www.esmeraldavoyance.com Open in urlscan Pro
163.172.143.73 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://trycars.net/?MTQzNzUzOTYyPTI0MjU0JjIyNTg0MjI9MzgyJjM3PWNsaWNrJm92ZTZ1dT04JmxpZD0yNDc3Ng==
Effective URL:
https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/adver...
Submission: On July 18 via api (July 18th 2019, 9:04:23 pm UTC) from BE

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 6 countries across 16 domains to perform 41 HTTP transactions. The main IP is 163.172.143.73, located in France and belongs to AS12876, FR. The main domain is www.esmeraldavoyance.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 9th 2019. Valid for: 3 months.

This is the only time www.esmeraldavoyance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	71.6.220.98 71.6.220.98	10439 (CARINET) (CARINET - CariNet)
1 1	52.50.109.222 52.50.109.222	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	18.203.122.48 18.203.122.48	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
21	163.172.143.73 163.172.143.73	12876 (AS12876) (AS12876)
1	2a00:1450:400... 2a00:1450:4001:81f::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 4	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	151.101.14.2 151.101.14.2	54113 (FASTLY) (FASTLY - Fastly)
1	52.85.183.245 52.85.183.245	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	2a00:1450:400... 2a00:1450:400c:c02::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	104.155.63.91 104.155.63.91	15169 (GOOGLE) (GOOGLE - Google LLC)
41	12

1 71.6.220.98 (San Diego, United States) 1 redirects

ASN10439 (CARINET - CariNet, Inc., US)
PTR: trycars.net

trycars.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.109.222 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-50-109-222.eu-west-1.compute.amazonaws.com

affiliate.lightyroad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.122.48 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-203-122-48.eu-west-1.compute.amazonaws.com

haof.hoeontrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 163.172.143.73 (France)

ASN12876 (AS12876, FR)
PTR: aff01.esmfr.newlotusweb.net

www.esmeraldavoyance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.190 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.183.245 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-183-245.fra50.r.cloudfront.net

cdn.powerspace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c02::9a (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.155.63.91 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 91.63.155.104.bc.googleusercontent.com

an.pwspace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	esmeraldavoyance.com www.esmeraldavoyance.com	287 KB
4	google-analytics.com 1 redirects www.google-analytics.com	19 KB
3	facebook.com www.facebook.com	732 B
3	facebook.net connect.facebook.net	96 KB
2	google.de www.google.de	218 B
2	google.com 2 redirects www.google.com	382 B
2	doubleclick.net 2 redirects stats.g.doubleclick.net	516 B
1	pwspace.com an.pwspace.com	271 B
1	powerspace.com cdn.powerspace.com	2 KB
1	taboola.com cdn.taboola.com trc.taboola.com Failed	12 KB
1	outbrain.com amplify.outbrain.com tr.outbrain.com Failed amplifypixel.outbrain.com Failed	3 KB
1	googleapis.com fonts.googleapis.com	742 B
1	googletagmanager.com www.googletagmanager.com	33 KB
1	hoeontrack.com 1 redirects haof.hoeontrack.com	2 KB
1	lightyroad.com 1 redirects affiliate.lightyroad.com	2 KB
1	trycars.net 1 redirects trycars.net	393 B
41	16

	Domain	Requested by
21	www.esmeraldavoyance.com	www.esmeraldavoyance.com
4	www.google-analytics.com	1 redirects www.googletagmanager.com www.google-analytics.com www.esmeraldavoyance.com
3	www.facebook.com	www.esmeraldavoyance.com
3	connect.facebook.net	www.esmeraldavoyance.com connect.facebook.net
2	www.google.de	www.esmeraldavoyance.com
2	www.google.com	2 redirects
2	stats.g.doubleclick.net	2 redirects
1	an.pwspace.com	cdn.powerspace.com
1	cdn.powerspace.com	www.esmeraldavoyance.com
1	cdn.taboola.com	www.esmeraldavoyance.com
1	amplify.outbrain.com	www.esmeraldavoyance.com
1	fonts.googleapis.com	www.esmeraldavoyance.com
1	www.googletagmanager.com	www.esmeraldavoyance.com
1	haof.hoeontrack.com	1 redirects
1	affiliate.lightyroad.com	1 redirects
1	trycars.net	1 redirects
0	trc.taboola.com Failed	cdn.taboola.com
0	amplifypixel.outbrain.com Failed	www.esmeraldavoyance.com
0	tr.outbrain.com Failed	www.esmeraldavoyance.com
41	19

This site contains no links.

Subject Issuer	Validity	Valid
esmeraldavoyance.com Let's Encrypt Authority X3	`2019-06-09` - `2019-09-07`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-06-18` - `2019-09-10`	3 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-06-18` - `2019-09-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-06-06` - `2019-09-04`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2018-12-14` - `2020-03-14`	a year	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-04-01` - `2019-09-07`	5 months	crt.sh
cdn.powerspace.com Amazon	`2019-01-15` - `2020-02-15`	a year	crt.sh
www.google.de Google Internet Authority G3	`2019-06-18` - `2019-09-10`	3 months	crt.sh
an.pwspace.com Let's Encrypt Authority X3	`2019-05-24` - `2019-08-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
Frame ID: 6A586828977A9C726550351EC93B465C
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://trycars.net/?MTQzNzUzOTYyPTI0MjU0JjIyNTg0MjI9MzgyJjM3PWNsaWNrJm92ZTZ1dT04JmxpZD0yNDc3Ng== HTTP 302
http://affiliate.lightyroad.com/aff_c?offer_id=2384&aff_id=1001&aff_sub2=382_89.163.249.54_37_193.9.114.59&a... HTTP 302
https://haof.hoeontrack.com/aff_c?offer_id=412&aff_id=2517&url_id=8887&file_id=13185&source=1001&aff_sub... HTTP 302
https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/10... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

Page Statistics

41
Requests

93 %
HTTPS

50 %
IPv6

16
Domains

19
Subdomains

12
IPs

6
Countries

452 kB
Transfer

1124 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://trycars.net/?MTQzNzUzOTYyPTI0MjU0JjIyNTg0MjI9MzgyJjM3PWNsaWNrJm92ZTZ1dT04JmxpZD0yNDc3Ng== HTTP 302
http://affiliate.lightyroad.com/aff_c?offer_id=2384&aff_id=1001&aff_sub2=382_89.163.249.54_37_193.9.114.59&aff_sub3=143753962_2258422_24776 HTTP 302
https://haof.hoeontrack.com/aff_c?offer_id=412&aff_id=2517&url_id=8887&file_id=13185&source=1001&aff_sub=BE&sub2=102816d05d6f047e26a63fd2f85803&sub3=0&sub4=0 HTTP 302
https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j77&tid=UA-74205254-9&cid=1047115626.1563483831&jid=1027223117&gjid=1805582669&_gid=1707326285.1563483831&_u=aGBAgEAL~&z=1438404870 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74205254-9&cid=1047115626.1563483831&jid=1027223117&_v=j77&z=1438404870 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74205254-9&cid=1047115626.1563483831&jid=1027223117&_v=j77&z=1438404870&slf_rd=1&random=1741105323

Request Chain 36

https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1886449495&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.esmeraldavoyance.com%2Flanding_page%2F29&dp=%2Flanding_page%2F29&ul=en-us&de=UTF-8&dt=Votre%20horoscope%202019%20est%20d%C3%A9j%C3%A0%20pr%C3%AAt%2C%20il%20est%20stup%C3%A9fiant&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&cn=Affiliation%3A%20Affiliate%202517%2C%20Offer%20412%2C%20Source%201001&cs=Affiliation%3A%20Source%201001&cm=affiliate&cc=Affiliation%3A%20File%2013185&ec=Landing%20Page&ea=Funnel&el=Step1&_u=aGDAAEAL~&jid=1576160835&gjid=487819226&cid=1047115626.1563483831&tid=UA-74205254-9&_gid=1707326285.1563483831&_r=1&gtm=2wg7f1P9W78J7&cd2=New%20Visitor&cd3=8887&cd4=1001&cd5=13185&cd6=2517&cd7=412&cd8=10219b0d9f0b4251ae2964f2aa432f&cd9=21&cd11=BE&cd19=29&z=991936742 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-74205254-9&cid=1047115626.1563483831&jid=1576160835&_gid=1707326285.1563483831&gjid=487819226&_v=j77&z=991936742 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74205254-9&cid=1047115626.1563483831&jid=1576160835&_v=j77&z=991936742 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74205254-9&cid=1047115626.1563483831&jid=1576160835&_v=j77&z=991936742&slf_rd=1&random=211245070

41 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
Redirect Chain

http://trycars.net/?MTQzNzUzOTYyPTI0MjU0JjIyNTg0MjI9MzgyJjM3PWNsaWNrJm92ZTZ1dT04JmxpZD0yNDc3Ng==
http://affiliate.lightyroad.com/aff_c?offer_id=2384&aff_id=1001&aff_sub2=382_89.163.249.54_37_193.9.114.59&aff_sub3=143753962_2258422_24776
https://haof.hoeontrack.com/aff_c?offer_id=412&aff_id=2517&url_id=8887&file_id=13185&source=1001&aff_sub=BE&sub2=102816d05d6f047e26a63fd2f85803&sub3=0&sub4=0
https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/

45 KB
13 KB

693ms
80ms

Document
text/html

163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

fb53823e4451c70fbbb0001b822f8421b83296579380ccf1dedb5e776428e3ee

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.esmeraldavoyance.com
:scheme: https
:path: /haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 18 Jul 2019 21:03:50 GMT
server: esm-fr-WEB
content-encoding: gzip
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000;
set-cookie: oraculumsession=YTo1OntzOjEwOiJzZXNzaW9uX2lkIjtzOjMyOiJhMTFlYjg0ZWJlMWIwN2Q1ZTE1NzAxNDA3MWQyZWJmYiI7czoxMDoiaXBfYWRkcmVzcyI7czoxMjoiMTkzLjkuMTE0LjU5IjtzOjEwOiJ1c2VyX2FnZW50IjtzOjUwOiJNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcCI7czoxMzoibGFzdF9hY3Rpdml0eSI7aToxNTYzNDc2NjMwO3M6OToidXNlcl9kYXRhIjtzOjA6IiI7fQ%3D%3Ddaa8354f2495670b696afd37276c1167; expires=Thu, 18-Jul-2019 23:03:50 GMT; Max-Age=7200; path=/; domain=.esmeraldavoyance.com; secure; HttpOnly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
referrer-policy: no-referrer-when-downgrade
x-permitted-cross-domain-policies: none
cache-control: max-age=0, private, no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 18 Jul 2019 21:03:50 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
P3P: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Server: nginx/1.13.12
Set-Cookie: aff_ran_url_412=8887; expires=Fri, 19 Jul 2019 21:03:50 GMT; path=/; enc_aff_session_412=ENC03f8c7e4e27692ad38e113f931afa9f88515713a137c782c3ac2b0eb7202f1b96a357274bd16664bc935f318368d9c3baa3ae1a9b0b6f5666e3c8016aea2c939099155d97c5fd79995c7898bcaed178ded90033d4d707a10f011feff7d6d069bc3cd66b3315a71f269d4917dfca519a184e43abe904787d30b25c7d86d118d3c865e78892fc386b867e89a0b848c35b8428fdb3fe7fbff4812a50343f033189181130f1159; expires=Sun, 18 Aug 2019 21:03:50 GMT; path=/; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3NC4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=; expires=Sun, 12 Jun 2022 07:43:50 GMT; path=/;
tracking_id: 10219b0d9f0b4251ae2964f2aa432f
X-Robots-Tag: noindex, nofollow
Content-Length: 372
Connection: keep-alive

GET
H2 200 esmeralda_speak.gif
www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing24/images/ 24 KB
24 KB 55ms
54ms Image
image/gif 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing24/images/esmeralda_speak.gif

Requested by

Host: www.esmeraldavoyance.com
URL: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

0d0a0fee06c8ac1a9dcf88e4cb8d7046ae9045355c9b21e59908b14197cca545

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 21:03:51 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 24025
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:31 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "5e9c-5774e998fb947-br"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 next_button.png
www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing21/images/fr-esm/ 2 KB
2 KB 55ms
55ms Image
image/png 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing21/images/fr-esm/next_button.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

5f66f8b3be1c1e37b7a7b3b52872687c3a55ae6a6e18143107aa0d6f1ca0ea32

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 21:03:51 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 2481
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:31 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "9ce-5774e998f6b26-br"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 send-me_2.png
www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing21/images/fr-esm/ 4 KB
4 KB 110ms
109ms Image
image/png 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing21/images/fr-esm/send-me_2.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

12d2f68ea70f609647cb315795a89ecae4ff16408c7da6fb6d91248a1a315cb0

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 21:03:51 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 4032
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:31 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "fbc-5774e998f6b26-br"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 slide_1.png
www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing21/images/fr-esm/slide/ 11 KB
11 KB 84ms
83ms Image
image/png 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing21/images/fr-esm/slide/slide_1.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

7fe34a15f91c139fcfd72b0432bdf9dee4db568663171844326c66e1779d9a05

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 21:03:51 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 11122
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:31 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "2c12-5774e998f6b26-br"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 slide_2.png
www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing21/images/fr-esm/slide/ 11 KB
11 KB 93ms
92ms Image
image/png 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing21/images/fr-esm/slide/slide_2.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

e54a575349b428fb429b2f18b2ede43e040e09c1bfb01921d2703274abd7de15

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 21:03:51 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 11605
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:31 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "2dc4-5774e998f6b26-br"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 slide_3.png
www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing21/images/fr-esm/slide/ 12 KB
12 KB 93ms
92ms Image
image/png 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing21/images/fr-esm/slide/slide_3.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

800c885177b1235a5ec38acdf99661c7dcb6b24a78caec2d9fe799ffcef31349

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 21:03:51 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 12321
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:31 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "3092-5774e998f6b26-br"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 bootstrap.min.css
www.esmeraldavoyance.com/assets/uicommon/css/libs/bootstrap/3.3.7/ 118 KB
18 KB 138ms
138ms Stylesheet
text/css 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/css/libs/bootstrap/3.3.7/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 21:03:51 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 18167
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:29 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "1d970-5774e997887ae-br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 style.min.css
www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing29/css/ 5 KB
2 KB 55ms
54ms Stylesheet
text/css 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing29/css/style.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

83a6c0dc77bd6b1522523d7994844c074ecc808dfa0bb7eb248b1ccf2e1587af

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 21:03:51 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 1611
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:31 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "1594-5774e99905587-br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 main.min.css
www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing29/css/ 2 KB
750 B 113ms
113ms Stylesheet
text/css 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing29/css/main.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

4394f076c1adf478bab8407bcf73e968fcbc5adc08d07848970679f70c150a91

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 21:03:51 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 689
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:31 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "907-5774e99905587-br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 jquery.min.js Show response
www.esmeraldavoyance.com/assets/uicommon/js/libs/jquery/1.9.1/ 90 KB
31 KB 135ms
134ms Script
application/javascript 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/js/libs/jquery/1.9.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 21:03:51 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 31771
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:30 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "169d5-5774e9983d25a-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 117 KB
33 KB 29ms
15ms Script
application/javascript 2a00:1450:4001:81f::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P9W78J7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0586ebb46e2f7e38bcef3fe9f5f951639ec5ed0d105bdeed193597922f14672e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 21:03:51 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 33078
x-xss-protection: 0
expires: Thu, 18 Jul 2019 21:03:51 GMT

GET
DATA 200
OK truncated
/ 106 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7069ff506334126be902504a7df020cc18779728360181af27ae226e57a730a5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 background.jpg
www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing29/images/ 45 KB
41 KB 128ms
128ms Image
image/jpeg 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing29/images/background.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

f2a1ddf893ef3f5ecf7416ec4fed40f5c8b4aaf673971ad1d29a54c2eac9c58c

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 21:03:51 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 41828
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:31 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "b3da-5774e99905587-br"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 sprite.png
www.esmeraldavoyance.com/assets/uicommon/images/zodiac/theme10/ 59 KB
60 KB 127ms
127ms Image
image/png 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/images/zodiac/theme10/sprite.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

7c97960ad1272b6be0b3c9318231f449668272a5af8e5ab5169ca1bb5e324ad5

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 21:03:51 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 60844
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:30 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "eda8-5774e998299d9-br"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 css
fonts.googleapis.com/ 2 KB
742 B 27ms
14ms Stylesheet
text/css 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:400,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

c7b8a4a350a089a72929b19cbee1fc216c89cb8784bca9a813012d7a2504936f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 18 Jul 2019 21:03:51 GMT
server: ESF
access-control-allow-origin: *
date: Thu, 18 Jul 2019 21:03:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Thu, 18 Jul 2019 21:03:51 GMT

GET
H2 200 steps_manager.min.js Show response
www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing29/js/ 5 KB
2 KB 49ms
49ms Script
application/javascript 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing29/js/steps_manager.min.js?v=1.0.56

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

b7c3f9fa7fa7abdb345f9ace16440177843691936c7ec3c576f2ebed491cbf5d

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 21:03:51 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 1576
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 22 Nov 2018 09:29:54 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "14b6-57b3d826b768c-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 bootstrap.min.js Show response
www.esmeraldavoyance.com/assets/uicommon/js/libs/bootstrap/3.3.7/ 36 KB
9 KB 70ms
69ms Script
application/javascript 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/js/libs/bootstrap/3.3.7/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 21:03:51 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 9522
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:30 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "90b5-5774e99830f09-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 mailcheck.min.js Show response
www.esmeraldavoyance.com/assets/uicommon/js/libs/jquery/plugins/mailcheck/1.1/ 2 KB
970 B 42ms
41ms Script
application/javascript 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/js/libs/jquery/plugins/mailcheck/1.1/mailcheck.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

7090005d203e5e17807ca94e1992fd57076443c8a0aad133803acdc40a1a13ed

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 21:03:51 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 909
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:30 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "8f9-5774e9983f96a-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 lib.min.js Show response
www.esmeraldavoyance.com/assets/uicommon/js/libs/internal/ 4 KB
2 KB 71ms
71ms Script
application/javascript 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/js/libs/internal/lib.min.js?v=1.0.56

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

b3984a514f7c72a70c5074b8bebb588a7eaf423067c52dbe791e29f13b91a4a1

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 21:03:51 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 1500
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:30 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "edc-5774e9983ab4a-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 form_validation.min.js Show response
www.esmeraldavoyance.com/assets/uicommon/js/libs/internal/ 8 KB
1 KB 70ms
70ms Script
application/javascript 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/js/libs/internal/form_validation.min.js?v=1.0.56

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

0a95b7f6a206f86b8e254fc766d436bdb967fa82fd6a527e250c63c49566b630

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 21:03:51 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 1148
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:30 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "1e7a-5774e9983ab4a-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 respond.min.js Show response
www.esmeraldavoyance.com/assets/uicommon/js/libs/respond/1.4.2/ 4 KB
2 KB 59ms
59ms Script
application/javascript 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/js/libs/respond/1.4.2/respond.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

83a8807ef669fa70d0d9375347f5552897f76c6ae8e2e6f97ef592595462d8d1

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 21:03:51 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 1972
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:30 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "1119-5774e9984207a-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
18 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P9W78J7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 Jun 2019 21:35:04 GMT
server: Golfe2
age: 5772
date: Thu, 18 Jul 2019 19:27:39 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17707
expires: Thu, 18 Jul 2019 21:27:39 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 85 KB
23 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

db04a49b93b18d92b102b50dff25ecb06f6aedd156f442bb8d4dc9f2e3a66a34

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 22680
x-xss-protection: 0
pragma: public
x-fb-debug: EbD6+oSoHVXKy8iSIQAKAFzyYhwl9Hy3HYLj/5ZaC6L4wWUO8t3KfcJihEXV3GSZG+VCXMUmYota+Liifs+YsA==
x-fb-trip-id: 2000377899
date: Thu, 18 Jul 2019 21:03:51 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 5 KB
3 KB 95ms
24ms Script
application/x-javascript 2.18.234.190
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.esmeraldavoyance.com
URL: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1c7927b3b67ac0b96d279dcc9b830963f7d3a16ab0b1cc02f346f5df0dac0ceb

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 21:03:51 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 May 2019 14:54:26 GMT
Server: Apache
ETag: "0eec214150d4f41d2863fa9dce77081d:1557240866"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2230
Expires: Thu, 18 Jul 2019 21:23:51 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1200459/ 34 KB
12 KB 100ms
28ms Script
application/javascript 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1200459/tfa.js
Requested by: Host: www.esmeraldavoyance.com
URL: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7d993c1620f97ae46890ae2d3323060aa24f51ad56f951cf747bfde986bfef0

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: EOgA4FJacpdhHCJbJSymP7nodqFyNbR_
content-encoding: gzip
age: 58
x-cache: HIT
status: 200
date: Thu, 18 Jul 2019 21:03:51 GMT
x-amz-replication-status: COMPLETED
content-length: 11399
x-amz-id-2: b3KcQL/sWkNyXt4vxn5pwcybthgRUE6mxX7RbyNBKgDctU01Qp/QuS0oDb6xLqxrhFL+oePPA1I=
x-served-by: cache-fra19133-FRA
last-modified: Tue, 09 Jul 2019 11:33:28 GMT
server: AmazonS3
x-timer: S1563483831.169631,VS0,VE0
etag: "fd8c38d4b90a229398e5b4bd4fb96149"
vary: Accept-Encoding
x-amz-request-id: CF1745AF839D6C3A
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 9
x-cache-hits: 1

GET
H/1.1 200
OK bt.js Show response
cdn.powerspace.com/ 3 KB
2 KB 1106ms
22ms Script
application/javascript 52.85.183.245
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.powerspace.com/bt.js
Requested by: Host: www.esmeraldavoyance.com
URL: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.85.183.245 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-183-245.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 18d1737785b22974e393ce2c06bd072431b035d71018f819f455c8e09173beaf

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 18 Jul 2019 11:27:42 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Mar 2019 10:51:15 GMT
Server: AmazonS3
Age: 34571
Vary: Accept-Encoding
x-amz-meta-version: 2.4.2
Content-Type: application/javascript
Via: 1.1 7922e01ab53e8f36477272573223ab35.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: bfgqajEKeLyHxprwDbxytxxOyi-8NnpziHH2dQ4n7o7OxW5KseCwFw==

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 20:33:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
age: 1801
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 1296
x-xss-protection: 0
expires: Thu, 18 Jul 2019 21:33:50 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
197 B 6ms
5ms Image
image/gif 2a00:1450:4001:806::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j77&a=1886449495&t=pageview&_s=1&dl=https%3A%2F%2Fwww.esmeraldavoyance.com%2Flanding_page%2F29&dp=%2Flanding_page%2F29&ul=en-us&de=UTF-8&dt=Votre%20horoscope%202019%20est%20d%C3%A9j%C3%A0%20pr%C3%AAt%2C%20il%20est%20stup%C3%A9fiant&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&cn=Affiliation%3A%20Affiliate%202517%2C%20Offer%20412%2C%20Source%201001&cs=Affiliation%3A%20Source%201001&cm=affiliate&cc=Affiliation%3A%20File%2013185&_u=aGBAgEAL~&jid=1027223117&gjid=1805582669&cid=1047115626.1563483831&tid=UA-74205254-9&_gid=1707326285.1563483831&gtm=2wg7f1P9W78J7&cd2=New%20Visitor&cd3=8887&cd4=1001&cd5=13185&cd6=2517&cd7=412&cd8=10219b0d9f0b4251ae2964f2aa432f&cd9=21&cd11=BE&cd19=29&z=2104172449

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jul 2019 08:16:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 737230
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j77&tid=UA-74205254-9&cid=1047115626.1563483831&jid=1027223117&gjid=1805582669&_gid=1707326285.1563483831&_u=aGBAgEAL~&z=1438404870
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74205254-9&cid=1047115626.1563483831&jid=1027223117&_v=j77&z=1438404870
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74205254-9&cid=1047115626.1563483831&jid=1027223117&_v=j77&z=1438404870&slf_rd=1&random=1741105323

42 B
109 B

31ms
30ms

Image
image/gif

2a00:1450:4001:814::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74205254-9&cid=1047115626.1563483831&jid=1027223117&_v=j77&z=1438404870&slf_rd=1&random=1741105323

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jul 2019 21:03:51 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jul 2019 21:03:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74205254-9&cid=1047115626.1563483831&jid=1027223117&_v=j77&z=1438404870&slf_rd=1&random=1741105323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 301138380635916 Show response
connect.facebook.net/signals/config/ 301 KB
72 KB 135ms
135ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/301138380635916?v=2.9.1&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

c18c9be51efdb3e5f5fef1895a1be6f391161329929652aaec618640b53c8c87

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: wMdGXl/emOIyYj40LhRwZDNzF6jeRM+dX7GjJQ0sw2mglgwoyZOs3mXDCWaN4B/aHyPbwbVXvCsYyiIampO58g==
x-fb-trip-id: 2000377899
date: Thu, 18 Jul 2019 21:03:51 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 glyphicons.png
www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing24/images/glyphicons/ 22 KB
22 KB 82ms
82ms Image
image/png 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing24/images/glyphicons/glyphicons.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

a38b09fb564502550e63d10f8d572fd94e26821637747981eac784392c7305d2

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing29/css/style.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 21:03:51 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 22071
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:31 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "56c1-5774e998fe057-br"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 glyphicons-halflings-regular.woff2
www.esmeraldavoyance.com/assets/uicommon/css/libs/bootstrap/fonts/ 18 KB
18 KB 35ms
35ms Font
text/plain 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/css/libs/bootstrap/fonts/glyphicons-halflings-regular.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.esmeraldavoyance.com/assets/uicommon/css/libs/bootstrap/3.3.7/bootstrap.min.css
Origin: https://www.esmeraldavoyance.com

Response headers

date: Thu, 18 Jul 2019 21:03:51 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 18015
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:29 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "466c-5774e997887ae-br"
vary: Accept-Encoding
cache-control: max-age=0, private, no-cache, no-store, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET pixel
tr.outbrain.com/ 0
0

GET pixel
amplifypixel.outbrain.com/ 0
0

GET unip
trc.taboola.com/1200459/log/3/ 0
0

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 1 KB
897 B 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 772
x-xss-protection: 0
pragma: public
x-fb-debug: rAohLGNYS68YtHdrpMzoyhLgCJ0jEJETtdniVgKSuXlolaah44gqaEWncXWokROaThoMPsU8kSf+jPEN4jMOpw==
x-fb-trip-id: 2000377899
date: Thu, 18 Jul 2019 21:03:51 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1886449495&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.esmeraldavoyance.com%2Flanding_page%2F29&dp=%2Flanding_page%2F29&ul=en-us&de=UTF-8&dt=Votre...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-74205254-9&cid=1047115626.1563483831&jid=1576160835&_gid=1707326285.1563483831&gjid=487819226&_v=j77&z=991936742
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74205254-9&cid=1047115626.1563483831&jid=1576160835&_v=j77&z=991936742
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74205254-9&cid=1047115626.1563483831&jid=1576160835&_v=j77&z=991936742&slf_rd=1&random=211245070

42 B
109 B

42ms
42ms

Image
image/gif

2a00:1450:4001:814::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74205254-9&cid=1047115626.1563483831&jid=1576160835&_v=j77&z=991936742&slf_rd=1&random=211245070

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jul 2019 21:03:51 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jul 2019 21:03:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74205254-9&cid=1047115626.1563483831&jid=1576160835&_v=j77&z=991936742&slf_rd=1&random=211245070
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
282 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=301138380635916&ev=PageView&dl=https%3A%2F%2Fwww.esmeraldavoyance.com%2Fhaof29%2Furl_id%2F8887%2Ffile_id%2F13185%2Faffiliate_id%2F2517%2Foffer_id%2F412%2Fsource_id%2F1001%2Faff_sub1%2FBE%2Fadvertiser_id%2F21%2Ftrans_id%2F10219b0d9f0b4251ae2964f2aa432f%2Fparams%2F&rl=&if=false&ts=1563483831368&sw=1600&sh=1200&v=2.9.1&r=stable&ec=0&o=30&fbp=fb.1.1563483831367.922506802&it=1563483831119&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 21:03:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Thu, 18 Jul 2019 21:03:51 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
202 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=301138380635916&ev=ViewContent&dl=https%3A%2F%2Fwww.esmeraldavoyance.com%2Fhaof29%2Furl_id%2F8887%2Ffile_id%2F13185%2Faffiliate_id%2F2517%2Foffer_id%2F412%2Fsource_id%2F1001%2Faff_sub1%2FBE%2Fadvertiser_id%2F21%2Ftrans_id%2F10219b0d9f0b4251ae2964f2aa432f%2Fparams%2F&rl=&if=false&ts=1563483831370&sw=1600&sh=1200&v=2.9.1&r=stable&ec=1&o=30&fbp=fb.1.1563483831367.922506802&it=1563483831119&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 21:03:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Thu, 18 Jul 2019 21:03:51 GMT

GET
H2 200 QG99591G Show response
an.pwspace.com/ 50 B
271 B 3180ms
68ms Script
text/plain 104.155.63.91
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.pwspace.com/QG99591G?si=e45e4685-7174-411c-825f-9cd899f422c1&pai=b4147b9f-cba0-446e-8d85-98685b32840b&pstuid=d3593dd7-9cb1-45ac-8ec9-306763add088&fpu=aHR0cHMlM0ElMkYlMkZ3d3cuZXNtZXJhbGRhdm95YW5jZS5jb20lMkZoYW9mMjklMkZ1cmxfaWQlMkY4ODg3JTJGZmlsZV9pZCUyRjEzMTg1JTJGYWZmaWxpYXRlX2lkJTJGMjUxNyUyRm9mZmVyX2lkJTJGNDEyJTJGc291cmNlX2lkJTJGMTAwMSUyRmFmZl9zdWIxJTJGQkUlMkZhZHZlcnRpc2VyX2lkJTJGMjElMkZ0cmFuc19pZCUyRjEwMjE5YjBkOWYwYjQyNTFhZTI5NjRmMmFhNDMyZiUyRnBhcmFtcyUyRg==&callback=__pwcb

Requested by

Host: cdn.powerspace.com
URL: https://cdn.powerspace.com/bt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.155.63.91 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

91.63.155.104.bc.googleusercontent.com

Software

nginx/1.15.9 /

Resource Hash

dd082c689977d9e3016513f6161766858c1524a4dd401558debdbeaa86d35eb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 18 Jul 2019 21:03:55 GMT
server: nginx/1.15.9
content-length: 50
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/plain; charset=UTF-8

GET
H2 200 /
www.facebook.com/tr/ 44 B
248 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=301138380635916&ev=Microdata&dl=https%3A%2F%2Fwww.esmeraldavoyance.com%2Fhaof29%2Furl_id%2F8887%2Ffile_id%2F13185%2Faffiliate_id%2F2517%2Foffer_id%2F412%2Fsource_id%2F1001%2Faff_sub1%2FBE%2Fadvertiser_id%2F21%2Ftrans_id%2F10219b0d9f0b4251ae2964f2aa432f%2Fparams%2F&rl=&if=false&ts=1563483832872&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Votre%20horoscope%202019%20est%20d%C3%A9j%C3%A0%20pr%C3%AAt%2C%20il%20est%20stup%C3%A9fiant%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.1&r=stable&ec=2&o=30&fbp=fb.1.1563483832871.1356156566&it=1563483831119&coo=false&es=automatic&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/10219b0d9f0b4251ae2964f2aa432f/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 18 Jul 2019 21:03:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Thu, 18 Jul 2019 21:03:52 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tr.outbrain.com
URL: https://tr.outbrain.com/pixel?marketerId=000554f01d2de2091075e0e4f47da6dd89&obApiVersion=1.0.11&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.esmeraldavoyance.com%2Fhaof29%2Furl_id%2F8887%2Ffile_id%2F13185%2Faffiliate_id%2F2517%2Foffer_id%2F412%2Fsource_id%2F1001%2Faff_sub1%2FBE%2Fadvertiser_id%2F21%2Ftrans_id%2F10219b0d9f0b4251ae2964f2aa432f%2Fparams%2F&optOut=false&bust=06713728292763761

Domain: amplifypixel.outbrain.com
URL: https://amplifypixel.outbrain.com/pixel?mid=000554f01d2de2091075e0e4f47da6dd89&dl=https%3A%2F%2Fwww.esmeraldavoyance.com%2Fhaof29%2Furl_id%2F8887%2Ffile_id%2F13185%2Faffiliate_id%2F2517%2Foffer_id%2F412%2Fsource_id%2F1001%2Faff_sub1%2FBE%2Fadvertiser_id%2F21%2Ftrans_id%2F10219b0d9f0b4251ae2964f2aa432f%2Fparams%2F&bust=063944621913155

Domain: trc.taboola.com
URL: https://trc.taboola.com/1200459/log/3/unip?en=page_view&tim=1563483831270&ref=N%2FA

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 24) Message: [Facebook Pixel] - Duplicate Pixel ID: 301138380635916.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affiliate.lightyroad.com
amplify.outbrain.com
amplifypixel.outbrain.com
an.pwspace.com
cdn.powerspace.com
cdn.taboola.com
connect.facebook.net
fonts.googleapis.com
haof.hoeontrack.com
stats.g.doubleclick.net
tr.outbrain.com
trc.taboola.com
trycars.net
www.esmeraldavoyance.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
amplifypixel.outbrain.com
tr.outbrain.com
trc.taboola.com
104.155.63.91
151.101.14.2
163.172.143.73
18.203.122.48
2.18.234.190
2a00:1450:4001:806::200e
2a00:1450:4001:809::200a
2a00:1450:4001:814::2003
2a00:1450:4001:81f::2004
2a00:1450:4001:81f::2008
2a00:1450:400c:c02::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.50.109.222
52.85.183.245
71.6.220.98
0586ebb46e2f7e38bcef3fe9f5f951639ec5ed0d105bdeed193597922f14672e
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0a95b7f6a206f86b8e254fc766d436bdb967fa82fd6a527e250c63c49566b630
0d0a0fee06c8ac1a9dcf88e4cb8d7046ae9045355c9b21e59908b14197cca545
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12d2f68ea70f609647cb315795a89ecae4ff16408c7da6fb6d91248a1a315cb0
18d1737785b22974e393ce2c06bd072431b035d71018f819f455c8e09173beaf
1c7927b3b67ac0b96d279dcc9b830963f7d3a16ab0b1cc02f346f5df0dac0ceb
4394f076c1adf478bab8407bcf73e968fcbc5adc08d07848970679f70c150a91
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5f66f8b3be1c1e37b7a7b3b52872687c3a55ae6a6e18143107aa0d6f1ca0ea32
7069ff506334126be902504a7df020cc18779728360181af27ae226e57a730a5
7090005d203e5e17807ca94e1992fd57076443c8a0aad133803acdc40a1a13ed
7c97960ad1272b6be0b3c9318231f449668272a5af8e5ab5169ca1bb5e324ad5
7fe34a15f91c139fcfd72b0432bdf9dee4db568663171844326c66e1779d9a05
800c885177b1235a5ec38acdf99661c7dcb6b24a78caec2d9fe799ffcef31349
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a6c0dc77bd6b1522523d7994844c074ecc808dfa0bb7eb248b1ccf2e1587af
83a8807ef669fa70d0d9375347f5552897f76c6ae8e2e6f97ef592595462d8d1
a38b09fb564502550e63d10f8d572fd94e26821637747981eac784392c7305d2
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
b3984a514f7c72a70c5074b8bebb588a7eaf423067c52dbe791e29f13b91a4a1
b7c3f9fa7fa7abdb345f9ace16440177843691936c7ec3c576f2ebed491cbf5d
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c18c9be51efdb3e5f5fef1895a1be6f391161329929652aaec618640b53c8c87
c7b8a4a350a089a72929b19cbee1fc216c89cb8784bca9a813012d7a2504936f
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
db04a49b93b18d92b102b50dff25ecb06f6aedd156f442bb8d4dc9f2e3a66a34
dd082c689977d9e3016513f6161766858c1524a4dd401558debdbeaa86d35eb2
e54a575349b428fb429b2f18b2ede43e040e09c1bfb01921d2703274abd7de15
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a1ddf893ef3f5ecf7416ec4fed40f5c8b4aaf673971ad1d29a54c2eac9c58c
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f7d993c1620f97ae46890ae2d3323060aa24f51ad56f951cf747bfde986bfef0
fb53823e4451c70fbbb0001b822f8421b83296579380ccf1dedb5e776428e3ee
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

www.esmeraldavoyance.com Open in urlscan Pro 163.172.143.73 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

93 %HTTPS

50 %IPv6

16 Domains

19 Subdomains

12 IPs

6 Countries

452 kBTransfer

1124 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.esmeraldavoyance.com Open in urlscan Pro
163.172.143.73 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

93 %
HTTPS

50 %
IPv6

16
Domains

19
Subdomains

12
IPs

6
Countries

452 kB
Transfer

1124 kB
Size

0
Cookies

41 HTTP transactions
1 data transactions