www.esmeraldavoyance.com Open in urlscan Pro
163.172.143.73 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://trycars.net/?NzQ3NzYyMjc9MjQyNTQmMjI0MzEzMz0zODImMzc9Y2xpY2smaHQwa2ZkPTgmbGlkPTE1NjQx
Effective URL:
https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/adver...
Submission: On July 05 via api (July 5th 2019, 11:10:23 am UTC) from BE

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 6 countries across 16 domains to perform 41 HTTP transactions. The main IP is 163.172.143.73, located in France and belongs to AS12876, FR. The main domain is www.esmeraldavoyance.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 9th 2019. Valid for: 3 months.

This is the only time www.esmeraldavoyance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	71.6.220.98 71.6.220.98	10439 (CARINET) (CARINET - CariNet)
1 1	54.72.199.154 54.72.199.154	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	52.49.98.48 52.49.98.48	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
21	163.172.143.73 163.172.143.73	12876 (AS12876) (AS12876)
1	2a00:1450:400... 2a00:1450:4001:81b::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 4	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY - Fastly)
1	54.230.202.234 54.230.202.234	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	2a00:1450:400... 2a00:1450:4001:816::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	70.42.32.51 70.42.32.51	22075 (AS-OUTBRAIN) (AS-OUTBRAIN - Outbrain)
41	12

1 71.6.220.98 (San Diego, United States) 1 redirects

ASN10439 (CARINET - CariNet, Inc., US)
PTR: trycars.net

trycars.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.199.154 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-199-154.eu-west-1.compute.amazonaws.com

affiliate.lightyroad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.98.48 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-49-98-48.eu-west-1.compute.amazonaws.com

haof.hoeontrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 163.172.143.73 (France)

ASN12876 (AS12876, FR)
PTR: aff01.esmfr.newlotusweb.net

www.esmeraldavoyance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:819::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.190 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.202.234 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-202-234.fra50.r.cloudfront.net

cdn.powerspace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9d (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.51 (United States)

ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US)
PTR: ny.outbrain.com

amplifypixel.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	esmeraldavoyance.com www.esmeraldavoyance.com	287 KB
4	google-analytics.com 1 redirects www.google-analytics.com	19 KB
3	facebook.com www.facebook.com	594 B
3	outbrain.com amplify.outbrain.com tr.outbrain.com amplifypixel.outbrain.com	3 KB
3	facebook.net connect.facebook.net	78 KB
2	google.de www.google.de	218 B
2	google.com 2 redirects www.google.com	383 B
2	doubleclick.net 2 redirects stats.g.doubleclick.net	320 B
1	googleapis.com fonts.googleapis.com	526 B
1	powerspace.com cdn.powerspace.com	2 KB
1	taboola.com cdn.taboola.com trc.taboola.com Failed	12 KB
1	googletagmanager.com www.googletagmanager.com	32 KB
1	hoeontrack.com 1 redirects haof.hoeontrack.com	2 KB
1	lightyroad.com 1 redirects affiliate.lightyroad.com	2 KB
1	trycars.net 1 redirects trycars.net	393 B
0	pwspace.com Failed an.pwspace.com Failed
41	16

	Domain	Requested by
21	www.esmeraldavoyance.com	www.esmeraldavoyance.com
4	www.google-analytics.com	1 redirects www.googletagmanager.com www.google-analytics.com www.esmeraldavoyance.com
3	www.facebook.com	www.esmeraldavoyance.com
3	connect.facebook.net	www.esmeraldavoyance.com connect.facebook.net
2	www.google.de	www.esmeraldavoyance.com
2	www.google.com	2 redirects
2	stats.g.doubleclick.net	2 redirects
1	amplifypixel.outbrain.com	www.esmeraldavoyance.com
1	tr.outbrain.com	www.esmeraldavoyance.com
1	fonts.googleapis.com	www.esmeraldavoyance.com
1	cdn.powerspace.com	www.esmeraldavoyance.com
1	cdn.taboola.com	www.esmeraldavoyance.com
1	amplify.outbrain.com	www.esmeraldavoyance.com
1	www.googletagmanager.com	www.esmeraldavoyance.com
1	haof.hoeontrack.com	1 redirects
1	affiliate.lightyroad.com	1 redirects
1	trycars.net	1 redirects
0	trc.taboola.com Failed	cdn.taboola.com
0	an.pwspace.com Failed	cdn.powerspace.com
41	19

This site contains no links.

Subject Issuer	Validity	Valid
esmeraldavoyance.com Let's Encrypt Authority X3	`2019-06-09` - `2019-09-07`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-06-06` - `2019-09-04`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2018-12-14` - `2020-03-14`	a year	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-04-01` - `2019-09-07`	5 months	crt.sh
cdn.powerspace.com Amazon	`2019-01-15` - `2020-02-15`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-06-18` - `2019-09-10`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
Frame ID: 6B5499131EDA7C1EB2443E859C1E5463
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://trycars.net/?NzQ3NzYyMjc9MjQyNTQmMjI0MzEzMz0zODImMzc9Y2xpY2smaHQwa2ZkPTgmbGlkPTE1NjQx HTTP 302
http://affiliate.lightyroad.com/aff_c?offer_id=2384&aff_id=1001&aff_sub2=382_64.44.136.105_37_82.102.19.198&... HTTP 302
https://haof.hoeontrack.com/aff_c?offer_id=412&aff_id=2517&url_id=8887&file_id=13185&source=1001&aff_sub... HTTP 302
https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/10... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

Page Statistics

41
Requests

95 %
HTTPS

50 %
IPv6

16
Domains

19
Subdomains

12
IPs

6
Countries

433 kB
Transfer

1017 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://trycars.net/?NzQ3NzYyMjc9MjQyNTQmMjI0MzEzMz0zODImMzc9Y2xpY2smaHQwa2ZkPTgmbGlkPTE1NjQx HTTP 302
http://affiliate.lightyroad.com/aff_c?offer_id=2384&aff_id=1001&aff_sub2=382_64.44.136.105_37_82.102.19.198&aff_sub3=74776227_2243133_15641 HTTP 302
https://haof.hoeontrack.com/aff_c?offer_id=412&aff_id=2517&url_id=8887&file_id=13185&source=1001&aff_sub=BE&sub2=102a690ca5775ae9c4eb8423bc8a83&sub3=0&sub4=0 HTTP 302
https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j77&tid=UA-74205254-9&cid=552881755.1562324994&jid=677424687&gjid=1732799197&_gid=331697404.1562324994&_u=aGBAgEAL~&z=1688590678 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74205254-9&cid=552881755.1562324994&jid=677424687&_v=j77&z=1688590678 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74205254-9&cid=552881755.1562324994&jid=677424687&_v=j77&z=1688590678&slf_rd=1&random=3931944073

Request Chain 35

https://www.google-analytics.com/r/collect?v=1&_v=j77&a=540732710&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.esmeraldavoyance.com%2Flanding_page%2F29&dp=%2Flanding_page%2F29&ul=en-us&de=UTF-8&dt=Votre%20horoscope%202019%20est%20d%C3%A9j%C3%A0%20pr%C3%AAt%2C%20il%20est%20stup%C3%A9fiant&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&cn=Affiliation%3A%20Affiliate%202517%2C%20Offer%20412%2C%20Source%201001&cs=Affiliation%3A%20Source%201001&cm=affiliate&cc=Affiliation%3A%20File%2013185&ec=Landing%20Page&ea=Funnel&el=Step1&_u=aGDAAEAL~&jid=1397868527&gjid=1238970114&cid=552881755.1562324994&tid=UA-74205254-9&_gid=331697404.1562324994&_r=1&gtm=2wg6k2P9W78J7&cd2=New%20Visitor&cd3=8887&cd4=1001&cd5=13185&cd6=2517&cd7=412&cd8=102c9e49127e39abcbe270211c3057&cd9=21&cd11=BE&cd19=29&z=697012277 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-74205254-9&cid=552881755.1562324994&jid=1397868527&_gid=331697404.1562324994&gjid=1238970114&_v=j77&z=697012277 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74205254-9&cid=552881755.1562324994&jid=1397868527&_v=j77&z=697012277 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74205254-9&cid=552881755.1562324994&jid=1397868527&_v=j77&z=697012277&slf_rd=1&random=1950043662

41 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
Redirect Chain

http://trycars.net/?NzQ3NzYyMjc9MjQyNTQmMjI0MzEzMz0zODImMzc9Y2xpY2smaHQwa2ZkPTgmbGlkPTE1NjQx
http://affiliate.lightyroad.com/aff_c?offer_id=2384&aff_id=1001&aff_sub2=382_64.44.136.105_37_82.102.19.198&aff_sub3=74776227_2243133_15641
https://haof.hoeontrack.com/aff_c?offer_id=412&aff_id=2517&url_id=8887&file_id=13185&source=1001&aff_sub=BE&sub2=102a690ca5775ae9c4eb8423bc8a83&sub3=0&sub4=0
https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/

45 KB
13 KB

726ms
82ms

Document
text/html

163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

149a879e4e70a7bbcd590609cd66727302c327b40c3f11851601dfdc5e063385

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.esmeraldavoyance.com
:scheme: https
:path: /haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 05 Jul 2019 11:09:53 GMT
server: esm-fr-WEB
content-encoding: gzip
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000;
set-cookie: oraculumsession=YTo1OntzOjEwOiJzZXNzaW9uX2lkIjtzOjMyOiIyMDg4YzI2YjQ0ODZkNzIzZDY0NjE3ZjZkOTFjN2IyMSI7czoxMDoiaXBfYWRkcmVzcyI7czoxMzoiODIuMTAyLjE5LjE5OCI7czoxMDoidXNlcl9hZ2VudCI7czo1MDoiTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXAiO3M6MTM6Imxhc3RfYWN0aXZpdHkiO2k6MTU2MjMxNzc5MztzOjk6InVzZXJfZGF0YSI7czowOiIiO30%3D16e95e00aef90fad1639731f0f93a76a; expires=Fri, 05-Jul-2019 13:09:53 GMT; Max-Age=7200; path=/; domain=.esmeraldavoyance.com; secure; HttpOnly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
referrer-policy: no-referrer-when-downgrade
x-permitted-cross-domain-policies: none
cache-control: max-age=0, private, no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 05 Jul 2019 11:09:53 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
P3P: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Server: nginx/1.13.12
Set-Cookie: aff_ran_url_412=8887; expires=Sat, 06 Jul 2019 11:09:53 GMT; path=/; enc_aff_session_412=ENC032d236e1c8a9a586d6f915326b80e98072d9be0a9349efd583c003798420100454bc68a2cf00f8eed84c022c38b4a71f6e2c3b967e146362010ff17a52114aa053eacf25d8b970a8f11e9738bbd8dfb9849f71b822d2f332d40f18da868cf94428ce13dd8490c8ed1be89415078aa5ad8d53e2a91ce9d81aa84465739bde7eb15990fe5f80da339a9526babf0f179f55df6ca57a04ec276ea082696aa5cd23c583a9812ca; expires=Mon, 05 Aug 2019 11:09:53 GMT; path=/; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3NC4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=; expires=Sun, 29 May 2022 21:49:53 GMT; path=/;
tracking_id: 102c9e49127e39abcbe270211c3057
X-Robots-Tag: noindex, nofollow
Content-Length: 372
Connection: keep-alive

GET
H2 200 esmeralda_speak.gif
www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing24/images/ 24 KB
24 KB 123ms
122ms Image
image/gif 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing24/images/esmeralda_speak.gif

Requested by

Host: www.esmeraldavoyance.com
URL: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

0d0a0fee06c8ac1a9dcf88e4cb8d7046ae9045355c9b21e59908b14197cca545

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 05 Jul 2019 11:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 24025
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:31 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "5e9c-5774e998fb947-br"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 next_button.png
www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing21/images/fr-esm/ 2 KB
2 KB 63ms
62ms Image
image/png 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing21/images/fr-esm/next_button.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

5f66f8b3be1c1e37b7a7b3b52872687c3a55ae6a6e18143107aa0d6f1ca0ea32

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 05 Jul 2019 11:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 2481
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:31 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "9ce-5774e998f6b26-br"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 send-me_2.png
www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing21/images/fr-esm/ 4 KB
4 KB 119ms
118ms Image
image/png 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing21/images/fr-esm/send-me_2.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

12d2f68ea70f609647cb315795a89ecae4ff16408c7da6fb6d91248a1a315cb0

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 05 Jul 2019 11:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 4032
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:31 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "fbc-5774e998f6b26-br"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 slide_1.png
www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing21/images/fr-esm/slide/ 11 KB
11 KB 75ms
75ms Image
image/png 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing21/images/fr-esm/slide/slide_1.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

7fe34a15f91c139fcfd72b0432bdf9dee4db568663171844326c66e1779d9a05

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 05 Jul 2019 11:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 11122
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:31 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "2c12-5774e998f6b26-br"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 slide_2.png
www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing21/images/fr-esm/slide/ 11 KB
11 KB 75ms
75ms Image
image/png 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing21/images/fr-esm/slide/slide_2.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

e54a575349b428fb429b2f18b2ede43e040e09c1bfb01921d2703274abd7de15

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 05 Jul 2019 11:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 11605
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:31 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "2dc4-5774e998f6b26-br"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 slide_3.png
www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing21/images/fr-esm/slide/ 12 KB
12 KB 120ms
119ms Image
image/png 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing21/images/fr-esm/slide/slide_3.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

800c885177b1235a5ec38acdf99661c7dcb6b24a78caec2d9fe799ffcef31349

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 05 Jul 2019 11:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 12321
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:31 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "3092-5774e998f6b26-br"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 bootstrap.min.css
www.esmeraldavoyance.com/assets/uicommon/css/libs/bootstrap/3.3.7/ 118 KB
18 KB 122ms
122ms Stylesheet
text/css 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/css/libs/bootstrap/3.3.7/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 05 Jul 2019 11:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 18167
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:29 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "1d970-5774e997887ae-br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 style.min.css
www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing29/css/ 5 KB
2 KB 62ms
61ms Stylesheet
text/css 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing29/css/style.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

83a6c0dc77bd6b1522523d7994844c074ecc808dfa0bb7eb248b1ccf2e1587af

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 05 Jul 2019 11:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 1611
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:31 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "1594-5774e99905587-br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 main.min.css
www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing29/css/ 2 KB
750 B 62ms
62ms Stylesheet
text/css 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing29/css/main.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

4394f076c1adf478bab8407bcf73e968fcbc5adc08d07848970679f70c150a91

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 05 Jul 2019 11:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 689
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:31 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "907-5774e99905587-br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 jquery.min.js Show response
www.esmeraldavoyance.com/assets/uicommon/js/libs/jquery/1.9.1/ 90 KB
31 KB 120ms
119ms Script
application/javascript 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/js/libs/jquery/1.9.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 05 Jul 2019 11:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 31771
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:30 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "169d5-5774e9983d25a-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 114 KB
32 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:81b::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P9W78J7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

446444822f1c20333692b80dbe388970efd3fd60f9e4d777385f13e912dd317e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 05 Jul 2019 11:09:54 GMT
content-encoding: br
last-modified: Fri, 05 Jul 2019 09:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 32307
x-xss-protection: 0
expires: Fri, 05 Jul 2019 11:09:54 GMT

GET
DATA 200
OK truncated
/ 106 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7069ff506334126be902504a7df020cc18779728360181af27ae226e57a730a5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 background.jpg
www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing29/images/ 45 KB
41 KB 98ms
98ms Image
image/jpeg 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing29/images/background.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

f2a1ddf893ef3f5ecf7416ec4fed40f5c8b4aaf673971ad1d29a54c2eac9c58c

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 05 Jul 2019 11:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 41828
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:31 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "b3da-5774e99905587-br"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 sprite.png
www.esmeraldavoyance.com/assets/uicommon/images/zodiac/theme10/ 59 KB
60 KB 98ms
98ms Image
image/png 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/images/zodiac/theme10/sprite.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

7c97960ad1272b6be0b3c9318231f449668272a5af8e5ab5169ca1bb5e324ad5

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 05 Jul 2019 11:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 60844
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:30 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "eda8-5774e998299d9-br"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P9W78J7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 Jun 2019 21:35:04 GMT
server: Golfe2
age: 1366
date: Fri, 05 Jul 2019 10:47:08 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17707
expires: Fri, 05 Jul 2019 12:47:08 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 53 KB
17 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 16120
x-xss-protection: 0
pragma: public
x-fb-debug: Cj0aa/HFyKG5WPbLck36JZf55R4yQGGm5T77DC+cBc2K0LA5a7vAwy+rjFag81ONjO6dA1NFqkhVi7Lu6Cf6Fg==
x-fb-trip-id: 997090344
date: Fri, 05 Jul 2019 11:09:54 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 5 KB
3 KB 162ms
66ms Script
application/x-javascript 2.18.234.190
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.esmeraldavoyance.com
URL: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1c7927b3b67ac0b96d279dcc9b830963f7d3a16ab0b1cc02f346f5df0dac0ceb

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 05 Jul 2019 11:09:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 May 2019 14:54:26 GMT
Server: Apache
ETag: "0eec214150d4f41d2863fa9dce77081d:1557240866"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2230
Expires: Fri, 05 Jul 2019 11:29:54 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1200459/ 34 KB
12 KB 7287ms
31ms Script
application/javascript 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1200459/tfa.js
Requested by: Host: www.esmeraldavoyance.com
URL: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bdda815541113740d0ff2e020e8d29414e82d43dcb92fe46bb46583f6ee1938

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: nBvJ4PUcq3jHMOYsoK_ViTHGDsE779AW
content-encoding: gzip
age: 89
x-cache: HIT
status: 200
date: Fri, 05 Jul 2019 11:10:01 GMT
x-amz-replication-status: PENDING
content-length: 11400
x-amz-id-2: woiAhL/eVPEx4dijXquDpcrCXfZK0TeDpoBzG0W/bLm3baoiByY+NJMF2tq562Yro7Y0ITp22/s=
x-served-by: cache-hhn4045-HHN
last-modified: Mon, 01 Jul 2019 08:07:54 GMT
server: AmazonS3
x-timer: S1562325001.317067,VS0,VE1
etag: "466459543e9da5717b3b978a1bc4b380"
vary: Accept-Encoding
x-amz-request-id: C2CFE8C54A3B7756
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 67
x-cache-hits: 1

GET
H/1.1 200
OK bt.js Show response
cdn.powerspace.com/ 3 KB
2 KB 7288ms
37ms Script
application/javascript 54.230.202.234
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.powerspace.com/bt.js
Requested by: Host: www.esmeraldavoyance.com
URL: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.202.234 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-202-234.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 18d1737785b22974e393ce2c06bd072431b035d71018f819f455c8e09173beaf

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 05 May 2019 01:10:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Mar 2019 10:51:15 GMT
Server: AmazonS3
Age: 85442
Vary: Accept-Encoding
x-amz-meta-version: 2.4.2
Content-Type: application/javascript
Via: 1.1 7922e01ab53e8f36477272573223ab35.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: EIk4oxk_pI8LlK23R0L1hv-PYxVQ8StMTURSD65yG7JuMu8H0_qerw==

GET
H2 200 css
fonts.googleapis.com/ 2 KB
526 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:816::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:400,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

c7b8a4a350a089a72929b19cbee1fc216c89cb8784bca9a813012d7a2504936f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 05 Jul 2019 11:09:54 GMT
server: ESF
access-control-allow-origin: *
date: Fri, 05 Jul 2019 11:09:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Fri, 05 Jul 2019 11:09:54 GMT

GET
H2 200 steps_manager.min.js Show response
www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing29/js/ 5 KB
2 KB 134ms
133ms Script
application/javascript 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing29/js/steps_manager.min.js?v=1.0.55

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

b7c3f9fa7fa7abdb345f9ace16440177843691936c7ec3c576f2ebed491cbf5d

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 05 Jul 2019 11:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 1576
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 22 Nov 2018 09:29:54 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "14b6-57b3d826b768c-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 bootstrap.min.js Show response
www.esmeraldavoyance.com/assets/uicommon/js/libs/bootstrap/3.3.7/ 36 KB
9 KB 134ms
133ms Script
application/javascript 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/js/libs/bootstrap/3.3.7/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 05 Jul 2019 11:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 9522
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:30 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "90b5-5774e99830f09-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 mailcheck.min.js Show response
www.esmeraldavoyance.com/assets/uicommon/js/libs/jquery/plugins/mailcheck/1.1/ 2 KB
970 B 134ms
133ms Script
application/javascript 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/js/libs/jquery/plugins/mailcheck/1.1/mailcheck.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

7090005d203e5e17807ca94e1992fd57076443c8a0aad133803acdc40a1a13ed

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 05 Jul 2019 11:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 909
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:30 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "8f9-5774e9983f96a-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 lib.min.js Show response
www.esmeraldavoyance.com/assets/uicommon/js/libs/internal/ 4 KB
2 KB 133ms
133ms Script
application/javascript 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/js/libs/internal/lib.min.js?v=1.0.55

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

b3984a514f7c72a70c5074b8bebb588a7eaf423067c52dbe791e29f13b91a4a1

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 05 Jul 2019 11:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 1500
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:30 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "edc-5774e9983ab4a-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 form_validation.min.js Show response
www.esmeraldavoyance.com/assets/uicommon/js/libs/internal/ 8 KB
1 KB 134ms
134ms Script
application/javascript 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/js/libs/internal/form_validation.min.js?v=1.0.55

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

0a95b7f6a206f86b8e254fc766d436bdb967fa82fd6a527e250c63c49566b630

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 05 Jul 2019 11:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 1148
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:30 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "1e7a-5774e9983ab4a-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 respond.min.js Show response
www.esmeraldavoyance.com/assets/uicommon/js/libs/respond/1.4.2/ 4 KB
2 KB 133ms
133ms Script
application/javascript 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/js/libs/respond/1.4.2/respond.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

83a8807ef669fa70d0d9375347f5552897f76c6ae8e2e6f97ef592595462d8d1

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 05 Jul 2019 11:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 1972
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:30 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "1119-5774e9984207a-br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 05 Jul 2019 10:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
age: 2541
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 1296
x-xss-protection: 0
expires: Fri, 05 Jul 2019 11:27:33 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
5ms Image
image/gif 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j77&a=540732710&t=pageview&_s=1&dl=https%3A%2F%2Fwww.esmeraldavoyance.com%2Flanding_page%2F29&dp=%2Flanding_page%2F29&ul=en-us&de=UTF-8&dt=Votre%20horoscope%202019%20est%20d%C3%A9j%C3%A0%20pr%C3%AAt%2C%20il%20est%20stup%C3%A9fiant&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&cn=Affiliation%3A%20Affiliate%202517%2C%20Offer%20412%2C%20Source%201001&cs=Affiliation%3A%20Source%201001&cm=affiliate&cc=Affiliation%3A%20File%2013185&_u=aGBAgEAL~&jid=677424687&gjid=1732799197&cid=552881755.1562324994&tid=UA-74205254-9&_gid=331697404.1562324994&gtm=2wg6k2P9W78J7&cd2=New%20Visitor&cd3=8887&cd4=1001&cd5=13185&cd6=2517&cd7=412&cd8=102c9e49127e39abcbe270211c3057&cd9=21&cd11=BE&cd19=29&z=305239837

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jun 2019 00:00:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1854591
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j77&tid=UA-74205254-9&cid=552881755.1562324994&jid=677424687&gjid=1732799197&_gid=331697404.1562324994&_u=aGBAgEAL~&z=1688590678
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74205254-9&cid=552881755.1562324994&jid=677424687&_v=j77&z=1688590678
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74205254-9&cid=552881755.1562324994&jid=677424687&_v=j77&z=1688590678&slf_rd=1&random=3931944073

42 B
109 B

68ms
67ms

Image
image/gif

2a00:1450:4001:815::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74205254-9&cid=552881755.1562324994&jid=677424687&_v=j77&z=1688590678&slf_rd=1&random=3931944073

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jul 2019 11:09:54 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Jul 2019 11:09:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74205254-9&cid=552881755.1562324994&jid=677424687&_v=j77&z=1688590678&slf_rd=1&random=3931944073
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 301138380635916 Show response
connect.facebook.net/signals/config/ 229 KB
61 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/301138380635916?v=2.8.51&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

8116d47ac2a7cb15c7e6b97aa8d891f0bcc665c8514ca674c439aba27d78f0a6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 61476
x-xss-protection: 0
pragma: public
x-fb-debug: ubHjHrKdxVT2/bFsNI3F5A5n0aPrMzOM8Rp97H1AQH56UOTBCVywuXST9nS0orKjuSE5bYunS3UxkrZToyajkA==
x-fb-trip-id: 997090344
date: Fri, 05 Jul 2019 11:09:54 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 1 KB
898 B 6ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.51

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 772
x-xss-protection: 0
pragma: public
x-fb-debug: St6rwwSwDG254fCQX2mPMRu6DgmJ1dipXQ6E8HLfTnncEMUVrt2XZ7xNH4edLpVKF9XxECdImdt02OLItS+UnQ==
x-fb-trip-id: 997090344
date: Fri, 05 Jul 2019 11:09:54 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
248 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=301138380635916&ev=PageView&dl=https%3A%2F%2Fwww.esmeraldavoyance.com%2Fhaof29%2Furl_id%2F8887%2Ffile_id%2F13185%2Faffiliate_id%2F2517%2Foffer_id%2F412%2Fsource_id%2F1001%2Faff_sub1%2FBE%2Fadvertiser_id%2F21%2Ftrans_id%2F102c9e49127e39abcbe270211c3057%2Fparams%2F&rl=&if=false&ts=1562324994115&sw=1600&sh=1200&v=2.8.51&r=stable&ec=0&o=30&fbp=fb.1.1562324994114.319367232&it=1562324994077&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 05 Jul 2019 11:09:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Fri, 05 Jul 2019 11:09:54 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
201 B 8ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=301138380635916&ev=ViewContent&dl=https%3A%2F%2Fwww.esmeraldavoyance.com%2Fhaof29%2Furl_id%2F8887%2Ffile_id%2F13185%2Faffiliate_id%2F2517%2Foffer_id%2F412%2Fsource_id%2F1001%2Faff_sub1%2FBE%2Fadvertiser_id%2F21%2Ftrans_id%2F102c9e49127e39abcbe270211c3057%2Fparams%2F&rl=&if=false&ts=1562324994118&sw=1600&sh=1200&v=2.8.51&r=stable&ec=1&o=30&fbp=fb.1.1562324994114.319367232&it=1562324994077&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 05 Jul 2019 11:09:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Fri, 05 Jul 2019 11:09:54 GMT

GET
H2 200 glyphicons.png
www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing24/images/glyphicons/ 22 KB
22 KB 57ms
57ms Image
image/png 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing24/images/glyphicons/glyphicons.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

a38b09fb564502550e63d10f8d572fd94e26821637747981eac784392c7305d2

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.esmeraldavoyance.com/assets/uicommon/landing/esmeralda/landing29/css/style.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 05 Jul 2019 11:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 22071
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:31 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "56c1-5774e998fe057-br"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2 200 glyphicons-halflings-regular.woff2
www.esmeraldavoyance.com/assets/uicommon/css/libs/bootstrap/fonts/ 18 KB
18 KB 52ms
51ms Font
text/plain 163.172.143.73
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://www.esmeraldavoyance.com/assets/uicommon/css/libs/bootstrap/fonts/glyphicons-halflings-regular.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.172.143.73 , France, ASN12876 (AS12876, FR),

Reverse DNS

aff01.esmfr.newlotusweb.net

Software

esm-fr-WEB /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.esmeraldavoyance.com/assets/uicommon/css/libs/bootstrap/3.3.7/bootstrap.min.css
Origin: https://www.esmeraldavoyance.com

Response headers

date: Fri, 05 Jul 2019 11:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000;
content-length: 18015
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Oct 2018 08:12:29 GMT
server: esm-fr-WEB
x-frame-options: SAMEORIGIN
etag: "466c-5774e997887ae-br"
vary: Accept-Encoding
cache-control: max-age=0, private, no-cache, no-store, must-revalidate
content-security-policy: default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
accept-ranges: bytes

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j77&a=540732710&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.esmeraldavoyance.com%2Flanding_page%2F29&dp=%2Flanding_page%2F29&ul=en-us&de=UTF-8&dt=Votre%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-74205254-9&cid=552881755.1562324994&jid=1397868527&_gid=331697404.1562324994&gjid=1238970114&_v=j77&z=697012277
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74205254-9&cid=552881755.1562324994&jid=1397868527&_v=j77&z=697012277
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74205254-9&cid=552881755.1562324994&jid=1397868527&_v=j77&z=697012277&slf_rd=1&random=1950043662

42 B
109 B

22ms
22ms

Image
image/gif

2a00:1450:4001:815::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74205254-9&cid=552881755.1562324994&jid=1397868527&_v=j77&z=697012277&slf_rd=1&random=1950043662

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jul 2019 11:09:54 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Jul 2019 11:09:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74205254-9&cid=552881755.1562324994&jid=1397868527&_v=j77&z=697012277&slf_rd=1&random=1950043662
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
tr.outbrain.com/ 43 B
363 B 477ms
143ms Image
image/gif 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.outbrain.com/pixel?marketerId=000554f01d2de2091075e0e4f47da6dd89&obApiVersion=1.0.11&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.esmeraldavoyance.com%2Fhaof29%2Furl_id%2F8887%2Ffile_id%2F13185%2Faffiliate_id%2F2517%2Foffer_id%2F412%2Fsource_id%2F1001%2Faff_sub1%2FBE%2Fadvertiser_id%2F21%2Ftrans_id%2F102c9e49127e39abcbe270211c3057%2Fparams%2F&optOut=false&bust=04008083018765516

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
traffic-path: CHIDC2FGT, MDW, HHN, Europe2
x-cache: MISS, MISS
status: 200
x-traceid: 1279f1edd2137e81f523af30ea210b88
content-length: 60
x-served-by: cache-mdw17360-MDW, cache-hhn4045-HHN
x-timer: S1562324995.585715,VS0,VE109
date: Fri, 05 Jul 2019 11:09:54 GMT
content-type: image/gif;
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache
backend-ip: 157.52.75.60
accept-ranges: bytes, bytes
x-cache-hits: 0, 0

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
314 B 1504ms
121ms Image
image/gif 70.42.32.51
Outbrain

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amplifypixel.outbrain.com/pixel?mid=000554f01d2de2091075e0e4f47da6dd89&dl=https%3A%2F%2Fwww.esmeraldavoyance.com%2Fhaof29%2Furl_id%2F8887%2Ffile_id%2F13185%2Faffiliate_id%2F2517%2Foffer_id%2F412%2Fsource_id%2F1001%2Faff_sub1%2FBE%2Fadvertiser_id%2F21%2Ftrans_id%2F102c9e49127e39abcbe270211c3057%2Fparams%2F&bust=047550240917843034

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

70.42.32.51 , United States, ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 05 Jul 2019 11:09:55 GMT
Cache-Control: no-cache
X-TraceId: 46afad46fdd6f0b58de3cdd951fa4cfb
content-encoding: gzip
Content-Length: 60
Strict-Transport-Security: max-age=0; includeSubDomains;
Content-Type: image/gif;

GET
H2 200 /
www.facebook.com/tr/ 44 B
145 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=301138380635916&ev=Microdata&dl=https%3A%2F%2Fwww.esmeraldavoyance.com%2Fhaof29%2Furl_id%2F8887%2Ffile_id%2F13185%2Faffiliate_id%2F2517%2Foffer_id%2F412%2Fsource_id%2F1001%2Faff_sub1%2FBE%2Fadvertiser_id%2F21%2Ftrans_id%2F102c9e49127e39abcbe270211c3057%2Fparams%2F&rl=&if=false&ts=1562324995626&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Votre%20horoscope%202019%20est%20d%C3%A9j%C3%A0%20pr%C3%AAt%2C%20il%20est%20stup%C3%A9fiant%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.51&r=stable&ec=2&o=30&fbp=fb.1.1562324994114.319367232&it=1562324994077&coo=false&es=automatic&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.esmeraldavoyance.com/haof29/url_id/8887/file_id/13185/affiliate_id/2517/offer_id/412/source_id/1001/aff_sub1/BE/advertiser_id/21/trans_id/102c9e49127e39abcbe270211c3057/params/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 05 Jul 2019 11:09:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Fri, 05 Jul 2019 11:09:55 GMT

GET QG99591G
an.pwspace.com/ 0
0

GET unip
trc.taboola.com/1200459/log/3/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: an.pwspace.com
URL: https://an.pwspace.com/QG99591G?si=ef8602af-a0d4-4e07-a260-1fa246c335ed&pai=6338e9bc-7f93-42f0-83a6-5c8919a8286d&pstuid=d9f361a6-7865-4cd1-8c8f-2863dd3af862&fpu=aHR0cHMlM0ElMkYlMkZ3d3cuZXNtZXJhbGRhdm95YW5jZS5jb20lMkZoYW9mMjklMkZ1cmxfaWQlMkY4ODg3JTJGZmlsZV9pZCUyRjEzMTg1JTJGYWZmaWxpYXRlX2lkJTJGMjUxNyUyRm9mZmVyX2lkJTJGNDEyJTJGc291cmNlX2lkJTJGMTAwMSUyRmFmZl9zdWIxJTJGQkUlMkZhZHZlcnRpc2VyX2lkJTJGMjElMkZ0cmFuc19pZCUyRjEwMmM5ZTQ5MTI3ZTM5YWJjYmUyNzAyMTFjMzA1NyUyRnBhcmFtcyUyRg==&callback=__pwcb

Domain: trc.taboola.com
URL: https://trc.taboola.com/1200459/log/3/unip?en=page_view&tim=1562325001382&ref=N%2FA

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.www.esmeraldavoyance.com/	1970-01-19 01:58:46	Name: __pwpv Value: aHR0cHMlM0ElMkYlMkZhbi5wd3NwYWNlLmNvbSUyRlFHOTk1OTFHJTNGc2klM0RlZjg2MDJhZi1hMGQ0LTRlMDctYTI2MC0xZmEyNDZjMzM1ZWQlMjZwYWklM0Q2MzM4ZTliYy03ZjkzLTQyZjAtODNhNi01Yzg5MTlhODI4NmQlMjZwc3R1aWQlM0RkOWYzNjFhNi03ODY1LTRjZDEtOGM4Zi0yODYzZGQzYWY4NjIlMjZmcHUlM0RhSFIwY0hNbE0wRWxNa1lsTWtaM2QzY3VaWE50WlhKaGJHUmhkbTk1WVc1alpTNWpiMjBsTWtab1lXOW1NamtsTWtaMWNteGZhV1FsTWtZNE9EZzNKVEpHWm1sc1pWOXBaQ1V5UmpFek1UZzFKVEpHWVdabWFXeHBZWFJsWDJsa0pUSkdNalV4TnlVeVJtOW1abVZ5WDJsa0pUSkdOREV5SlRKR2MyOTFjbU5sWDJsa0pUSkdNVEF3TVNVeVJtRm1abDl6ZFdJeEpUSkdRa1VsTWtaaFpIWmxjblJwYzJWeVgybGtKVEpHTWpFbE1rWjBjbUZ1YzE5cFpDVXlSakV3TW1NNVpUUTVNVEkzWlRNNVlXSmpZbVV5TnpBeU1URmpNekExTnlVeVJuQmhjbUZ0Y3lVeVJnJTNEJTNE
			.www.esmeraldavoyance.com/	1970-01-19 01:58:46	Name: pstuid Value: d9f361a6-7865-4cd1-8c8f-2863dd3af862

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 25) Message: [Facebook Pixel] - Duplicate Pixel ID: 301138380635916.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: 'self' blob:; media-src https: data: blob:; font-src https: data:; img-src https: 'self' 'unsafe-inline' data: about:; style-src https: 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors https://*.esmeraldavoyance.com;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affiliate.lightyroad.com
amplify.outbrain.com
amplifypixel.outbrain.com
an.pwspace.com
cdn.powerspace.com
cdn.taboola.com
connect.facebook.net
fonts.googleapis.com
haof.hoeontrack.com
stats.g.doubleclick.net
tr.outbrain.com
trc.taboola.com
trycars.net
www.esmeraldavoyance.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
an.pwspace.com
trc.taboola.com
151.101.114.2
163.172.143.73
2.18.234.190
2a00:1450:4001:815::2003
2a00:1450:4001:816::2004
2a00:1450:4001:816::200a
2a00:1450:4001:819::200e
2a00:1450:4001:81b::2008
2a00:1450:400c:c07::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.49.98.48
54.230.202.234
54.72.199.154
70.42.32.51
71.6.220.98
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0a95b7f6a206f86b8e254fc766d436bdb967fa82fd6a527e250c63c49566b630
0d0a0fee06c8ac1a9dcf88e4cb8d7046ae9045355c9b21e59908b14197cca545
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12d2f68ea70f609647cb315795a89ecae4ff16408c7da6fb6d91248a1a315cb0
149a879e4e70a7bbcd590609cd66727302c327b40c3f11851601dfdc5e063385
18d1737785b22974e393ce2c06bd072431b035d71018f819f455c8e09173beaf
1c7927b3b67ac0b96d279dcc9b830963f7d3a16ab0b1cc02f346f5df0dac0ceb
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
4394f076c1adf478bab8407bcf73e968fcbc5adc08d07848970679f70c150a91
446444822f1c20333692b80dbe388970efd3fd60f9e4d777385f13e912dd317e
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5f66f8b3be1c1e37b7a7b3b52872687c3a55ae6a6e18143107aa0d6f1ca0ea32
657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4
6bdda815541113740d0ff2e020e8d29414e82d43dcb92fe46bb46583f6ee1938
7069ff506334126be902504a7df020cc18779728360181af27ae226e57a730a5
7090005d203e5e17807ca94e1992fd57076443c8a0aad133803acdc40a1a13ed
7c97960ad1272b6be0b3c9318231f449668272a5af8e5ab5169ca1bb5e324ad5
7fe34a15f91c139fcfd72b0432bdf9dee4db568663171844326c66e1779d9a05
800c885177b1235a5ec38acdf99661c7dcb6b24a78caec2d9fe799ffcef31349
8116d47ac2a7cb15c7e6b97aa8d891f0bcc665c8514ca674c439aba27d78f0a6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a6c0dc77bd6b1522523d7994844c074ecc808dfa0bb7eb248b1ccf2e1587af
83a8807ef669fa70d0d9375347f5552897f76c6ae8e2e6f97ef592595462d8d1
a38b09fb564502550e63d10f8d572fd94e26821637747981eac784392c7305d2
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
b3984a514f7c72a70c5074b8bebb588a7eaf423067c52dbe791e29f13b91a4a1
b7c3f9fa7fa7abdb345f9ace16440177843691936c7ec3c576f2ebed491cbf5d
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c7b8a4a350a089a72929b19cbee1fc216c89cb8784bca9a813012d7a2504936f
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
e54a575349b428fb429b2f18b2ede43e040e09c1bfb01921d2703274abd7de15
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a1ddf893ef3f5ecf7416ec4fed40f5c8b4aaf673971ad1d29a54c2eac9c58c
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

www.esmeraldavoyance.com Open in urlscan Pro 163.172.143.73 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

95 %HTTPS

50 %IPv6

16 Domains

19 Subdomains

12 IPs

6 Countries

433 kBTransfer

1017 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.esmeraldavoyance.com Open in urlscan Pro
163.172.143.73 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

95 %
HTTPS

50 %
IPv6

16
Domains

19
Subdomains

12
IPs

6
Countries

433 kB
Transfer

1017 kB
Size

2
Cookies

41 HTTP transactions
1 data transactions