
Domains

34
Subdomains

27
IPs

6
Countries

1691 kB
Transfer

3893 kB
Size

29
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://everydayhoroscopes.com/astro-store?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_campaign=appDH_fhastrostore&refid=ch-email_src-fhdhtofhtiburoncoreg18190500130323w1123_lp-fhastrostore&ppid=edh
Title: Astro-Store

Search URL Search Domain Scan URL

URL: https://policies.google.com/technologies/partner-sites?hl=en
Title: https://policies.google.com/technologies/partner-sites?hl=en

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policy.php
Title: https://www.facebook.com/policy.php

Search URL Search Domain Scan URL

URL: https://www.arcamax.com/reference/privacy
Title: https://www.arcamax.com/reference/privacy

Search URL Search Domain Scan URL

URL: https://www.pixfuture.com/privacy-policy/
Title: https://www.pixfuture.com/privacy-policy/

Search URL Search Domain Scan URL

URL: https://liveramp.com/privacy/
Title: https://liveramp.com/privacy/

Search URL Search Domain Scan URL

URL: https://encommerce.com/privacy_policy.php
Title: https://encommerce.com/privacy_policy.php

Search URL Search Domain Scan URL

URL: https://everydayhoroscopes.com/compatibility/?leaddata=440bf859a77de903d243f0dc9801cd2b553c7f4c7b8e06f8398f15dcc552dcc45cb0fe09adc346f11065d92db29b3773b265fdd0d3d6eaff&refid=ch-coreg_src-fhlovewidget_lp-api&utm_medium=referral&utm_source=fhlovewidget&utm_campaign=cross
Title: HOW'S YOUR LOVE LIFE GOING? Who's your perfect partner? Click to find out!

Search URL Search Domain Scan URL

URL: https://everydayhoroscopes.com/astro-store?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_campaign=appDH_fhastrostore_banners&refid=ch-email_src-fhdhtofhtiburoncoreg18190500130323w1123_lp-fhastrostorebanners&ppid=edh
Title: Reveal My Future

Search URL Search Domain Scan URL

URL: https://moon-bound.com/
Title: Read lunar horoscope

Search URL Search Domain Scan URL

URL: https://orientaloracle.com/
Title: Today Chinese Horoscope

Search URL Search Domain Scan URL

URL: https://m.me/rn/102872142150381?topic=Stay%20in%20touch%20with%20us%20and%20receive%20daily%20horoscopes&cadence=Daily?ref=FromFH--fhemailfhdhtofhtiburoncoreg18190500130323w1123
Title: Messenger

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fortune.horoscopes
Title: Facebook

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://xr.captain-star.com/e4c61a9dc44/6af13458e28/8f2f91a1cba/76da57718fd/0cafb9506cc/4c2cf3e29c4/53c84ff8780/dd157afe686/8dbdea93257/57ffd8e1fb0/96f6acdb426/123781683ea/b6e9d95f2ae/2c8e719f492/2b6fc30d8a5/38a0f614d07/ac49d5ca164/8a8cf239504/9da41e709b9/3725ef0f606/0a277543218/c1bcb0c23d4/a6d843c5b56/273704d6e4e/dd2f279278b/34a1f0757e8/858365e8d69/d85a68c04a3/8077a979108/a696c786e4b/dabaece95d0/e8065541c92/293672f34a8/253dc836ffd/e8396116efc/7c7a46a2cd4/ba2a9056127/559a272cea4/ea0fc80a337/b2e8ed02338/4db5b96859b/40ee50ec962/96c334c9e83/3019ef4d7d3/367ae223764/830a6513737/e41d5fa8509/0e0066ac28a/b434609187b/129950df35c/ed1b3237a5d/636e7666677/7c1bbe10f26/a3f9a8042ec/5c4b17962b1/28bf10cfe33/182f7a547e6/c40dca27ad0/fe95d6bc007/1631afd21d0fe51 HTTP 303
https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://rp.liadm.com/j?dtstmp=1679182578116&aid=a-013c&se=e30&duid=c1d235365ad0--01gvvh9g9zs79vyfyste2g5w48&tna=v2.7.0&pu=https%3A%2F%2Ffortunehoroscope.com%2Fprivacy%3Futm_source%3Dfhdhtofhtiburoncoreg18190500130323w1123%26utm_medium%3Demail%26utm_content%3DappDH%26utm_campaign%3DappDH%26token%3D96091b5788b607b2b5449591b48cbd9d&wpn=lc-bundle&c=PHRpdGxlPlByaXZhY3kgUG9saWN5IERldGFpbHMgfCBGb3J0dW5lSG9yb3Njb3BlLmNvbTwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkRvIHlvdSB3YW50IHRvIGJlIHByb3ZpZGVkIHdpdGggaGlnaGx5IHJlbGV2YW50IGNvbnRlbnQ_IEhvd2V2ZXIsIGRvIHlvdSBzdGlsbCBmZWVsIHVuY2VydGFpbiBhYm91dCB5b3VyIHByaXZhdGUgZGF0YT8gT3VyIFByaXZhY3kgUG9saWN5IHdpbGwgaGVscCB5b3UgZmVlbCBzYWZlIGFuZCBzZWN1cmUhIFN0dWR5IGl0IHRvIGJlIHN1cmUgd2UgZG9uJ3QgaGF2ZSBhIHJpZ2h0IHRvIGRpc2Nsb3NlIHlvdXIgcGVyc29uYWwgZGF0YS4iPjxoMSBjbGFzcz0iY29udGVudF9fdGl0bGUiPlByaXZhY3kgUG9saWN5PC9oMT4 HTTP 302
https://rp4.liadm.com/j?dtstmp=1679182578116&aid=a-013c&se=e30&duid=c1d235365ad0--01gvvh9g9zs79vyfyste2g5w48&tna=v2.7.0&pu=https%3A%2F%2Ffortunehoroscope.com%2Fprivacy%3Futm_source%3Dfhdhtofhtiburoncoreg18190500130323w1123%26utm_medium%3Demail%26utm_content%3DappDH%26utm_campaign%3DappDH%26token%3D96091b5788b607b2b5449591b48cbd9d&wpn=lc-bundle&c=PHRpdGxlPlByaXZhY3kgUG9saWN5IERldGFpbHMgfCBGb3J0dW5lSG9yb3Njb3BlLmNvbTwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkRvIHlvdSB3YW50IHRvIGJlIHByb3ZpZGVkIHdpdGggaGlnaGx5IHJlbGV2YW50IGNvbnRlbnQ_IEhvd2V2ZXIsIGRvIHlvdSBzdGlsbCBmZWVsIHVuY2VydGFpbiBhYm91dCB5b3VyIHByaXZhdGUgZGF0YT8gT3VyIFByaXZhY3kgUG9saWN5IHdpbGwgaGVscCB5b3UgZmVlbCBzYWZlIGFuZCBzZWN1cmUhIFN0dWR5IGl0IHRvIGJlIHN1cmUgd2UgZG9uJ3QgaGF2ZSBhIHJpZ2h0IHRvIGRpc2Nsb3NlIHlvdXIgcGVyc29uYWwgZGF0YS4iPjxoMSBjbGFzcz0iY29udGVudF9fdGl0bGUiPlByaXZhY3kgUG9saWN5PC9oMT4&i6=MmEwMTo0YTA6MTMzODo5Mjo6OA%3D%3D&n3pc=true

Request Chain 97

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-013c%2F0%2F2529f0fea0f64080bc621c3b71a67b13%3Fmuid%3D%5BMM_UUID%5D&f9cc1ae2-90d1-407e-9429-5777d8ebd2b3 HTTP 302
https://i.liadm.com/s/e/a-013c/0/2529f0fea0f64080bc621c3b71a67b13?muid=6d986416-4af4-4300-b514-f3f677bbc3ac

Request Chain 99

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=f9cc1ae2-90d1-407e-9429-5777d8ebd2b3&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=f9cc1ae2-90d1-407e-9429-5777d8ebd2b3&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=6e1eb5b9-c3de-446e-b49e-3ead6eefe0ba HTTP 303
https://x.bidswitch.net/sync?ssp=liveintent&user_id=f9cc1ae2-90d1-407e-9429-5777d8ebd2b3 HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=liveintent HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=5142336722268169750&expires=30&ssp=liveintent HTTP 302
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=6e1eb5b9-c3de-446e-b49e-3ead6eefe0ba

Request Chain 100

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=f9cc1ae2-90d1-407e-9429-5777d8ebd2b3&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-013c%2F0%2F2529f0fea0f64080bc621c3b71a67b13%3Fmuid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=f9cc1ae2-90d1-407e-9429-5777d8ebd2b3&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-013c%2F0%2F2529f0fea0f64080bc621c3b71a67b13%3Fmuid%3D%24%7BDD_UUID%7D HTTP 302
https://i.liadm.com/s/e/a-013c/0/2529f0fea0f64080bc621c3b71a67b13?muid=18597781003159017094111709859931639553

Request Chain 101

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=f9cc1ae2-90d1-407e-9429-5777d8ebd2b3 HTTP 302
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=f9cc1ae2-90d1-407e-9429-5777d8ebd2b3&rd=Y

Request Chain 103

https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP 302
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid= HTTP 303
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=

98 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request privacy Show response
fortunehoroscope.com/
Redirect Chain

https://xr.captain-star.com/e4c61a9dc44/6af13458e28/8f2f91a1cba/76da57718fd/0cafb9506cc/4c2cf3e29c4/53c84ff8780/dd157afe686/8dbdea93257/57ffd8e1fb0/96f6acdb426/123781683ea/b6e9d95f2ae/2c8e719f492/2...
https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d

151 KB
49 KB

1690ms
1322ms

Document
text/html

165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

6f0f0a55c1c1f978b252b2aee1d6383b64499f349491aa5db719c7ace06d7f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: public, s-maxage=360000
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 18 Mar 2023 23:36:16 GMT
Server: nginx
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: ALLOW-FROM platformdirectads.com
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 223
Content-Type: text/html; charset=utf-8
Date: Sat, 18 Mar 2023 23:36:15 GMT
Location: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
Server: nginx/1.10.0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 140ms
52ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-44795223-21

Requested by

Host: fortunehoroscope.com
URL: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

658582b0b5e19d66922542d1944992ae9b931c3bb87499a072d441480070a09d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:36:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44681
x-xss-protection: 0
last-modified: Sat, 18 Mar 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Mar 2023 23:36:17 GMT

GET
H/1.1 200
OK style.min.css
fortunehoroscope.com/css/ 288 KB
94 KB 362ms
185ms Stylesheet
text/css 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fortunehoroscope.com/css/style.min.css?v=12

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

f39e22a15d3bfb876c091799ef2bc4b25ad891f60e8a0935b8e7d69b9fba49e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: W/"6411aabc-48055"
Transfer-Encoding: chunked
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:17 GMT

GET
H/1.1 200
OK cust.min.css
fortunehoroscope.com/css/ 323 B
674 B 546ms
182ms Stylesheet
text/css 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fortunehoroscope.com/css/cust.min.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

19b085e8b36bfdfb510d6452bf06491aa352449e5577d045a25778478a93dcb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: W/"6411aabc-143"
Transfer-Encoding: chunked
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 141 KB
48 KB 173ms
85ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c650a1b9c263c60111eedec130756af8cee936dd4025f28fbeafbe682e1afd3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:36:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48437
x-xss-protection: 0
server: cafe
etag: 15116478025571662081
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 23:36:17 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 141ms
45ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: fortunehoroscope.com
URL: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://fortunehoroscope.com/
Origin: https://fortunehoroscope.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:36:17 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1538f"
vary: Accept-Encoding
x-hw: 1679182577.dop017.fr8.t,1679182577.cds106.fr8.hn,1679182577.cds057.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.11.0/ 20 KB
6 KB 129ms
45ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.11.0/jquery.validate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30817cd840a829ad5272e7e87e0b6bca67c263065c76422ba418d790e19cf6b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:36:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 785799
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5574
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-5196"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dgr1n4N2mS5phwbfmTitNLjtlEMIMY0zw9iorzM5L2ockLMEryo82bVbVZiOCnWyBEYPmT4fzsNpC4GZcD4lYOK8nB80JoStzMyfO0qs5KnbokzpeN3bS3dA2az0o34uUhDK%2BvFCWc3%2BDaIqHlBjIT9o"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7aa14c04ab222c3a-FRA
expires: Thu, 07 Mar 2024 23:36:17 GMT

GET
H/1.1 200
OK fortunehoroscope.min.js Show response
fortunehoroscope.com/js/ 10 KB
4 KB 191ms
183ms Script
application/javascript 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fortunehoroscope.com/js/fortunehoroscope.min.js?v=5

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

078b572e0fc1aa0c55adf03b017fda4d7f79a4649944c81245b2897a862bf7ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: W/"6411aabc-280e"
Transfer-Encoding: chunked
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:18 GMT

GET
H/1.1 200
OK confirm.min.js Show response
fortunehoroscope.com/js/ 892 B
879 B 358ms
181ms Script
application/javascript 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fortunehoroscope.com/js/confirm.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

b0998e742a28bc6407f6710342b2c6963242e9bb83803689882346a8b1d2a826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: W/"6411aabc-37c"
Transfer-Encoding: chunked
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:18 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
907 B 142ms
52ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeiW9YUAAAAAFURhBO9f0G76vwVZw4tqxb-FW4K

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

00ec2239860f172e162037eed3e988ba27359102c5b40a9f3824cabe0a0c1949

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:36:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 587
x-xss-protection: 1; mode=block
expires: Sat, 18 Mar 2023 23:36:17 GMT

GET
H/1.1 200
OK index.min.js Show response
fortunehoroscope.com/vendor/http-request/ 763 B
916 B 548ms
182ms Script
application/javascript 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fortunehoroscope.com/vendor/http-request/index.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

1d9dc69b6b5e6eab7c5a6f7082e787d624029ba829184a5b6305ae1ad65a8982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: W/"6411aabc-2fb"
Transfer-Encoding: chunked
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:17 GMT

GET
H2 200 a-013c.min.js Show response
b-code.liadm.com/ 42 KB
14 KB 127ms
44ms Script
application/javascript 2600:9000:223c:1e00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-013c.min.js
Requested by: Host: fortunehoroscope.com
URL: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:1e00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8622d49bd1a1c65c4ab5edf2ccca30a6041bb7f5c8fddcc3620cf29b903cf35b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 04:51:47 GMT
content-encoding: gzip
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 67470
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: L9J9aIv1XqRNn4nfa2w1zHJjZZDldQfGlr1TK6yI-SaiakDI3ex7JQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 190 KB
67 KB 61ms
59ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NV9F4CJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

912baaeee4c4c2e2749081a5fbac158950481da90e088ea5687a0dab3b25c2d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:36:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68827
x-xss-protection: 0
last-modified: Sat, 18 Mar 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Mar 2023 23:36:17 GMT

GET
H2 200 zqd2my4gk3 Show response
trk-keingent.com/scripts/push/script/ 7 KB
3 KB 497ms
409ms Script
application/javascript 2606:4700:e6::ac40:c317
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk-keingent.com/scripts/push/script/zqd2my4gk3?url=fortunehoroscope.com&alturl=/privacy

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c317 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e46f984735ebda3b8db030c31043afb04a9cbd664054eb7036e0d3fb279a8962

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:36:18 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 18 Mar 2023 23:36:18 GMT
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/javascript;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=suGff%2BuZ3SixkgtbGZjRkBAu0BCnhxL%2F7xdQONxPN3SVAL7oBz4h0IlqSmLAJo%2B8IkLknjrAEFDlXrSPwyCGA0sq1RX9MsHEePK%2B6PSxxnPsZ646%2Bi9p%2BSbXSQLxkwgtzH%2F4RMPYefRhFFtjhRyK"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray: 7aa14c082aff91de-FRA
expires: 0

GET
H/1.1 404
Not Found js.cookie.min.js
fortunehoroscope.com/src/ 0
0 546ms
181ms Script
text/html 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://fortunehoroscope.com/src/js.cookie.min.js
Requested by: Host: fortunehoroscope.com
URL: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: do08.astrozens.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:17 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK cross-widget-eh.min.js Show response
fortunehoroscope.com/js/src/ 470 B
740 B 550ms
183ms Script
application/javascript 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fortunehoroscope.com/js/src/cross-widget-eh.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

406fdf5cfe291207b943924e16a7293ce07ee8cc7f78de395742f1f81527ad3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: W/"6411aabc-1d6"
Transfer-Encoding: chunked
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:17 GMT

GET
H/1.1 200
OK justValidateTooltip.min.css
fortunehoroscope.com/vendor/just-validate/dist/css/ 482 B
711 B 367ms
181ms Stylesheet
text/css 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fortunehoroscope.com/vendor/just-validate/dist/css/justValidateTooltip.min.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

30b4fdd3106974e4470262da0388ade180e3d7f2f53e2e71e9f66c7c871907be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: W/"6411aabc-1e2"
Transfer-Encoding: chunked
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:17 GMT

GET
H/1.1 200
OK just-validate.min.js Show response
fortunehoroscope.com/vendor/just-validate/dist/js/ 14 KB
5 KB 551ms
182ms Script
application/javascript 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fortunehoroscope.com/vendor/just-validate/dist/js/just-validate.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

752d510e1c97335217bbac462ff2c08dced3348ffe3fd866f2b167e9439574d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: W/"6411aabc-36ff"
Transfer-Encoding: chunked
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:17 GMT

GET
H/1.1 200
OK http-request.min.js Show response
fortunehoroscope.com/js/src/ 769 B
916 B 550ms
181ms Script
application/javascript 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fortunehoroscope.com/js/src/http-request.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

ba2f57e32fe53f68878070d6a2d276c5b6f102f5188e185d3f745bc316459022

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: W/"6411aabc-301"
Transfer-Encoding: chunked
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:17 GMT

GET
H/1.1 200
OK phone-subscription.min.js Show response
fortunehoroscope.com/js/build/ 1 KB
1012 B 552ms
182ms Script
application/javascript 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fortunehoroscope.com/js/build/phone-subscription.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

7b14cbb363bf4962b25f7aba673e62d9c5229903220d64f8165a6f07828000ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: W/"6411aabc-476"
Transfer-Encoding: chunked
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:17 GMT

GET
H/1.1 200
OK bg-mb.jpg
fortunehoroscope.com/img/widget/ 13 KB
13 KB 345ms
182ms Image
image/jpeg 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fortunehoroscope.com/img/widget/bg-mb.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

c271b7d82596ae48b37859fc64b6d9bad0943838134582c60ac110899f86bce1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: "6411aabc-3382"
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13186
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:18 GMT

GET
H/1.1 200
OK logo-mb.png
fortunehoroscope.com/img/widget/ 3 KB
4 KB 526ms
182ms Image
image/png 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fortunehoroscope.com/img/widget/logo-mb.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

36e5e03f52ae0c896263c626146c3a6c3535c2232ecbd17a1b08acbd9540c478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: "6411aabc-d5b"
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3419
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:18 GMT

GET
H/1.1 200
OK bg-ball-8.jpg
fortunehoroscope.com/img/widget/ 24 KB
25 KB 528ms
183ms Image
image/jpeg 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fortunehoroscope.com/img/widget/bg-ball-8.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

a4009ac9cc2a7b7760cf90852437f5452f4a8a1eeeeb1c719960aa521e5744ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: "6411aabc-60a4"
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24740
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:18 GMT

GET
H/1.1 200
OK validate-form-v3.min.js Show response
fortunehoroscope.com/js/build/ 780 B
958 B 183ms
182ms Script
application/javascript 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fortunehoroscope.com/js/build/validate-form-v3.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

e662d03c88147cae77171d2a8c9fd63d7ec272d0d98f84e147b299e1b0b1f54a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: W/"6411aabc-30c"
Transfer-Encoding: chunked
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:18 GMT

GET
H/1.1 200
OK confirm-email.min.js Show response
fortunehoroscope.com/js/build/ 851 B
921 B 183ms
182ms Script
application/javascript 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fortunehoroscope.com/js/build/confirm-email.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

9c381694d6b032375d82c2b80efbf1289eb9f6c3372cf4c43e4a2e3b21943d7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: W/"6411aabc-353"
Transfer-Encoding: chunked
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 129ms
39ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-44795223-21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 Mar 2023 22:23:33 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4364
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 19 Mar 2023 00:23:33 GMT

GET
H/1.1 200
OK fonts.woff.css Show response
fortunehoroscope.com/fonts/ 83 KB
63 KB 368ms
367ms XHR
text/css 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fortunehoroscope.com/fonts/fonts.woff.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

0ad68e1c336d4faed099d583cb14ea96efa94ff2cc9ba9d4eb9e1ac64462ae52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: W/"6411aabc-14c1d"
Transfer-Encoding: chunked
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:17 GMT

GET
H/1.1 200
OK back.jpg
fortunehoroscope.com/img/ 20 KB
21 KB 506ms
365ms Image
image/jpeg 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fortunehoroscope.com/img/back.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

bee7af5c40f5020c5d151cadf40055e71658f6d16317776eded35e42b3174445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: "6411aabc-511b"
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20763
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:18 GMT

GET
H/1.1 200
OK logo.svg
fortunehoroscope.com/img/ 4 KB
4 KB 316ms
181ms Image
image/svg+xml 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fortunehoroscope.com/img/logo.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

90620d3353d508ee28da0ac531bc53e5224c37bed99f5db5732ab425eef66275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: "6411aabc-103f"
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4159
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:18 GMT

GET
DATA 200
OK truncated
/ 718 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d34f0697be8005a3e8fdfe6803bb0c27a9ab2ec6730948e2198fb3b762b69105

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 924 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d10d2c47828a33c284a7c77a0f570f8d360186cd4549db7b24e0fe5c4d2cfc6e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 436 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b9a95a461774964dcd7f852056e3efbaa5c9461add0d81dc6687e1474df8ae3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eadb4ec6dbd7c4bbe7ea92150ca359caea46adc9151f719c35d5001811dddc98

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99654f54b2fbb6f163867f436087dbf87215600bc1e3285597f7b26bc5671d0b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK astrostore.png
fortunehoroscope.com/img/icons/ 53 KB
54 KB 325ms
182ms Image
image/png 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fortunehoroscope.com/img/icons/astrostore.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

87938357eb86e00485493dc097978bac3434c58c2dc6213bdb5d2a66bf647987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: "6411aabc-d5af"
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54703
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:18 GMT

GET
H/1.1 200
OK alarm.png
fortunehoroscope.com/img/icons/ 18 KB
19 KB 507ms
366ms Image
image/png 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fortunehoroscope.com/img/icons/alarm.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

454e738af55df03c92023e3dde7c86c5f0c020a71c086d96398dd425e73faa64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: "6411aabc-48e7"
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18663
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:18 GMT

GET
H/1.1 200
OK widget-bg-forest.png
fortunehoroscope.com/img/widget/ 37 KB
37 KB 504ms
363ms Image
image/png 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fortunehoroscope.com/img/widget/widget-bg-forest.png

Requested by

Host: fortunehoroscope.com
URL: https://fortunehoroscope.com/css/style.min.css?v=12

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

bfb8a5a8b898380ba7efbab5e2f1d6b6aba879ebb93d2c34d5b2cbf05b778c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/css/style.min.css?v=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: "6411aabc-9409"
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37897
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:18 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/865995697/ 3 KB
2 KB 143ms
55ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/865995697/?random=1679182577954&cv=11&fst=1679182577954&bg=ffffff&guid=ON&async=1&gtm=45He33f0&u_w=1600&u_h=1200&label=SER9COvh7NABELGX-JwD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffortunehoroscope.com%2Fprivacy%3Futm_source%3Dfhdhtofhtiburoncoreg18190500130323w1123%26utm_medium%3Demail%26utm_content%3DappDH%26utm_campaign%3DappDH%26token%3D96091b5788b607b2b5449591b48cbd9d&tiba=Privacy%20Policy%20Details%20%7C%20FortuneHoroscope.com&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV9F4CJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73d4081089c02023c399c3503c1913081d65d282951b43e9f8b86697aef52f60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 23:36:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 124ms
42ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 18 Mar 2023 23:36:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: DKReRKKDs6L/s3TPfvwtjliVN9iJcTarLcAzzFYRL2+Mqn18+AMpg9JTlJLVjyE1GkhDkbDtN3Q2NjbgWmjWbA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sync-container.js Show response
b-code.liadm.com/ 6 KB
6 KB 41ms
41ms Script
application/javascript 2600:9000:223c:1e00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/sync-container.js
Requested by: Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-013c.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:1e00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: WIo1DFPCLgnYZuB8yv1dFIDWe1bYBj2G
date: Sat, 11 Mar 2023 17:39:33 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 772139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 5904
last-modified: Tue, 10 May 2022 11:48:07 GMT
server: AmazonS3
etag: W/"ae5e94de938b0387eda6df8f20da811a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 0FR7E_I0-ROfHsbKxgb0Ydgzi0LbX0zhkXYUkwuRtgpGCiDazvafEg==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ 407 KB
163 KB 128ms
40ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeiW9YUAAAAAFURhBO9f0G76vwVZw4tqxb-FW4K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7758a4fd4f12e3dcce82f7ee68f926f28fad12d9073b88eced439b6a6fe12343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fortunehoroscope.com/
Origin: https://fortunehoroscope.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 14:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166267
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 02:02:14 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 14:10:14 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 113 KB
44 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-W4J6F48&t=gtag_UA_44795223_21&cid=889471930.1679182578

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

960500680872c0088bcbca123310e96f7105ad6f0b71312ac612f83899a3d1a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:36:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45139
x-xss-protection: 0
last-modified: Sat, 18 Mar 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Mar 2023 23:36:18 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be8eb019a4e69bead8d7fb3ccb56dad5550fea3f585a2e249cbfe3d0b6a4cf53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 67ms
42ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

533788c8485496a53a188d29b7fe5f21853f07181f369fd416fe301f116388f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 Mar 2023 23:36:18 GMT
content-md5: meo3uph/dPaMkDSoYkaA/Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: /lMiDqEqw4i/IJDdH8xGIE4IE857zJ2jlHhjfH2VoLoDFiPMjqeCpA/+ZPa6EjCJxA4Uw+tEgtxQ3YWyBYT0YQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
x-fb-content-md5: e4bda638d93b64e0318c17fc21c5e7d8
cross-origin-opener-policy: same-origin-allow-popups
etag: "a6288fccbe3832769cc50c1257f33bc6"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Mar 2023 23:46:48 GMT

GET
H/1.1 200
OK edh-block-5.png
fortunehoroscope.com/img/banner-sidebar/ 14 KB
14 KB 526ms
181ms Image
image/png 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fortunehoroscope.com/img/banner-sidebar/edh-block-5.png

Requested by

Host: fortunehoroscope.com
URL: https://fortunehoroscope.com/css/style.min.css?v=12

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

5f0aaad3676ab5980503960fcd80d79a396d2f334e90cdc20f398d9f9cdbbe16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/css/style.min.css?v=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: "6411aabc-366b"
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13931
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:18 GMT

GET
H/1.1 200
OK bg-wheel.png
fortunehoroscope.com/img/widget/ 30 KB
30 KB 516ms
363ms Image
image/png 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fortunehoroscope.com/img/widget/bg-wheel.png

Requested by

Host: fortunehoroscope.com
URL: https://fortunehoroscope.com/css/style.min.css?v=12

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

3142d7b242aad746f435b595f58cc6fe3bbf8e8062788fbdff617e53edf90b50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/css/style.min.css?v=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: "6411aabc-76c7"
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30407
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:18 GMT

GET
H/1.1 200
OK bg-2023.png
fortunehoroscope.com/img/widget/ 46 KB
47 KB 267ms
181ms Image
image/png 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fortunehoroscope.com/img/widget/bg-2023.png

Requested by

Host: fortunehoroscope.com
URL: https://fortunehoroscope.com/css/style.min.css?v=12

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

3946268c0fc98748f3ebb080ea17976c23870e895219893f9ecf2292bfdca13a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/css/style.min.css?v=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: "6411aabc-b9d0"
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 47568
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:18 GMT

GET
H/1.1 200
OK ch_icon.svg
fortunehoroscope.com/img/ 9 KB
10 KB 183ms
183ms Image
image/svg+xml 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fortunehoroscope.com/img/ch_icon.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

fd3d83d5b999419e5cd8568f3b3116e93843567e7421213ff7d06b9f30a7bbd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: "6411aabc-25a1"
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9633
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:18 GMT

GET
H/1.1 200
OK tarot_icon.svg
fortunehoroscope.com/img/ 6 KB
6 KB 183ms
183ms Image
image/svg+xml 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fortunehoroscope.com/img/tarot_icon.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

43f7a04c04b3a6d8c091d1e6485b97d340804cb210ad66f863e144e150bdfb17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: "6411aabc-1653"
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5715
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:18 GMT

GET
H/1.1 200
OK icon-dragon.svg
fortunehoroscope.com/img/ 21 KB
21 KB 184ms
182ms Image
image/svg+xml 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fortunehoroscope.com/img/icon-dragon.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

01f34fa0a0ee5fed2e68cacb640f2362c0d3d9475b6a53a13aa41c8a724d78f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: "6411aabc-520e"
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21006
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:18 GMT

GET
H/1.1 200
OK icon-cookie.svg
fortunehoroscope.com/img/ 8 KB
8 KB 183ms
182ms Image
image/svg+xml 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fortunehoroscope.com/img/icon-cookie.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

affa97dbb56a9a2b4634bf7eb510b32905d0596cb211669c0dfafa4fd2fa902d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: "6411aabc-1edd"
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7901
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:18 GMT

GET
H/1.1 200
OK man_girl.png
fortunehoroscope.com/img/ 8 KB
8 KB 183ms
182ms Image
image/png 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fortunehoroscope.com/img/man_girl.png

Requested by

Host: fortunehoroscope.com
URL: https://fortunehoroscope.com/css/style.min.css?v=12

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

8113f0f1e952e6b757353279dedcff2e76ab5560fdf6d1e3af6de766a1c69415

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/css/style.min.css?v=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: "6411aabc-1f7d"
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8061
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:18 GMT

GET
H/1.1 200
OK messenger-footer.svg
fortunehoroscope.com/img/icons/ 1 KB
2 KB 183ms
183ms Image
image/svg+xml 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fortunehoroscope.com/img/icons/messenger-footer.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

63db35ccdc87bc7e5030bf99c2d0c30b118a5acde9dffd0adcc32d7bc654480f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: "6411aabc-474"
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1140
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:18 GMT

GET
H/1.1 200
OK fb-footer.svg
fortunehoroscope.com/img/icons/ 656 B
1 KB 182ms
182ms Image
image/svg+xml 165.232.159.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fortunehoroscope.com/img/icons/fb-footer.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.159.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

do08.astrozens.com

Software

nginx /

Resource Hash

73b3f8198e37e3598634e4b48f77ffad460b5d95354592d4b81d963df56ba3f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Mar 2023 11:23:40 GMT
Server: nginx
ETag: "6411aabc-290"
X-Frame-Options: ALLOW-FROM platformdirectads.com
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 656
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Apr 2023 23:36:18 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/ 350 KB
117 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9067164180551135&plah=fortunehoroscope.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1464cbbe595651b4e221a52c32c6a3e03e4e120ccc81effcd773367515bb1e6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:36:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119669
x-xss-protection: 0
server: cafe
etag: 11593905819814079517
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 18 Mar 2023 23:36:18 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/ Frame 7D42 10 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fortunehoroscope.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3051
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 22:45:27 GMT
etag: 2378337311435320485
expires: Sat, 01 Apr 2023 22:45:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 47ms
47ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1094836666&t=pageview&_s=1&dl=https%3A%2F%2Ffortunehoroscope.com%2Fprivacy%3Futm_source%3Dfhdhtofhtiburoncoreg18190500130323w1123%26utm_medium%3Demail%26utm_content%3DappDH%26utm_campaign%3DappDH%26token%3D96091b5788b607b2b5449591b48cbd9d&ul=en-us&de=UTF-8&dt=Privacy%20Policy%20Details%20%7C%20FortuneHoroscope.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUADQAAAACAAI~&jid=1293115895&gjid=435264425&cid=889471930.1679182578&tid=UA-44795223-21&_gid=692023325.1679182578&_r=1&gtm=457e33f0&z=1592542215

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fortunehoroscope.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 23:36:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fortunehoroscope.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 47ms
46ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1094836666&t=pageview&_s=1&dl=https%3A%2F%2Ffortunehoroscope.com%2Fprivacy%3Futm_source%3Dfhdhtofhtiburoncoreg18190500130323w1123%26utm_medium%3Demail%26utm_content%3DappDH%26utm_campaign%3DappDH%26token%3D96091b5788b607b2b5449591b48cbd9d&ul=en-us&de=UTF-8&dt=Privacy%20Policy%20Details%20%7C%20FortuneHoroscope.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUADQAAAACAAI~&jid=1535221461&gjid=1156246419&cid=889471930.1679182578&tid=UA-44795223-21&_gid=692023325.1679182578&_r=1&_slc=1&gtm=45He33f0n81NV9F4CJ&z=1836148772

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fortunehoroscope.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 23:36:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fortunehoroscope.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1679182578116&aid=a-013c&se=e30&duid=c1d235365ad0--01gvvh9g9zs79vyfyste2g5w48&tna=v2.7.0&pu=https%3A%2F%2Ffortunehoroscope.com%2Fprivacy%3Futm_source%3Dfhdhtofhtiburon...
https://rp4.liadm.com/j?dtstmp=1679182578116&aid=a-013c&se=e30&duid=c1d235365ad0--01gvvh9g9zs79vyfyste2g5w48&tna=v2.7.0&pu=https%3A%2F%2Ffortunehoroscope.com%2Fprivacy%3Futm_source%3Dfhdhtofhtiburo...

13 B
551 B

1036ms
117ms

XHR
application/json

34.232.54.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1679182578116&aid=a-013c&se=e30&duid=c1d235365ad0--01gvvh9g9zs79vyfyste2g5w48&tna=v2.7.0&pu=https%3A%2F%2Ffortunehoroscope.com%2Fprivacy%3Futm_source%3Dfhdhtofhtiburoncoreg18190500130323w1123%26utm_medium%3Demail%26utm_content%3DappDH%26utm_campaign%3DappDH%26token%3D96091b5788b607b2b5449591b48cbd9d&wpn=lc-bundle&c=PHRpdGxlPlByaXZhY3kgUG9saWN5IERldGFpbHMgfCBGb3J0dW5lSG9yb3Njb3BlLmNvbTwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkRvIHlvdSB3YW50IHRvIGJlIHByb3ZpZGVkIHdpdGggaGlnaGx5IHJlbGV2YW50IGNvbnRlbnQ_IEhvd2V2ZXIsIGRvIHlvdSBzdGlsbCBmZWVsIHVuY2VydGFpbiBhYm91dCB5b3VyIHByaXZhdGUgZGF0YT8gT3VyIFByaXZhY3kgUG9saWN5IHdpbGwgaGVscCB5b3UgZmVlbCBzYWZlIGFuZCBzZWN1cmUhIFN0dWR5IGl0IHRvIGJlIHN1cmUgd2UgZG9uJ3QgaGF2ZSBhIHJpZ2h0IHRvIGRpc2Nsb3NlIHlvdXIgcGVyc29uYWwgZGF0YS4iPjxoMSBjbGFzcz0iY29udGVudF9fdGl0bGUiPlByaXZhY3kgUG9saWN5PC9oMT4&i6=MmEwMTo0YTA6MTMzODo5Mjo6OA%3D%3D&n3pc=true

Requested by

Protocol

Server

34.232.54.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-232-54-150.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:36:19 GMT
x-pixel-event-id: e7cf254e-28ff-41d7-80e6-5a4556341f9b
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 5cebad3f556a0aa2
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Sat, 18 Mar 2023 23:36:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1679182578116&aid=a-013c&se=e30&duid=c1d235365ad0--01gvvh9g9zs79vyfyste2g5w48&tna=v2.7.0&pu=https%3A%2F%2Ffortunehoroscope.com%2Fprivacy%3Futm_source%3Dfhdhtofhtiburoncoreg18190500130323w1123%26utm_medium%3Demail%26utm_content%3DappDH%26utm_campaign%3DappDH%26token%3D96091b5788b607b2b5449591b48cbd9d&wpn=lc-bundle&c=PHRpdGxlPlByaXZhY3kgUG9saWN5IERldGFpbHMgfCBGb3J0dW5lSG9yb3Njb3BlLmNvbTwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkRvIHlvdSB3YW50IHRvIGJlIHByb3ZpZGVkIHdpdGggaGlnaGx5IHJlbGV2YW50IGNvbnRlbnQ_IEhvd2V2ZXIsIGRvIHlvdSBzdGlsbCBmZWVsIHVuY2VydGFpbiBhYm91dCB5b3VyIHByaXZhdGUgZGF0YT8gT3VyIFByaXZhY3kgUG9saWN5IHdpbGwgaGVscCB5b3UgZmVlbCBzYWZlIGFuZCBzZWN1cmUhIFN0dWR5IGl0IHRvIGJlIHN1cmUgd2UgZG9uJ3QgaGF2ZSBhIHJpZ2h0IHRvIGRpc2Nsb3NlIHlvdXIgcGVyc29uYWwgZGF0YS4iPjxoMSBjbGFzcz0iY29udGVudF9fdGl0bGUiPlByaXZhY3kgUG9saWN5PC9oMT4&i6=MmEwMTo0YTA6MTMzODo5Mjo6OA%3D%3D&n3pc=true
access-control-allow-origin: https://fortunehoroscope.com
request-time: 0
access-control-allow-credentials: true
trace-id: a0ac593f6bab42bc
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 /
www.google.com/pagead/1p-user-list/865995697/ 42 B
327 B 52ms
51ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/865995697/?random=1679182577954&cv=11&fst=1679180400000&bg=ffffff&guid=ON&async=1&gtm=45He33f0&u_w=1600&u_h=1200&label=SER9COvh7NABELGX-JwD&frm=0&url=https%3A%2F%2Ffortunehoroscope.com%2Fprivacy%3Futm_source%3Dfhdhtofhtiburoncoreg18190500130323w1123%26utm_medium%3Demail%26utm_content%3DappDH%26utm_campaign%3DappDH%26token%3D96091b5788b607b2b5449591b48cbd9d&tiba=Privacy%20Policy%20Details%20%7C%20FortuneHoroscope.com&fmt=3&is_vtc=1&random=2476028886&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 23:36:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/865995697/ 42 B
455 B 140ms
52ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/865995697/?random=1679182577954&cv=11&fst=1679180400000&bg=ffffff&guid=ON&async=1&gtm=45He33f0&u_w=1600&u_h=1200&label=SER9COvh7NABELGX-JwD&frm=0&url=https%3A%2F%2Ffortunehoroscope.com%2Fprivacy%3Futm_source%3Dfhdhtofhtiburoncoreg18190500130323w1123%26utm_medium%3Demail%26utm_content%3DappDH%26utm_campaign%3DappDH%26token%3D96091b5788b607b2b5449591b48cbd9d&tiba=Privacy%20Policy%20Details%20%7C%20FortuneHoroscope.com&fmt=3&is_vtc=1&random=2476028886&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 23:36:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2608467419419540 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 41ms
41ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2608467419419540?v=2.9.99&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

70f489bb3c80fa6ea2141b242500ccf2136bd6081dafcb66cc8b1aca7120a0dd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 18 Mar 2023 23:36:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110474
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: AyluaN6ZPTa4k/RlfLuaVnCJZ+Ebj0m/ZoDxuhj63PrU7bBc5uCBQ55Eqcv5+yuwwT4LVgzDWaHd8048zDMCuw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 84ms
40ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=3940b942b9c3c9f4145a74142d719309

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

17148c5554fcd0cd7578347b58bd6685a10e4d806ab9a137139caae67c84c1d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://fortunehoroscope.com/
Origin: https://fortunehoroscope.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 Mar 2023 23:36:18 GMT
content-md5: RTma6sQ7Qww1p0dKN5L4LQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87123
x-fb-rlafr: 0
x-fb-debug: I8jE5H7HkKLp2gKYofvtEuVSmH4clLcmN+0jKSVpBP9BeUDTQWS30prlhGYUHVEVQOnqhJJbuJMJRlFA7RExxw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: f3db5abdd70a78ca47b4575cae684dd2
cross-origin-opener-policy: same-origin-allow-popups
etag: "bf9bdc2e9e929eb9a9dbb186b0418b59"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sun, 17 Mar 2024 22:30:53 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 148ms
49ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-44795223-21&cid=889471930.1679182578&jid=1293115895&gjid=435264425&_gid=692023325.1679182578&_u=aGBAAUACQAAAACAAI~&z=1739554406

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fortunehoroscope.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 18 Mar 2023 23:36:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fortunehoroscope.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 144ms
48ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-44795223-21&cid=889471930.1679182578&jid=1535221461&gjid=1156246419&_gid=692023325.1679182578&_u=aGDAAUADQAAAACAAI~&z=1719383281

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fortunehoroscope.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 18 Mar 2023 23:36:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fortunehoroscope.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 407 B
611 B 135ms
48ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=fortunehoroscope.com&callback=_gfp_s_&client=ca-pub-9067164180551135

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9067164180551135&plah=fortunehoroscope.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b74f234ae318ac1950f96038783ebfae3d3a8a8971829a09459fc0ba05d73cd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 259
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 143ms
49ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fortunehoroscope.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 139ms
51ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fortunehoroscope.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 65F0 4 KB
1 KB 176ms
175ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9067164180551135&output=html&adk=1812271804&adf=3025194257&lmt=1679182578&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Ffortunehoroscope.com%2Fprivacy%3Futm_source%3Dfhdhtofhtiburoncoreg18190500130323w1123%26utm_medium%3Demail%26utm_content%3DappDH%26utm_campaign%3DappDH%26token%3D96091b5788b607b2b5449591b48cbd9d&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679182578086&bpp=2&bdt=807&idt=145&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5053521634878&frm=20&pv=2&ga_vid=889471930.1679182578&ga_sid=1679182578&ga_hid=1094836666&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44777876%2C44759926%2C31072954%2C31073102%2C31073104%2C21065725&oid=2&pvsid=349627051049738&tmod=1805086071&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=165

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f548893bea180db0634511288bc4828e55bcf826414762e6e3c3ba93e8dcddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fortunehoroscope.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 725
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 23:36:18 GMT
expires: Sat, 18 Mar 2023 23:36:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 123ms
41ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2608467419419540&ev=PageView&dl=https%3A%2F%2Ffortunehoroscope.com%2Fprivacy%3Futm_source%3Dfhdhtofhtiburoncoreg18190500130323w1123%26utm_medium%3Demail%26utm_content%3DappDH%26utm_campaign%3DappDH%26token%3D96091b5788b607b2b5449591b48cbd9d&rl=&if=false&ts=1679182578266&sw=1600&sh=1200&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679182578265.1428018577&it=1679182578124&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Mar 2023 23:36:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame BB8E 46 KB
25 KB 65ms
65ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeiW9YUAAAAAFURhBO9f0G76vwVZw4tqxb-FW4K&co=aHR0cHM6Ly9mb3J0dW5laG9yb3Njb3BlLmNvbTo0NDM.&hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=2pts9v7bk18k

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a47064dd270df1c1be7d120f30613a2b63b1561d539c6271eb9df0f657ea037e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JMl_NUiUMeJq_QMTh4JHzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fortunehoroscope.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 25588
content-security-policy: script-src 'report-sample' 'nonce-JMl_NUiUMeJq_QMTh4JHzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 23:36:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 66ms
66ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-44795223-21&cid=889471930.1679182578&jid=1535221461&_u=aGDAAUADQAAAACAAI~&z=614338060

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 23:36:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 52ms
50ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-44795223-21&cid=889471930.1679182578&jid=1535221461&_u=aGDAAUADQAAAACAAI~&z=614338060

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 23:36:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 65ms
65ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-44795223-21&cid=889471930.1679182578&jid=1293115895&_u=aGBAAUACQAAAACAAI~&z=1451820881

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 23:36:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 54ms
54ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-44795223-21&cid=889471930.1679182578&jid=1293115895&_u=aGBAAUACQAAAACAAI~&z=1451820881

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 23:36:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ Frame BB8E 55 KB
24 KB 122ms
40ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeiW9YUAAAAAFURhBO9f0G76vwVZw4tqxb-FW4K&co=aHR0cHM6Ly9mb3J0dW5laG9yb3Njb3BlLmNvbTo0NDM.&hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=2pts9v7bk18k

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 14:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 02:02:14 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 14:38:57 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ Frame BB8E 407 KB
162 KB 121ms
40ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7758a4fd4f12e3dcce82f7ee68f926f28fad12d9073b88eced439b6a6fe12343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 14:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166267
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 02:02:14 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 14:10:14 GMT

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 949feb7d3f630b671c0460b99023f2a832f8297b6da35f51ac48751cf2f12ac8

Request headers

Referer
Origin: https://fortunehoroscope.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b8bb8a322613354c7985ead081b57d8a9ccc0c6b0db4ee60ddab6979909acc0

Request headers

Referer
Origin: https://fortunehoroscope.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-9067164180551135&warn=12&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=false&apv=20230315_103635&sat=1679071352889&afm=0&as_count=0&d_count=0&ng_count=0&am_count=0&atf_count=0&mdns=0&alldns=0&allp=26&pgh=21661&abl=false&rr=n&su=fortunehoroscope.com&pvc=349627051049738&r=0.1&eid=44759875%2C44759842%2C44777876%2C44759926%2C31072954%2C31073102%2C31073104%2C21065725

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 23:36:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame BB8E 2 KB
2 KB 40ms
39ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:21:16 GMT
x-content-type-options: nosniff
age: 116102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 24 Mar 2023 15:21:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BB8E 15 KB
16 KB 793ms
40ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 15:27:04 GMT
x-content-type-options: nosniff
age: 202155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 15:27:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BB8E 15 KB
15 KB 802ms
49ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:28:44 GMT
x-content-type-options: nosniff
age: 277655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Mar 2024 18:28:44 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame BB8E 102 B
132 B 48ms
48ms Other
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e6798f5bcde77b61afb0b5d323ef9f611c3df67da2faccf4e15a954a8ead85fb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeiW9YUAAAAAFURhBO9f0G76vwVZw4tqxb-FW4K&co=aHR0cHM6Ly9mb3J0dW5laG9yb3Njb3BlLmNvbTo0NDM.&hl=de&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&cb=2pts9v7bk18k
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 1; mode=block
expires: Sat, 18 Mar 2023 23:36:18 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame FFC8 0
75 B 41ms
40ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://fortunehoroscope.com
Referer: https://fortunehoroscope.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://fortunehoroscope.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 23:36:19 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 v9e1rx0pdz
event.trk-keingent.com/register/event_log/ 0
0 139ms
138ms Fetch 2606:4700:e6::ac40:c317
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-keingent.com/register/event_log/v9e1rx0pdz

Requested by

Host: trk-keingent.com
URL: https://trk-keingent.com/scripts/push/script/zqd2my4gk3?url=fortunehoroscope.com&alturl=/privacy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c317 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fortunehoroscope.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: application/json

Response headers

expires: 0
date: Sat, 18 Mar 2023 23:36:20 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkQrXiNxyn%2FDhec8R0pG65JCiNtBvw0sYhtSxcOk9U9CzqarhOLxiVRLmuMpayTZITRJRcwv5boZF%2FpAqaAST4ejs25GX6YGLl%2Bb6QxiyUt%2FseEjpMqJyyWNStSMvbN9Yowrzl61ibQJAZP%2BsruYO%2FDZEQP%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://fortunehoroscope.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray: 7aa14c14aaf430c6-FRA
x-pushplatformapp-params

OPTIONS
H2 200 v9e1rx0pdz
event.trk-keingent.com/register/event_log/ Frame 0
0 496ms
409ms Preflight 2606:4700:e6::ac40:c317
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.trk-keingent.com/register/event_log/v9e1rx0pdz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c317 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fortunehoroscope.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://fortunehoroscope.com
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7aa14c12185a30c6-FRA
content-length: 0
date: Sat, 18 Mar 2023 23:36:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sENpLyGsNAHIDhEFhtVM6BXzSvOxSZPHGxgjxR%2FRsU9zwPDF3kEz%2Fa66Nc%2BHYW8QpFb5hxD7%2FYgNamCVKl%2FSK8cn2N9InDG0AHIFJ7dpL7wslU742NIVc9Qz3NTMkua6b7zI5MJlg%2Bqq11zasDMCmrLG0l1l"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

POST
H2 200 v9e1rx0pdz
event.trk-keingent.com/register/event_log/ 0
0 140ms
140ms Fetch 2606:4700:e6::ac40:c317
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-keingent.com/register/event_log/v9e1rx0pdz

Requested by

Host: trk-keingent.com
URL: https://trk-keingent.com/scripts/push/script/zqd2my4gk3?url=fortunehoroscope.com&alturl=/privacy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c317 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fortunehoroscope.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: application/json

Response headers

expires: 0
date: Sat, 18 Mar 2023 23:36:20 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEJ%2B9M47WQCkqkGcMyO2U9uSSE1kA6Zpw3wA4PHw11daZEcvh6QcbYASf0r6P17wId8%2BS32EKzS01fSNx6iGO6rm7OKiiU48IQA8IWEX0JR484pMt9RflhPUwVf3CPiKZ6J2MVLgA6a2QkDdD1GfGvrkCTqr"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://fortunehoroscope.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray: 7aa14c14bb0c30c6-FRA
x-pushplatformapp-params

OPTIONS
H2 200 v9e1rx0pdz
event.trk-keingent.com/register/event_log/ Frame 0
0 510ms
423ms Preflight 2606:4700:e6::ac40:c317
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.trk-keingent.com/register/event_log/v9e1rx0pdz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c317 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fortunehoroscope.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://fortunehoroscope.com
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7aa14c12185e30c6-FRA
content-length: 0
date: Sat, 18 Mar 2023 23:36:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1wFW0o6pqd8f1vcKlOy7V6NeBe4MkyCAUzGZrcWSXv3sAvBL%2F12XeCUdGXlkxPNYAsSSrmEptFHBqDP9KagU14mtoa8oTqGffm%2B9GnLXR8mgieIIQU2wwvz%2BxE7t726geXXlWzau3lX6cvIGlv50AqDrHJr"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 136ms
54ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230315&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff3e4d68fab7ef3e80fcc48aa8563879ed674cb0cf818b361602c1e93443fa0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:36:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11368
x-xss-protection: 0

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 51ms
51ms Image
text/html 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=OPT-W4J6F48&cv=1&t=ol&g=117&p=gtag&l=809&q=715&f=93&e=17&i=35&d=-642&c=219&hc=0&sr=0.050000&ps=0.0013235330330172435&cb=769508708

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:36:19 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK a-013c Show response
i.liadm.com/s/c/ Frame 188A 1 KB
1 KB 640ms
124ms Document
text/html 34.226.103.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-013c?s=&cim=&ps=true&ls=true&duid=c1d235365ad0--01gvvh9g9zs79vyfyste2g5w48&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.226.103.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-226-103-191.compute-1.amazonaws.com

Software

Resource Hash

f324c4ebc416208731c9ab27301a619864b3d430bea2943aa168d7f83c6f0071

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fortunehoroscope.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 660
Content-Type: text/html; charset=UTF-8
Date: Sat, 18 Mar 2023 23:36:20 GMT
Request-Time: 5
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 328ms
50ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:36:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 18 Mar 2023 23:36:19 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8B79 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fortunehoroscope.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2398
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 22:56:22 GMT
expires: Sun, 17 Mar 2024 22:56:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9A1E 783 B
535 B 50ms
49ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1d0a48a538e3e79e08881459062c5dd581124d85e602942772819595de48d867

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-N1OhUE2Yyy_N4JNWi9a08w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fortunehoroscope.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-N1OhUE2Yyy_N4JNWi9a08w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 23:36:20 GMT
expires: Sat, 18 Mar 2023 23:36:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9A1E 0
0 75ms
73ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230315&jk=349627051049738&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B79 36 KB
14 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5479f592d6e0b05a7a9ab0038b24a2a752f262849c81ac0f5161ad26249c3611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 08:58:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14221
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 08:58:02 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8B79 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?co7_nQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:36:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

2529f0fea0f64080bc621c3b71a67b13
i.liadm.com/s/e/a-013c/0/ Frame 188A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-013c%2F0%2F2529f0fea0f64080bc621c3b71a67b13%3Fmuid%3D%5BMM_UUID%5D&f9cc1ae2-90d1-407e-9429-5777d8ebd2b3
https://i.liadm.com/s/e/a-013c/0/2529f0fea0f64080bc621c3b71a67b13?muid=6d986416-4af4-4300-b514-f3f677bbc3ac

43 B
274 B

118ms
118ms

Image
image/gif

34.226.103.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-013c/0/2529f0fea0f64080bc621c3b71a67b13?muid=6d986416-4af4-4300-b514-f3f677bbc3ac

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-013c?s=&cim=&ps=true&ls=true&duid=c1d235365ad0--01gvvh9g9zs79vyfyste2g5w48&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Protocol

HTTP/1.1

Server

34.226.103.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-226-103-191.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:20 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Date: Sat, 18 Mar 2023 23:36:20 GMT
Server: MT3 569 46451a0 master cdg-pixel-x14 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://i.liadm.com/s/e/a-013c/0/2529f0fea0f64080bc621c3b71a67b13?muid=6d986416-4af4-4300-b514-f3f677bbc3ac
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 18 Mar 2023 23:36:19 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 188A 70 B
265 B 173ms
58ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-013c?s=&cim=&ps=true&ls=true&duid=c1d235365ad0--01gvvh9g9zs79vyfyste2g5w48&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 18 Mar 2023 23:36:20 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

52164
i.liadm.com/s/ Frame 188A
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=f9cc1ae2-90d1-407e-9429-5777d8ebd2b3&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=f9cc1ae2-90d1-407e-9429-5777d8ebd2b3&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=6e1eb5b9-c3de-446e-b49e-3ead6eefe0ba
https://x.bidswitch.net/sync?ssp=liveintent&user_id=f9cc1ae2-90d1-407e-9429-5777d8ebd2b3
https://p.rfihub.com/cm?in=1&pub=20513&ssp=liveintent
https://x.bidswitch.net/sync?dsp_id=119&user_id=5142336722268169750&expires=30&ssp=liveintent
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=6e1eb5b9-c3de-446e-b49e-3ead6eefe0ba

43 B
436 B

119ms
119ms

Image
image/gif

34.226.103.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=6e1eb5b9-c3de-446e-b49e-3ead6eefe0ba

Requested by

Protocol

HTTP/1.1

Server

34.226.103.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-226-103-191.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:21 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

location: //i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=6e1eb5b9-c3de-446e-b49e-3ead6eefe0ba
date: Sat, 18 Mar 2023 23:36:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

2529f0fea0f64080bc621c3b71a67b13
i.liadm.com/s/e/a-013c/0/ Frame 188A
Redirect Chain

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=f9cc1ae2-90d1-407e-9429-5777d8ebd2b3&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-013c%2F0%2F2529f0fea0f64080bc621c3b71a67b13%3Fmuid%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=f9cc1ae2-90d1-407e-9429-5777d8ebd2b3&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-013c%2F0%2F2529f0fea0f64080bc621c3b71a67b13%3Fmu...
https://i.liadm.com/s/e/a-013c/0/2529f0fea0f64080bc621c3b71a67b13?muid=18597781003159017094111709859931639553

43 B
274 B

203ms
118ms

Image
image/gif

34.226.103.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-013c/0/2529f0fea0f64080bc621c3b71a67b13?muid=18597781003159017094111709859931639553

Requested by

Protocol

HTTP/1.1

Server

34.226.103.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-226-103-191.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:20 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

DCS: dcs-prod-irl1-1-v046-025f2aae7.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: K50x8bFLQLY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://i.liadm.com/s/e/a-013c/0/2529f0fea0f64080bc621c3b71a67b13?muid=18597781003159017094111709859931639553
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

live_intent_sync
x.dlx.addthis.com/e/ Frame 188A
Redirect Chain

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=f9cc1ae2-90d1-407e-9429-5777d8ebd2b3
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=f9cc1ae2-90d1-407e-9429-5777d8ebd2b3&rd=Y

43 B
603 B

195ms
194ms

Image
image/gif

184.30.17.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=f9cc1ae2-90d1-407e-9429-5777d8ebd2b3&rd=Y

Requested by

Protocol

Server

184.30.17.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-17-14.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

expires: Sat, 18 Mar 2023 23:36:20 GMT
pragma: no-cache
date: Sat, 18 Mar 2023 23:36:20 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.dlx.addthis.com/e/live_intent_sync?na_exid=f9cc1ae2-90d1-407e-9429-5777d8ebd2b3&rd=Y
pragma: no-cache
date: Sat, 18 Mar 2023 23:36:20 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Sat, 18 Mar 2023 23:36:20 GMT

GET
H2 200 /
trc.taboola.com/sg/liveintent/1/cm/ Frame 188A 43 B
372 B 136ms
48ms Image
image/gif 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/liveintent/1/cm/
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-013c?s=&cim=&ps=true&ls=true&duid=c1d235365ad0--01gvvh9g9zs79vyfyste2g5w48&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Sat, 18 Mar 2023 23:36:20 GMT
via: 1.1 varnish
x-served-by: cache-hhn-etou8220034-HHN
server: nginx
x-timer: S1679182580.296359,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

35004
i6.liadm.com/s/ Frame 188A
Redirect Chain

https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=

43 B
436 B

474ms
118ms

Image
image/gif

2600:1f18:ed:550a:167:31e0:ce26:2606
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=

Requested by

Protocol

HTTP/1.1

Server

2600:1f18:ed:550a:167:31e0:ce26:2606 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:36:21 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Date: Sat, 18 Mar 2023 23:36:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
76ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230315&jk=349627051049738&bg=!BgWlBVHNAAZEjmHWZI47ADkAdvg8Wv0stcOs4bTXCjFsvTEl1Plh7iGhkSDblfaDitBadJWjtao6O60zjYH4A5wyKDnIOssZiAICAAAARFIAAAAEaAEHmQK1XJs5JcvoRnWnwXtNSFucZoigumUaVXTXlSX_fVdEjPhWn2k9bE3iH35OBC8EgIYAXePcyFz0FqLt2A0bBros75wYe9lVnuUaBKQcPJA41bK5WtbV-wYBu_r2YctcmyIGKTWcd9-vdeGYHkIKiSwPNQpP5zld2j-dwBE6TBXwJ-sG6OXoqJQPlR-CeuiC-u03K9FBc7sg47sYIW2TBagirNzkV1YF3Y3ebf-vhBaR_X0pNdMUV_t6Oo6zhs7sQNPO12AYjuilJthLtebgKaGXowYWt49ryYd9MZCLdrVO_3xy9Kbm21so2wRwt6ipA52db8Q3o8F6YMP6mvJ4Gybx-e2NiC8FxNV6Z_wSWxjeaW3BcbbIgmfL5TkNgyxvXnzyYyGxd3qpw09BcxsluYAkhkuZkzKN63TPnV8ZERoCixm_gKYbcsW2MsL2YjSWNFbfnqkVNacbej0-D3nIvrk3QNSgaMDMPb3ZJ9PXbDK36vl_CcmdCVbcuJL_DtbXvss5qCBhmyRTIQh2e18jTyFdsIVYzjEHjdAGzJTrIag4ZyVzEKaXVSfzB_kmmZJfbekkfZwDG54191YgTf0ICp5kKVvVXoywojcLrzwDoI_WlJ9a8XAkZB6mEsZKa6AvGATdBaTT5-ftoRbPCYdrVnHNuE7sTmlvW6EMdCU-41QLj-eaU-i4QgIz6nuvsvtd4PYNJL6Nj2BNthNreG76N3TCwl-2gybuBDjJHiLsnyX2WZnExKpdjGEkd9YTh-zWiGvcXeC_wIK4qgbuP2Bwew-TGmw2j1RmwDb625x-H0rloDMBWo-J0GJR6KeHJOROGgUDSs3T13Fj9v3kAgLQwNVWOWcYZLnJBU0cRq28kNJ8BQ2P2jaWepnUBvVaZA1GVTCNV-ffeM3AN_e4DhdvcimsMER59RR_
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fortunehoroscope.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 11:09:34	Name: _li_ss Value: CkUKBQgKEM4UCgUIeRDOFAoFCAYQzhQKBgiBARDOFAoFCAwQ2BQKCQj_____BxDYFAoFCAsQzhQKBgiLARDOFAoFCH4QzhQ
fortunehoroscope.com/	1970-01-20 10:26:24	Name: sc Value: hhohiuocrgmifdtftbrno10110197108
fortunehoroscope.com/	1970-01-20 20:02:22	Name: PHPSESSID Value: sa4lo0q9kpd8ia8njb08indag9
.fortunehoroscope.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .fortunehoroscope.com
.fortunehoroscope.com/	1970-01-20 20:02:22	Name: _lc2_fpi Value: c1d235365ad0--01gvvh9g9zs79vyfyste2g5w48
.fortunehoroscope.com/	1970-01-20 20:02:22	Name: _ga Value: GA1.2.889471930.1679182578
.fortunehoroscope.com/	1970-01-20 10:27:48	Name: _gid Value: GA1.2.692023325.1679182578
.fortunehoroscope.com/	1970-01-20 10:26:22	Name: _gat_gtag_UA_44795223_21 Value: 1
.fortunehoroscope.com/	1970-01-20 10:26:22	Name: _gat_UA-44795223-21 Value: 1
.fortunehoroscope.com/	1970-01-20 12:35:58	Name: _fbp Value: fb.1.1679182578265.1428018577
.fortunehoroscope.com/	1970-01-20 19:47:58	Name: __gads Value: ID=a8162388615342bd-220bcaee5ddd00dd:T=1679182578:RT=1679182578:S=ALNI_MZfEuUwEvdG1ZIWeDKz6RsrGRTZkw
.fortunehoroscope.com/	1970-01-20 19:47:58	Name: __gpi Value: UID=00000bc8227c5994:T=1679182578:RT=1679182578:S=ALNI_MYUoYOCdsL5br35rahONy-TbydNkA
.doubleclick.net/	1970-01-20 19:47:58	Name: IDE Value: AHWqTUkoiHjPfvhSp3vXk9kOZIc2CJUPlip1cadGS3O26O6tLWxPKxbSEGI6dsvgcjk
.liadm.com/	1970-01-20 20:02:22	Name: lidid Value: f9cc1ae2-90d1-407e-9429-5777d8ebd2b3
fortunehoroscope.com/	1970-01-20 10:26:22	Name: _liChk Value: 0.9773966502472453
.bidswitch.net/	1970-01-20 19:11:58	Name: tuuid Value: 6e1eb5b9-c3de-446e-b49e-3ead6eefe0ba
.bidswitch.net/	1970-01-20 19:11:58	Name: c Value: 1679182580
.bidswitch.net/	1970-01-20 19:11:58	Name: tuuid_lu Value: 1679182580
.mathtag.com/	1970-01-20 19:52:17	Name: uuid Value: 6d986416-4af4-4300-b514-f3f677bbc3ac
.demdex.net/	1970-01-20 14:45:34	Name: demdex Value: 18597781003159017094111709859931639553
.addthis.com/	1970-01-20 19:56:36	Name: na_id Value: 2023031823362000012653902547
.addthis.com/	1970-01-20 19:56:36	Name: na_tc Value: Y
.addthis.com/	1970-01-20 19:56:36	Name: uid Value: 64164af4e5f22277
.addthis.com/	1970-01-20 19:56:36	Name: ouid Value: 64164af40001f18c9dd627477422cb4c097d6827d5822e3e836d
.dpm.demdex.net/	1970-01-20 14:45:34	Name: dpm Value: 18597781003159017094111709859931639553
.dlx.addthis.com/	1970-01-20 11:09:34	Name: na_sc_x Value: 1
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MjIyszA0szQ3NRDiM9QNSjI2dCpPSU4Jc6oAAKKuJCElAAAA
.rfihub.com/	1970-01-20 19:47:58	Name: eud Value: H4sIAAAAAAAA_1vFwmtoZm5paGFkamFoaGAIADpJ3qwQAAAA
.rfihub.com/	1970-01-20 19:47:58	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MjIyszA0szQ3NRDiM9QNSjI2dCpPSU4Jc6oAAKKuJCElAAAA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fortunehoroscope.com/src/js.cookie.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	error	URL: https://fortunehoroscope.com/privacy?utm_source=fhdhtofhtiburoncoreg18190500130323w1123&utm_medium=email&utm_content=appDH&utm_campaign=appDH&token=96091b5788b607b2b5449591b48cbd9d Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM platformdirectads.com
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
b-code.liadm.com
b1sync.zemanta.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
dpm.demdex.net
event.trk-keingent.com
fonts.gstatic.com
fortunehoroscope.com
googleads.g.doubleclick.net
i.liadm.com
i6.liadm.com
match.adsrvr.org
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
rp.liadm.com
rp4.liadm.com
stats.g.doubleclick.net
sync.mathtag.com
tpc.googlesyndication.com
trc.taboola.com
trk-keingent.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
x.dlx.addthis.com
xr.captain-star.com
165.232.159.158
176.9.209.36
184.30.17.14
185.29.134.248
193.0.160.131
2001:4de0:ac18::1:a:3a
2600:1f18:730:b140:318:4480:a19a:ad9
2600:1f18:ed:550a:167:31e0:ce26:2606
2600:9000:223c:1e00:8:8845:1500:93a1
2606:4700::6811:190e
2606:4700:e6::ac40:c317
2a00:1450:4001:801::2002
2a00:1450:4001:806::2003
2a00:1450:4001:809::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:827::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:200::300
3.64.174.171
34.226.103.191
34.232.54.150
35.71.131.137
54.194.182.124
64.202.112.63
00ec2239860f172e162037eed3e988ba27359102c5b40a9f3824cabe0a0c1949
01f34fa0a0ee5fed2e68cacb640f2362c0d3d9475b6a53a13aa41c8a724d78f9
078b572e0fc1aa0c55adf03b017fda4d7f79a4649944c81245b2897a862bf7ca
0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec
0ad68e1c336d4faed099d583cb14ea96efa94ff2cc9ba9d4eb9e1ac64462ae52
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
1464cbbe595651b4e221a52c32c6a3e03e4e120ccc81effcd773367515bb1e6d
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17148c5554fcd0cd7578347b58bd6685a10e4d806ab9a137139caae67c84c1d0
19b085e8b36bfdfb510d6452bf06491aa352449e5577d045a25778478a93dcb6
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d0a48a538e3e79e08881459062c5dd581124d85e602942772819595de48d867
1d9dc69b6b5e6eab7c5a6f7082e787d624029ba829184a5b6305ae1ad65a8982
2b8bb8a322613354c7985ead081b57d8a9ccc0c6b0db4ee60ddab6979909acc0
2b9a95a461774964dcd7f852056e3efbaa5c9461add0d81dc6687e1474df8ae3
30817cd840a829ad5272e7e87e0b6bca67c263065c76422ba418d790e19cf6b2
30b4fdd3106974e4470262da0388ade180e3d7f2f53e2e71e9f66c7c871907be
3142d7b242aad746f435b595f58cc6fe3bbf8e8062788fbdff617e53edf90b50
36e5e03f52ae0c896263c626146c3a6c3535c2232ecbd17a1b08acbd9540c478
3946268c0fc98748f3ebb080ea17976c23870e895219893f9ecf2292bfdca13a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
406fdf5cfe291207b943924e16a7293ce07ee8cc7f78de395742f1f81527ad3e
43f7a04c04b3a6d8c091d1e6485b97d340804cb210ad66f863e144e150bdfb17
454e738af55df03c92023e3dde7c86c5f0c020a71c086d96398dd425e73faa64
533788c8485496a53a188d29b7fe5f21853f07181f369fd416fe301f116388f9
5479f592d6e0b05a7a9ab0038b24a2a752f262849c81ac0f5161ad26249c3611
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5f0aaad3676ab5980503960fcd80d79a396d2f334e90cdc20f398d9f9cdbbe16
5f548893bea180db0634511288bc4828e55bcf826414762e6e3c3ba93e8dcddb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63db35ccdc87bc7e5030bf99c2d0c30b118a5acde9dffd0adcc32d7bc654480f
658582b0b5e19d66922542d1944992ae9b931c3bb87499a072d441480070a09d
6f0f0a55c1c1f978b252b2aee1d6383b64499f349491aa5db719c7ace06d7f8d
70f489bb3c80fa6ea2141b242500ccf2136bd6081dafcb66cc8b1aca7120a0dd
73b3f8198e37e3598634e4b48f77ffad460b5d95354592d4b81d963df56ba3f8
73d4081089c02023c399c3503c1913081d65d282951b43e9f8b86697aef52f60
752d510e1c97335217bbac462ff2c08dced3348ffe3fd866f2b167e9439574d2
7758a4fd4f12e3dcce82f7ee68f926f28fad12d9073b88eced439b6a6fe12343
7b14cbb363bf4962b25f7aba673e62d9c5229903220d64f8165a6f07828000ea
8113f0f1e952e6b757353279dedcff2e76ab5560fdf6d1e3af6de766a1c69415
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8622d49bd1a1c65c4ab5edf2ccca30a6041bb7f5c8fddcc3620cf29b903cf35b
87938357eb86e00485493dc097978bac3434c58c2dc6213bdb5d2a66bf647987
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90620d3353d508ee28da0ac531bc53e5224c37bed99f5db5732ab425eef66275
912baaeee4c4c2e2749081a5fbac158950481da90e088ea5687a0dab3b25c2d8
949feb7d3f630b671c0460b99023f2a832f8297b6da35f51ac48751cf2f12ac8
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
960500680872c0088bcbca123310e96f7105ad6f0b71312ac612f83899a3d1a4
99654f54b2fbb6f163867f436087dbf87215600bc1e3285597f7b26bc5671d0b
9c381694d6b032375d82c2b80efbf1289eb9f6c3372cf4c43e4a2e3b21943d7a
a4009ac9cc2a7b7760cf90852437f5452f4a8a1eeeeb1c719960aa521e5744ed
a47064dd270df1c1be7d120f30613a2b63b1561d539c6271eb9df0f657ea037e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
affa97dbb56a9a2b4634bf7eb510b32905d0596cb211669c0dfafa4fd2fa902d
b0998e742a28bc6407f6710342b2c6963242e9bb83803689882346a8b1d2a826
b74f234ae318ac1950f96038783ebfae3d3a8a8971829a09459fc0ba05d73cd0
ba2f57e32fe53f68878070d6a2d276c5b6f102f5188e185d3f745bc316459022
be8eb019a4e69bead8d7fb3ccb56dad5550fea3f585a2e249cbfe3d0b6a4cf53
bee7af5c40f5020c5d151cadf40055e71658f6d16317776eded35e42b3174445
bfb8a5a8b898380ba7efbab5e2f1d6b6aba879ebb93d2c34d5b2cbf05b778c27
c271b7d82596ae48b37859fc64b6d9bad0943838134582c60ac110899f86bce1
c650a1b9c263c60111eedec130756af8cee936dd4025f28fbeafbe682e1afd3d
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d10d2c47828a33c284a7c77a0f570f8d360186cd4549db7b24e0fe5c4d2cfc6e
d34f0697be8005a3e8fdfe6803bb0c27a9ab2ec6730948e2198fb3b762b69105
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46f984735ebda3b8db030c31043afb04a9cbd664054eb7036e0d3fb279a8962
e662d03c88147cae77171d2a8c9fd63d7ec272d0d98f84e147b299e1b0b1f54a
e6798f5bcde77b61afb0b5d323ef9f611c3df67da2faccf4e15a954a8ead85fb
eadb4ec6dbd7c4bbe7ea92150ca359caea46adc9151f719c35d5001811dddc98
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f324c4ebc416208731c9ab27301a619864b3d430bea2943aa168d7f83c6f0071
f39e22a15d3bfb876c091799ef2bc4b25ad891f60e8a0935b8e7d69b9fba49e8
fd3d83d5b999419e5cd8568f3b3116e93843567e7421213ff7d06b9f30a7bbd6
ff3e4d68fab7ef3e80fcc48aa8563879ed674cb0cf818b361602c1e93443fa0d

fortunehoroscope.com Open in urlscan Pro 165.232.159.158 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

98 Requests

94 %HTTPS

67 %IPv6

24 Domains

34 Subdomains

27 IPs

6 Countries

1691 kBTransfer

3893 kBSize

29 Cookies

13 Outgoing links

Page URL History

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fortunehoroscope.com Open in urlscan Pro
165.232.159.158 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

94 %
HTTPS

67 %
IPv6

24
Domains

34
Subdomains

27
IPs

6
Countries

1691 kB
Transfer

3893 kB
Size

29
Cookies

98 HTTP transactions
8 data transactions