astrotarotreading.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://theroadmaptoaffluence.com/v5rl
Effective URL:
https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
Submission: On September 26 via api (September 26th 2022, 1:22:30 pm UTC) from ZA — Scanned from DE

Summary HTTP 68 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 13 domains to perform 68 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is astrotarotreading.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 25th 2022. Valid for: a year.

This is the only time astrotarotreading.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	192.254.233.73 192.254.233.73	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1 1	44.240.181.170 44.240.181.170	16509 (AMAZON-02) (AMAZON-02)
1 1	35.163.29.19 35.163.29.19	16509 (AMAZON-02) (AMAZON-02)
2 37	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::5f	15169 (GOOGLE) (GOOGLE)
8	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:925b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:805::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2a69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
68	13

1 192.254.233.73 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-254-233-73.unifiedlayer.com

theroadmaptoaffluence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.240.181.170 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-181-170.us-west-2.compute.amazonaws.com

hop.clickbank.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.163.29.19 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-29-19.us-west-2.compute.amazonaws.com

bonusforu-astrotaro.hop.clickbank.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a06:98c1:3121::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

trk.astrotarotreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
astrotarotreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::5f (Brussels, Belgium)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

soul-manifestation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:925b (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:805::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2a69 (United States)

ASN13335 (CLOUDFLARENET, US)

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	astrotarotreading.com 2 redirects trk.astrotarotreading.com astrotarotreading.com	6 MB
8	gstatic.com www.gstatic.com fonts.gstatic.com	415 KB
8	soul-manifestation.com soul-manifestation.com	599 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	23 KB
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 7865 prism.app-us1.com — Cisco Umbrella Rank: 8177	6 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
2	clickbank.net 2 redirects hop.clickbank.net — Cisco Umbrella Rank: 94104 bonusforu-astrotaro.hop.clickbank.net	977 B
1	trackcmp.net trackcmp.net — Cisco Umbrella Rank: 7939	289 B
1	google.de www.google.de — Cisco Umbrella Rank: 6352	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	445 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	69 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	3 KB
1	theroadmaptoaffluence.com 1 redirects theroadmaptoaffluence.com	539 B
68	13

	Domain	Requested by
35	astrotarotreading.com	astrotarotreading.com
8	soul-manifestation.com	astrotarotreading.com
4	fonts.gstatic.com	fonts.googleapis.com www.google.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	astrotarotreading.com www.gstatic.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	trk.astrotarotreading.com	2 redirects
1	trackcmp.net	diffuser-cdn.app-us1.com
1	www.google.de	astrotarotreading.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	diffuser-cdn.app-us1.com	astrotarotreading.com
1	www.googletagmanager.com	astrotarotreading.com
1	fonts.googleapis.com	astrotarotreading.com
1	bonusforu-astrotaro.hop.clickbank.net	1 redirects
1	hop.clickbank.net	1 redirects
1	theroadmaptoaffluence.com	1 redirects
68	17

This site contains links to these domains. Also see Links.

Domain
trk.astrotarotreading.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-25` - `2023-06-24`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
Frame ID: CBAE17A28A13EC43DDA9E533B4E8E41E
Requests: 61 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeEJtEZAAAAALMZMLXiDrUhMompjDvCgJbjedYi&co=aHR0cHM6Ly9hc3Ryb3Rhcm90cmVhZGluZy5jb206NDQz&hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=fygwyxbigyfn
Frame ID: B2233B693E9A950A3D6C852AD18C5C0D
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gift | AstroTarotReading | V8WAIT - Astro Readingcaret-down

Page URL History Show full URLs

https://theroadmaptoaffluence.com/v5rl HTTP 307
http://hop.clickbank.net/?affiliate=bonusforu&vendor=astrotaro HTTP 307
https://bonusforu-astrotaro.hop.clickbank.net/?affiliate=bonusforu&vendor=astrotaro HTTP 307
http://trk.astrotarotreading.com/ij8l?hop=bonusforu HTTP 301
https://trk.astrotarotreading.com/ij8l?hop=bonusforu HTTP 302
https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Oxygen (Page builders) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href=(?:"|')[^>]*wp-content/plugins/oxygen/
wp-content/plugins/oxygen

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

68
Requests

94 %
HTTPS

80 %
IPv6

13
Domains

17
Subdomains

13
IPs

4
Countries

6793 kB
Transfer

8307 kB
Size

10
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://trk.astrotarotreading.com/ttk4
Title: Click Here To Continue {FIRSTNAME}

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://theroadmaptoaffluence.com/v5rl HTTP 307
http://hop.clickbank.net/?affiliate=bonusforu&vendor=astrotaro HTTP 307
https://bonusforu-astrotaro.hop.clickbank.net/?affiliate=bonusforu&vendor=astrotaro HTTP 307
http://trk.astrotarotreading.com/ij8l?hop=bonusforu HTTP 301
https://trk.astrotarotreading.com/ij8l?hop=bonusforu HTTP 302
https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

68 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
astrotarotreading.com/gift/reading-box008wait-ext/
Redirect Chain

https://theroadmaptoaffluence.com/v5rl
http://hop.clickbank.net/?affiliate=bonusforu&vendor=astrotaro
https://bonusforu-astrotaro.hop.clickbank.net/?affiliate=bonusforu&vendor=astrotaro
http://trk.astrotarotreading.com/ij8l?hop=bonusforu
https://trk.astrotarotreading.com/ij8l?hop=bonusforu
https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

91 KB
18 KB

542ms
525ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

31ed27950d2363efe82fce57a51e0d4567a0a44185ea86ce9ccbf8b9a8cd109a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=15552000, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 750c4edf7eb59a3f-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 26 Sep 2022 13:22:23 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Thu, 19 Nov 2020 16:09:24 GMT
link: <https://astrotarotreading.com/wp-json/>; rel="https://api.w.org/" <https://astrotarotreading.com/wp-json/wp/v2/pages/157879>; rel="alternate"; type="application/json" <https://astrotarotreading.com/?p=157879>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYv3LlH1Hjg6U93zbEPAlnrK%2BVXs0r6ZVHJlT1pR0j2yiZwFcS%2B0aY8nBv8qcxazZGxNbiI%2FIOuqG7%2BtsHy3LWmwXl87lBx9xwEVGV6F2Q8lc9aMVHlZLi1EuQvEXMoJ88Lp5YjWBayVtKBeXg7oxS0G%2BtE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=2592000; preload
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 56
x-cache-group: normal
x-cacheable: YES:15552000.000
x-content-type-options: nosniff
x-powered-by: WP Engine

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 750c4edbf8099a3f-FRA
content-length: 0
date: Mon, 26 Sep 2022 13:22:23 GMT
engine: clickmeter.redirect, version 2.0
expires: -1
location: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fewi4megPAOPJQGKxLQIfbZRQ2UeCPrgI9nPStkqUrwFpi0hU87Z%2B5kzb6YKQzF3J5XHBOoPtIvzose5OWHWGLkfc6ooHqDGmS4jT%2BDTgOmJF51LVG%2B27ClRMRQE%2F20%2B859NLrz599ViphA9Afzu1RuDgUvgjjVe"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
x-rate-limit-limit: 20s
x-rate-limit-remaining: 299
x-rate-limit-reset: 2022-09-26T13:22:43.1743980Z

GET
H2 200 ecf.css
astrotarotreading.com/wp-content/uploads/elegant-custom-fonts/ 1 KB
590 B 46ms
43ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://astrotarotreading.com/wp-content/uploads/elegant-custom-fonts/ecf.css?ver=6.0.2

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

092c149a293c773abb7e0174a9c23614eb6e65701fcd1387a1fb617dbc0c1785

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 187095
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 13 Nov 2020 20:11:07 GMT
server: cloudflare
etag: W/"5faee85b-4aa"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EEVff7DcLOs2XV6R8OkJgaPeJb6eZP3pJW1OdWKQm6mO7ewobwZrb2Lt3jtCT9S%2FMkMdRB3FyuaBpmRQCgjahItCP6sodN6ymW5VRA8sTRLc3%2B1aci4G1bh0WfUzTiz82hzSWVQXJ7fKNoXNOxPln%2FG%2FUek%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 750c4ee2cdf19a3f-FRA

GET
H2 200 style.min.css
astrotarotreading.com/wp-includes/css/dist/block-library/ 87 KB
12 KB 47ms
44ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://astrotarotreading.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1023959
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
server: cloudflare
etag: W/"62c2d8bd-15b64"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZVTbN2AyshkQ7gvSJaDqwjf9GOyn20iT%2B9VZxXIyEg75YffoiYRWKDEwZ58z7WDHHwm0ttiNckfypn%2FErYpvOjrGHk9XQHkJ92HZqJatbiHkUpEQanvgStfKELCGb%2FkFgtEfbOlIVmpPsXRmW%2FiyXy2Ohs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 750c4ee2cdf39a3f-FRA

GET
H2 200 style-index.css
astrotarotreading.com/wp-content/plugins/activecampaign-subscription-forms/activecampaign-form-block/build/ 70 B
382 B 46ms
43ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://astrotarotreading.com/wp-content/plugins/activecampaign-subscription-forms/activecampaign-form-block/build/style-index.css?ver=1659377369

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55bd442d45ef481e3f0eb795894dd94f1a5e38f2a4847c2f49371010e1e013c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 555334
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 01 Aug 2022 18:09:29 GMT
server: cloudflare
etag: W/"62e816d9-46"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7kxAKbdI%2BGc2nSd4r6%2BAJK9E7EG2%2BDIMsOnfTMJUvJ2819bkWix7n35aX7qMOGNWs2OOe0Ax5IfhriFkYICR3rKH7BajOwokI6T8mjkn%2F08bJn592lgj6sEP36qffC%2BQTi8M9SUG9Cx9FOp92oA4rkbRg0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 750c4ee2cdf69a3f-FRA

GET
H2 200 style-ujicount.css
astrotarotreading.com/wp-content/plugins/uji-countdown/dist/ 4 KB
2 KB 45ms
41ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://astrotarotreading.com/wp-content/plugins/uji-countdown/dist/style-ujicount.css

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fec5719e8cd5a06b7792ecfed30d024889a9148d961810649c092541ff67572c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 555334
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 09 Feb 2022 13:21:40 GMT
server: cloudflare
etag: W/"6203bfe4-fca"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7TezpaBehabnmalHdSj9TR49cXGMwNmb%2FqFXpXnLdwXAZVcJKG%2BP7bD1xBILhQbQKEDaPB3YTkDc2n7%2F2DXHvjzmahu6g2c0ZFHS6VK%2Ft5qLEH%2B9%2FcfGZPoaU7YRoQiuSCj57qW5kI1u%2F4bpai4mMw7zmnw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 750c4ee2cdf79a3f-FRA

GET
H2 200 oxygen.css
astrotarotreading.com/wp-content/plugins/oxygen/component-framework/ 20 KB
5 KB 51ms
48ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://astrotarotreading.com/wp-content/plugins/oxygen/component-framework/oxygen.css?ver=4.0.3

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4052b8b4603b58652ca621b5783f4c5f58cb31de40866a400ef1b30116a61955

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 264238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 16:31:40 GMT
server: cloudflare
etag: W/"6320b06c-4f90"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJXsvalKmVx%2BA2qOlc7QSYuI2TN7mACJe7pi1Z0iHp%2FalHA%2FP46FUIlT3fvmPJhkahaJo9BPIuyFRxVtwIOp%2BxVdyG6M9uQM%2BBhwU1KFlEF1imXxm9IL6ZiLG1gv8QogU4Z6OuUFCaZ9BNAynUqirNlObw8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 750c4ee2cdf99a3f-FRA

GET
H2 200 style.css
astrotarotreading.com/wp-content/plugins/oxy-toolbox/modules/essentials/css/ 3 KB
2 KB 48ms
45ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://astrotarotreading.com/wp-content/plugins/oxy-toolbox/modules/essentials/css/style.css?ver=1.5.7

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ced9271e0768d786f6f034caae95305e1e8ad4c18a59a6dd64760cf3735bdf49

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1023868
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 01 Aug 2022 18:09:38 GMT
server: cloudflare
etag: W/"62e816e2-d27"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OiRATO4X%2F%2BnUBtBhXsAyYrSjsvr5gMxR2vbqXQLxhvT253uNaP8N7JBdCrv3KHnY2Rs0HpCyURw0v0%2F0rp0RN%2F1Ml140P5X29jFziuJ21SNVnJqfS7JrWtjg%2BDx23ierR6Sp1xNvqhZCjcAH9Vw1ZCNj6M8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 750c4ee2cdfe9a3f-FRA

GET
H2 200 mediaelementplayer.min.css
astrotarotreading.com/wp-content/plugins/media-element-html5-video-and-audio-player/mediaelement/v4/ 11 KB
3 KB 47ms
44ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://astrotarotreading.com/wp-content/plugins/media-element-html5-video-and-audio-player/mediaelement/v4/mediaelementplayer.min.css?ver=6.0.2

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e2d5b7c96931a7cac72873b2f3715f72349cb9bc6289d1facedca268d686864

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1023959
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Sep 2020 12:27:05 GMT
server: cloudflare
etag: W/"5f635619-2c8f"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJcTT%2BptlyXduRS1EdufgIcQMAtOA4JNkapxuGXpwZ709rNxfEKiJplKLn7k9GqoXEk6aPvUJ6z5ApeyKFxMV4NGSA9cuOi%2Fs0KzPu7x5FAQEx8NIRg%2Fe0k%2BvNvfqDY51LYIvAT85%2BPsVZtwC8ev2NCyuAs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 750c4ee2ce009a3f-FRA

GET
H2 200 mediaelementplayer-legacy.min.css
astrotarotreading.com/wp-content/plugins/media-element-html5-video-and-audio-player/mediaelement/v4/ 11 KB
3 KB 50ms
48ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://astrotarotreading.com/wp-content/plugins/media-element-html5-video-and-audio-player/mediaelement/v4/mediaelementplayer-legacy.min.css?ver=6.0.2

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1023959
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Sep 2020 12:27:05 GMT
server: cloudflare
etag: W/"5f635619-2bf8"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qoqSkfMvMCp7JeJpLrjGbNz%2BtuVL3ny1bvz%2B9iPQiwfGjYT7kFKz56fyguJJ4J0YVqZFbuSZ0pG7TObqXr4vmWn8FJJf7JvtDaIcpzhiY2gnM%2BO3Ga29MJclfqBC2%2FVE6XiMVa2dnv4ttT0VDCixFlRYB2o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 750c4ee2ce029a3f-FRA

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
997 B 69ms
29ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeEJtEZAAAAALMZMLXiDrUhMompjDvCgJbjedYi

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e4408ef73e414f99943a71026429552e15d31612aeeb54493c66ff3d01f5ae84

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 584
x-xss-protection: 1; mode=block
expires: Mon, 26 Sep 2022 13:22:23 GMT

GET
H2 200 jquery.min.js Show response
astrotarotreading.com/wp-includes/js/jquery/ 87 KB
32 KB 105ms
103ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://astrotarotreading.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2326095
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: cloudflare
etag: W/"6048e0ac-15db1"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYMoZz52%2Fg2C5yRogmsD6zgfO%2F1FfJAXUZnvMgMVPB3tLYorGELOW0Ig%2F9jO3iRDkPwsnW%2F65Qw%2FqjrawPy%2FVhqkDRUxA7%2FNJBgvup%2FQAL03%2BT6MhguXxwshhJbHY5WlctTHg9ReO1CsjprzIgaO6lHpst4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 750c4ee30e4c9a3f-FRA

GET
H2 200 mediaelement-and-player.min.js Show response
astrotarotreading.com/wp-content/plugins/media-element-html5-video-and-audio-player/mediaelement/v4/ 154 KB
38 KB 110ms
108ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://astrotarotreading.com/wp-content/plugins/media-element-html5-video-and-audio-player/mediaelement/v4/mediaelement-and-player.min.js?ver=4.2.8

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0466734b731acb2709928a14d088981cb6ac5f0866c90236325a7f803ed80e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2326095
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Sep 2020 12:27:05 GMT
server: cloudflare
etag: W/"5f635619-269cf"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LpJhUW2nb%2FEWnyR5x1D35qK8tQ0SXUy82153kIriWrND3azWzC8Xif%2Be6ClgioIL6rF8DJvKzowqS4I37vDVcUJOVUOrbp4h3tES%2FjZd%2BV1gKXTF3WrktPBqlLNUH%2Fal9DYS5nh7AHsLLTKTe8GWGYZV0Q0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 750c4ee30e529a3f-FRA

GET
H2 200 wizardwold.woff
astrotarotreading.com/fonts/ 25 KB
25 KB 80ms
78ms Font
font/woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://astrotarotreading.com/fonts/wizardwold.woff

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

651b703f0790f640284c08b5d89f38b88b0aa9d7fda77f3209f63eb4414b54f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 947477
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25188
last-modified: Thu, 17 Sep 2020 12:27:08 GMT
server: cloudflare
etag: "5f63561c-6264"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OD%2Bwbh5kBC7KJ0NLIVmmi9FZTsooH8YVTYtwnF9VlVivzEJGXvrlCSomSizfdKZbj6R%2BkjiIByGmTqd1mvgAp0OWMI7mvtRUQOJPyBw8%2BRcTMUypz6LXvQTSbvGdegM3Q43M3Xby14xmQKwPxIZDdw4a3yc%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 750c4ee30e549a3f-FRA

GET
H2 200 enchantedland.woff
astrotarotreading.com/fonts/ 30 KB
30 KB 73ms
72ms Font
font/woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://astrotarotreading.com/fonts/enchantedland.woff

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64abaece2a91af5229e5fe17bbffea3b2fd8c306cb15342069a298b9ac2f5cdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2326095
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30636
last-modified: Thu, 17 Sep 2020 12:27:08 GMT
server: cloudflare
etag: "5f63561c-77ac"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GfqyIezRjYUaew1mi6smngN2fcTh%2BINnkAMlgETTguoiGvHOPQu7t1pYP6zvwG2ec76eKWrt%2FT4YVYfgVng9%2BcdjA8pT2bO95vQs4L60zj%2Fq42JqMCgVuUWqoYe9VNmQmU58s2XR3UXBTHqjT8RfBkc9Klc%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 750c4ee30e579a3f-FRA

GET
H2 200 css
fonts.googleapis.com/ 69 KB
3 KB 93ms
35ms Stylesheet
text/css 2a00:1450:400c:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,200,300,400,500,600,700,800,900|Lato:100,200,300,400,500,600,700,800,900|Roboto:100,200,300,400,500,600,700,800,900|Oswald:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Open+Sans:100,200,300,400,500,600,700,800,900|Cinzel+Decorative:100,200,300,400,500,600,700,800,900|Raleway:100,200,300,400,500,600,700,800,900

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::5f Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b8687cd07cddbef45fe228f98ee6ce508aaf80ef031d100cf2b9319f468d2496

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 13:22:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 26 Sep 2022 13:22:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Sep 2022 13:22:23 GMT

GET
H2 200 157879.css
astrotarotreading.com/wp-content/uploads/oxygen/css/ 43 KB
5 KB 48ms
46ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://astrotarotreading.com/wp-content/uploads/oxygen/css/157879.css?cache=1659378096&ver=6.0.2

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bedfcd532dab458ada7638aa7af93be48d4776bbf364461b1e846649c01a83ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50368
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 01 Aug 2022 18:21:36 GMT
server: cloudflare
etag: W/"62e819b0-ad26"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XiGIACEuTPda4tqyt%2Bqxjo9SWIp1%2F79O9d%2BotYcjjWA81ld4zmCHAOgRiT3IvTPEfYyQmlzW%2FrOXByIXHos1KINle%2BsUKiWpCotJ6CtnPKmsSkISSHKhGoXY7DU7jEzm0JEjLYr5ZJzWmjR65yv3nSsGYEw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 750c4ee2ce039a3f-FRA

GET
H2 200 universal.css
astrotarotreading.com/wp-content/uploads/oxygen/css/ 85 KB
14 KB 47ms
46ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://astrotarotreading.com/wp-content/uploads/oxygen/css/universal.css?cache=1663090208&ver=6.0.2

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4aa03bf34fde422b4f5cbb72683dac89b16e24cbe6b0b6aff0fee920db9dcc3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1023959
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 17:30:08 GMT
server: cloudflare
etag: W/"6320be20-15346"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sxEV2xWwFs7M7LOpDKJNDv4oPxIb7teaossuSzvVDFwQE5YXdNvmlsRKAhY%2Fg5fM0w1Kl54p68Vqwr3fjcs4bygJSJh8BC%2FavLC%2FIhQDStz%2B6qRjV1PL0jS9M8asgagihn3eN3jSb52bjErADomOMzljk3Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 750c4ee2ce059a3f-FRA

GET
H3 200 boxtop-1.png
astrotarotreading.com/wp-content/uploads/2020/09/ 19 KB
20 KB 288ms
285ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://astrotarotreading.com/wp-content/uploads/2020/09/boxtop-1.png

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2738bc80296d5d9d44af2d99711cb7e0b6fc93ceaf25591f915dc356f648273e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2793758
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19604
last-modified: Sat, 07 Nov 2020 16:31:50 GMT
server: cloudflare
etag: "5fa6cbf6-4c94"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5anO3uI7RZeFNIgn3Wdt1MqIbwtjO4lx6Sq7sdLupZg2qXyeGOG31rG9Ua%2Bo0jXk23m16AyGWkdIXPS%2BMeu9PbbGpGMxcckKFLDWkoGnXYSfDQHC7%2Bm7xeVbRbtYSHTDU7sGRqnqyBYv%2FrOV50PIEPYtVMg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 750c4ee3a94abbf7-FRA

GET
H3 200 BackCard.png
astrotarotreading.com/wp-content/uploads/2020/08/ 46 KB
46 KB 311ms
308ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://astrotarotreading.com/wp-content/uploads/2020/08/BackCard.png

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5a1dfb418a5392189c8badb5157fabf288ee166bedb4886d71c1876130dfcf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4003042
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47032
last-modified: Thu, 17 Sep 2020 12:26:50 GMT
server: cloudflare
etag: "5f63560a-b7b8"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7TGOGsLeh4j2YYm0Esxo6sV5o8H72GhmsHLaAc91pdDAO4M1olOLKhVcih7iK7EHaqisYf0lTGvbzXL07OnRyggM4Hm7cHOfPlV6lSO6oF6cFYhf8EOS2lzb92tRm9PN%2F4pWXn3vxxfWmu0vA6%2BCYCbvqIM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 750c4ee3a951bbf7-FRA

GET
H2 200 Judgment.png
soul-manifestation.com/wp-content/uploads/2020/10/ 45 KB
45 KB 223ms
41ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soul-manifestation.com/wp-content/uploads/2020/10/Judgment.png
Requested by: Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28336f5ce88f52b6be8228ca75a7f6eca56aba569c5185eb826ccc8995011b62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169154
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46150
last-modified: Sat, 05 Mar 2022 14:54:20 GMT
server: cloudflare
etag: "6223799c-b446"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZ91w9zzA3Lpq5HBvoWD7z09AsT0Svp4aAba5AT71jK1EfPqe819%2Bvs890JD9n5KBbjZvQJJ%2BJ7R3knV9XYpjh8n03kh7GmE4BGanOmNwFXOFOksuJXDIbs%2BawJ0UpmhRyWjlfNy4GBTBrFkaplP5kWsJpPH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 750c4ee4be7abb3b-FRA

GET
H2 200 Empress.png
soul-manifestation.com/wp-content/uploads/2020/08/ 80 KB
80 KB 225ms
43ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soul-manifestation.com/wp-content/uploads/2020/08/Empress.png
Requested by: Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b83ba5bd99f7b743b396f7eeebc032e7509f01314d05ceba9c3cccabc71158dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2479529
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 81822
last-modified: Sat, 05 Mar 2022 14:54:20 GMT
server: cloudflare
etag: "6223799c-13f9e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52t8llnVutoGbEDlNXu5wx%2BwG3uf%2Fo4ZXtvEnHZpiQzCiITE5unxYI5Db9s%2BKAyENEPZVbqjXl8vgTyfceynCaeQtEuJgQbaUYDrI8DiBQB%2BNYsrJlf7BqZguZgltJxuP%2BEj78pkw9joknA4WWLjCLWvFOV1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 750c4ee4be7dbb3b-FRA

GET
H2 200 Wheel-Of-Fortune.png
soul-manifestation.com/wp-content/uploads/2020/08/ 88 KB
89 KB 238ms
56ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soul-manifestation.com/wp-content/uploads/2020/08/Wheel-Of-Fortune.png
Requested by: Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f060730c61830ba0cd5b018d0edf752ad57801599394a2f890fd5931e4998eb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169154
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 90363
last-modified: Sat, 05 Mar 2022 14:54:20 GMT
server: cloudflare
etag: "6223799c-160fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NyFt3%2B8ErYttHug%2BzBniCDDCTtUK11AUbH%2FHBlW35rqEg1YXzCy4Z7VgeFRJouIUs7KRX0%2FTQPfYXL0pZ1nFWKhmdgdD5v%2FvARQN8e0yxTXDSKEIGmDIaEtJjZ9glb5jEQH4MqxzWsXwOObELKm7RxEmZhY4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 750c4ee4be7ebb3b-FRA

GET
H2 200 The-Tower.png
soul-manifestation.com/wp-content/uploads/2020/08/ 75 KB
76 KB 223ms
42ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soul-manifestation.com/wp-content/uploads/2020/08/The-Tower.png
Requested by: Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d989b2cf32e5b37ff297e055e9ef287318567c417982df49c3d73e55555638d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1029074
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77228
last-modified: Sat, 05 Mar 2022 14:54:20 GMT
server: cloudflare
etag: "6223799c-12dac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3g1fwpWVAa9lBTOvWCCilzVcqDt8TzLk%2BZRnUTPKWTiiFLYpD%2B145ef1yMfRdaIKB2NZbk%2FvsWhc5jOUjEzkiNYQZof0RJuFFxxKQt73GEbdDX783rqKMmdf3nFJPAYPdmbRRFN6e1kmKXdHtd8uvBi58oz"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 750c4ee4be7fbb3b-FRA

GET
H2 200 Sun.png
soul-manifestation.com/wp-content/uploads/2020/08/ 82 KB
82 KB 225ms
43ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soul-manifestation.com/wp-content/uploads/2020/08/Sun.png
Requested by: Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72a44b1ea73bae8ab7217bc11f7c54a82ab9f0630c1fd65a7fe81de4a5c81e30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2479529
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 84065
last-modified: Sat, 05 Mar 2022 14:54:20 GMT
server: cloudflare
etag: "6223799c-14861"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AbumB7%2BcT%2FM%2B2AiQT%2B1Ql3zz6KJDqrWx4wMr%2BYmc2WayKEuNs5psFpv8CmK%2FbzbwQKEH3o4SbRCjMccBHcrS9bvSOhMqUb0N4atUiHKX%2BLNKFo9r0c6bsdDRp%2FgNrzhOs3hXz4qz%2BlH4RGqOX1h5Qt1sExM"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 750c4ee4be81bb3b-FRA

GET
H2 200 The-High-Priestess.png
soul-manifestation.com/wp-content/uploads/2020/08/ 82 KB
82 KB 224ms
43ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soul-manifestation.com/wp-content/uploads/2020/08/The-High-Priestess.png
Requested by: Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8f92b5ff956511a05ce9eb38bf21f53df099fe3e77a7a94cffd3c40e60eec1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 336326
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83970
last-modified: Sat, 05 Mar 2022 14:54:20 GMT
server: cloudflare
etag: "6223799c-14802"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zTMYeqL5WHzLzBPakiIzZ91lA%2Fp2pvbX99bUW2MV1nJw29n94APuRNmB0POJkMnpziTrg%2FgnwAbmb2FwxCxDbw0paASOyxMfjfAV45m0FO%2FSu913FTKdLn1EbrddbxN1Osv90v7S4IvzlAb7AdmbtZpNHpKu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 750c4ee4be82bb3b-FRA

GET
H2 200 The-Magician.png
soul-manifestation.com/wp-content/uploads/2020/08/ 70 KB
70 KB 172ms
25ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soul-manifestation.com/wp-content/uploads/2020/08/The-Magician.png
Requested by: Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f0be8e5e3c864c93cca5e8a3512d8a33c388f9ea2ea5eb239715f4c5fe3e63e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2744936
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71576
last-modified: Sat, 05 Mar 2022 14:54:20 GMT
server: cloudflare
etag: "6223799c-11798"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHx0shZHrhp8J0%2BfnyX5Ozp9o8eIc3NPOLnYgFEEfWSoyWzYjCD6FbBxpTS7mtQnpbuzQWCy6ih937UAtYSUiWhaRM%2FzjC4o%2FSsxzzEygcl5uA2f4U8ONoLstwB5Kc6nEpMozcwTYY9pf3d6lmwjaJOoJdzV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 750c4ee4ae75bb3b-FRA

GET
H2 200 The-Fool.png
soul-manifestation.com/wp-content/uploads/2020/08/ 73 KB
74 KB 189ms
42ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soul-manifestation.com/wp-content/uploads/2020/08/The-Fool.png
Requested by: Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44982262917fa73432aa43b9ab0587260623bbefa2d1a00d1ca3e7929bf24d43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2479529
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74963
last-modified: Sat, 05 Mar 2022 14:54:20 GMT
server: cloudflare
etag: "6223799c-124d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4BCDwnYsYZTkckV4H9A61YVmzIkNPm0K%2ByVshqY%2BWJaKN3e0AoRFlQUnoX1x1AwlgyfSrKfvbOc3hVFTwuDyixoLFekbfK1tpaCFUchIs7%2FokieHFwgygoyl63G5%2FhCZLZAouDj9WuIZDHCMX6ftXxLE6bO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 750c4ee4be79bb3b-FRA

GET
H3 200 boxbottom-1.png
astrotarotreading.com/wp-content/uploads/2020/09/ 19 KB
19 KB 315ms
313ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://astrotarotreading.com/wp-content/uploads/2020/09/boxbottom-1.png

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df55830dcb9e96c47638399e38c4edbe518bb9adf1ebcea98e082ff74ef7ce04

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2793758
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19345
last-modified: Sat, 07 Nov 2020 16:31:48 GMT
server: cloudflare
etag: "5fa6cbf4-4b91"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGnsbrrx%2BZ%2F4WvQF3YflGpMMtl0Gep7Q0vFHqCOKO5nXX2SwH9Eu%2BJLjGuprEAg9yERVZr7UACIPwCBrEtMkesdvgZTqQdaVJ8%2BilaHlOL2cmarPsv0tLra59hv46HvqqRziPAXgLNn5cET%2FYvR6%2FOqfH5k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 750c4ee3a954bbf7-FRA

GET
H3 200 side1-1.png
astrotarotreading.com/wp-content/uploads/2020/09/ 137 KB
138 KB 52ms
50ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://astrotarotreading.com/wp-content/uploads/2020/09/side1-1.png

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fe578e2e723f32a25cf0093c34c165a1c4e2906d96048911e64cc508785a1f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8219520
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 140731
last-modified: Tue, 29 Sep 2020 20:30:18 GMT
server: cloudflare
etag: "5f73995a-225bb"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sTYU8yxjZFhN9Gl4ilzX2GOkGZ9dRTjXkvA2qnboZUOtD3%2F4RjSlywgcSHm0VxprbK4b1aA4UoyzK3dboPv9gbC8ff2swRaMl28mXlajNy2ILq4cLjYnC%2FJFf%2B1MJPA%2BDHM3rUq%2BdNJXi7k51FhRnzsqJ%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 750c4ee3a957bbf7-FRA

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ 391 KB
157 KB 196ms
15ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeEJtEZAAAAALMZMLXiDrUhMompjDvCgJbjedYi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ad74b30972057e9efc8dd2c5d013ed97938050ceab38f1209780d584bcd6fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://astrotarotreading.com/
Origin: https://astrotarotreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159555
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Sep 2023 13:11:23 GMT

GET
H3 200 Group-1.png
astrotarotreading.com/wp-content/uploads/2020/09/ 699 B
1 KB 323ms
321ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://astrotarotreading.com/wp-content/uploads/2020/09/Group-1.png

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f049b6f65d6177d061f64913f1abde42ac456503b3d5419c1cf7ebbf4b458bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 863768
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 699
last-modified: Sat, 07 Nov 2020 15:48:53 GMT
server: cloudflare
etag: "5fa6c1e5-2bb"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5PcA%2FM7%2Bz0MNPnIVq0lTHnlK%2F65KHlDYc6UzGaeYarZXCNOesse3fnsAPl8cD0Obla7UXcY0ldo7TzFmz%2FzY9%2FKgwuhLDQi90GJRL%2FmI4hVy4Jn62nat5pGlNHgp1SyCbMcT5A7z5v45OC91bHinYab0UE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 750c4ee3a960bbf7-FRA

GET
H3 200 alexander.png
astrotarotreading.com/wp-content/uploads/2020/10/ 37 KB
38 KB 84ms
82ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://astrotarotreading.com/wp-content/uploads/2020/10/alexander.png

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2099610bfa0e849863463db96e247c4ba5c13eb6209bf944d39ce1c299f5185c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 226061
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37897
last-modified: Sat, 07 Nov 2020 15:50:45 GMT
server: cloudflare
etag: "5fa6c255-9409"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X2tIF8SAeF%2Fycg7UV59nXYwZTFtqbIH84iRxhSOvyBi5whoAXjt2FtX5nSiwpsDfyQOBd8RT81qDoob%2FfU43Y8G4ymjju2NV517KS0cEbAhyMvNmI52Ef6wI1CnajXLdAbfo6esXazLSmuvejLpkzZw%2BCTw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 750c4ee3a981bbf7-FRA

GET
H3 200 capricorn.png
astrotarotreading.com/wp-content/uploads/2020/06/ 45 KB
45 KB 248ms
246ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://astrotarotreading.com/wp-content/uploads/2020/06/capricorn.png

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

437ea7b9867606ef9d111d9cbab8ac379432e5aaba8029538793dd6cdf6040c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14242661
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45740
last-modified: Thu, 17 Sep 2020 12:26:51 GMT
server: cloudflare
etag: "5f63560b-b2ac"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGa%2FbRbJ57r8WmU8hOkK0I8wC1S2cGfWwLhy9k9kuj8A9pJE9687IsLNyGT2lC75gkqiOdP3J8RMQK8qGRoxHtNEv6Vs02xdP1PTB56wE5DL4Zo9E2bgx2ZYBSKhfmauw%2B3Prz1wXUhkDWsbjRN%2BY4hAH5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 750c4ee3a98abbf7-FRA

GET
H3 200 wofplaceholder-1.jpg
astrotarotreading.com/wp-content/uploads/2020/09/ 37 KB
38 KB 65ms
63ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://astrotarotreading.com/wp-content/uploads/2020/09/wofplaceholder-1.jpg

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

338b0fba44ae1951478cb65779c6c0e7f87776d40d1c70f505c6bd1b060a5b9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14242661
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37917
last-modified: Sat, 07 Nov 2020 15:50:04 GMT
server: cloudflare
etag: "5fa6c22c-941d"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytdLr05XP6Fv1tXxzdPTMywsUwjpB7lf3I03yBjeReH8JbvkbdsrsfrWK3vzsvWK1md7a3MK7L7kvhV7BW2BWgtPxPsUsgLQHRCZiIzSMqhfBwM%2F4iDCXFZ2znAVoQzwSTpn1jxlGg6kxYnXxFVqDRZVBTQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 750c4ee3a990bbf7-FRA

GET
H3 200 Love-and-intimacy-during-corona-640x400-1.jpg
astrotarotreading.com/wp-content/uploads/2020/09/ 15 KB
15 KB 289ms
288ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://astrotarotreading.com/wp-content/uploads/2020/09/Love-and-intimacy-during-corona-640x400-1.jpg

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad04a1a302b316d8095df69aa052ecf3819c26021574a03c64b3775ccfd8e8ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2963807
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15057
last-modified: Sat, 07 Nov 2020 15:50:04 GMT
server: cloudflare
etag: "5fa6c22c-3ad1"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QfrdeIJdyLwoDe%2BOC9eWaL24ONN2jLNrGK%2FLeo4K%2FYGMU9E0f1zWPztNCQas7oOFj%2F%2BYFOVBDgad4Nnp8B8jMHXizL4JoVplAAAofzsPRsQ8fhLaEsqPDbKuAZpeZ3RGzByZC1H4dhafyptj0he%2BmuLBcN0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 750c4ee3a99cbbf7-FRA

GET
H3 200 site_tracking.js Show response
astrotarotreading.com/wp-content/plugins/activecampaign-subscription-forms/ 1 KB
1 KB 49ms
49ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://astrotarotreading.com/wp-content/plugins/activecampaign-subscription-forms/site_tracking.js?ver=6.0.2

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a19938485ca7f6c582d3f78d17d9e443d26b260cac24c9dd9499f70b5d28390

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1274750
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 01 Aug 2022 18:09:29 GMT
server: cloudflare
etag: W/"62e816d9-57b"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cv0%2FG3Z0BQ47Wlh39llqqyz26uIbc04E9PuPoCEX6yIygEqJMj%2F5AKbJweWIpXF%2BZh6ngjUdOOzbPXBPPFpcVtYouL60rqW6ee%2B%2BitEmiWygxix5vTGTV%2BOU2EiBnBnzoMtZ4dUbx69O3fSq34I9BPH9ZGw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 750c4ee388babbf7-FRA

GET
H3 200 members.js Show response
astrotarotreading.com/wp-content/plugins/tma-members/assets/js/ 6 KB
2 KB 65ms
65ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://astrotarotreading.com/wp-content/plugins/tma-members/assets/js/members.js?ver=1.0.63

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d15a81f57f3dcb09b67ebb8b52303d2fba99a8bd6adfe3995d350f458a80b4d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8219520
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 21 Oct 2020 15:35:33 GMT
server: cloudflare
etag: W/"5f905545-1733"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06H%2F8StkXWLzsSCe%2FvzaWjnNoWct0J0fdezPNMlD1g8EXH8xleHblGfp%2BSu32PRT4vmoifS5kWrT07LkjiB6I4I6gXtTgXoEeW6pgGm%2BOEXMmeulc5dys%2B6OCeuAxr5LYaVnrTN3A9VwaGb6Zo6MYHmUSEE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 750c4ee398f1bbf7-FRA

GET
H3 200 soulreading.js Show response
astrotarotreading.com/wp-content/plugins/tma-soulreading/assets/js/ 11 KB
3 KB 53ms
52ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://astrotarotreading.com/wp-content/plugins/tma-soulreading/assets/js/soulreading.js?ver=1.0.22

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdcc04ff2d8ec3dfbb173c8acf0ca018076f69fb4af357f18d2c849a2362cba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 226061
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 14 Mar 2022 17:51:39 GMT
server: cloudflare
etag: W/"622f80ab-2cac"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmeXdaDWpJepxByXi%2BhWnYPdJYjopI6mt2D2aE0RPnGWOwYJHx3bhMbO8h8JW9zSG6%2BTD%2FJMFna%2BaGbt%2BFCpaQM6RiWOfPXw7OH1tPukUn1fNyFCUNfNFAwWJhmiyktPa3sFfBEuhIPJ4SPGCJOKOcEBZNU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 750c4ee3a931bbf7-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 252 KB
69 KB 218ms
42ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5LBV3P2

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

850d93a91ce2134e42b0da2ca955b4769115e1693356089faa23c115f428250d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70303
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 26 Sep 2022 13:22:24 GMT

GET
H3 200 bgmiddle2.png
astrotarotreading.com/wp-content/uploads/2020/09/ 99 KB
100 KB 311ms
311ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://astrotarotreading.com/wp-content/uploads/2020/09/bgmiddle2.png

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/wp-content/uploads/oxygen/css/157879.css?cache=1659378096&ver=6.0.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79774923dc3bb1173dcd77d13d18d6aab61860d18cfb677c5b937f239ea5478a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/wp-content/uploads/oxygen/css/157879.css?cache=1659378096&ver=6.0.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 226061
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 101397
last-modified: Sat, 07 Nov 2020 16:31:54 GMT
server: cloudflare
etag: "5fa6cbfa-18c15"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DvJBdfY3xs39oihgZus%2BkLkE8jsZwabmRBB69GUz68qEc3NG5eqSgwFtoS1R3NwphEb9DOQ2P9WIBI%2BcBw2XZPDkwEz93EKVOzgAq3L1ENkJNCaTnTm%2ButT%2BvpfpUXNNaNT%2FHxZybf2l6BYbGp%2BGlkKdAR8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 750c4ee3a99fbbf7-FRA

GET
H3 200 a-futuricamedium.woff
astrotarotreading.com/fonts/ 20 KB
21 KB 312ms
312ms Font
font/woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://astrotarotreading.com/fonts/a-futuricamedium.woff

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/wp-content/uploads/elegant-custom-fonts/ecf.css?ver=6.0.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cbdf5b52fb089c3cd1c2b43c5e24fe3a555c826f54f2bddf52483c750ad2067

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://astrotarotreading.com/wp-content/uploads/elegant-custom-fonts/ecf.css?ver=6.0.2
Origin: https://astrotarotreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 226061
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20644
last-modified: Thu, 17 Sep 2020 12:27:08 GMT
server: cloudflare
etag: "5f63561c-50a4"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j4AO3vL2Cxvwj6Ws7reL4ZW0I4cBwz6fp2QX2RD0LyuNqQNKGD01wi6VOsm3ivztNBAaAvz61E3F0PQzYNsGTe0nQ57l6gTHDCMVCqcV6Xa8YcXEHOsftnjfc9eSJHQTl44aySngxrzRqpOOnQ%2FnfXgzJu4%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 750c4ee3a9a2bbf7-FRA

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 185ms
29ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,200,300,400,500,600,700,800,900|Lato:100,200,300,400,500,600,700,800,900|Roboto:100,200,300,400,500,600,700,800,900|Oswald:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Open+Sans:100,200,300,400,500,600,700,800,900|Cinzel+Decorative:100,200,300,400,500,600,700,800,900|Raleway:100,200,300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://astrotarotreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 16:02:02 GMT
x-content-type-options: nosniff
age: 249622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Sep 2023 16:02:02 GMT

GET /
astrotarotreading.com/gift/reading-box008wait-ext/ 0
0

GET
H3 206 Timer_NoText.mp4
astrotarotreading.com/wp-content/uploads/2020/10/ 2 MB
2 MB 95ms
94ms Media
video/mp4 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://astrotarotreading.com/wp-content/uploads/2020/10/Timer_NoText.mp4

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc4c83485900ff13c8557b29c00496f3d77445d586dd787e8653b4bfe2150ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 26 Sep 2022 13:22:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 88314
Content-Range: bytes 0-2519163/2519164
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 2519164
last-modified: Wed, 07 Oct 2020 20:47:42 GMT
server: cloudflare
etag: "5f7e296e-26707c"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXqa22yPjtWnAMmhZjS%2FrOJlzE1VHaGdnH6cbEfbH4nNfHtk4%2BzHf%2BjvfJ%2BT%2Fio7wrNFWla9XiALCtEX2OnM8aBvvgDYLC4kHH71qWxqc41CWodNsWdEesGusRAO2CeElWLdU0fv%2FAEGJEy4CuPL%2FmRfJ5Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 750c4ee3fa1bbbf7-FRA

GET /
astrotarotreading.com/gift/reading-box008wait-ext/ 0
0

GET
H3 206 RENDER-COMP-PAL_noTxt.mp4
astrotarotreading.com/wp-content/uploads/2020/10/ 1 MB
1 MB 317ms
317ms Media
video/mp4 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://astrotarotreading.com/wp-content/uploads/2020/10/RENDER-COMP-PAL_noTxt.mp4

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

940c68a6be892b88cfbd1b2a6b1240d8bc1817b2f2767fb0d4328cba56e2f97b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 26 Sep 2022 13:22:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 155731
Content-Range: bytes 0-1267164/1267165
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1267165
last-modified: Mon, 05 Oct 2020 14:27:13 GMT
server: cloudflare
etag: "5f7b2d41-1355dd"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZ4PNV9s0k3bMpb1f91j51egpnccuoA3webRWuVHXYZUdN4KUPnfm3%2FdvgCEbW1iSRr3JLUhC%2FwX%2FkDDPMUFMtQogOpK5833WvuGL%2FRtRafG9tsF5oaesM3EIRn%2FxhDFycJjZ3RZHzN3w2Wwc7jKu0SYltU%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 750c4ee3fa22bbf7-FRA

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 147ms
15ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://astrotarotreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 504910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Sep 2023 17:07:14 GMT

GET
H3 206 BG-Animated_V3_1.mp4
astrotarotreading.com/wp-content/uploads/2020/10/ 1 MB
1 MB 391ms
390ms Media
video/mp4 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://astrotarotreading.com/wp-content/uploads/2020/10/BG-Animated_V3_1.mp4

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98a03c40f7e03d4bd9b175aff732568826f88b24b3be994e5f3996f344721afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 26 Sep 2022 13:22:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8211586
Content-Range: bytes 0-1311625/1311626
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1311626
last-modified: Mon, 12 Oct 2020 19:41:51 GMT
server: cloudflare
etag: "5f84b17f-14038a"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8z%2BltKLFVw0HkHUqvrS9yJAywXxQvUNkrhfwq7PFNYs7eND27iEWA7%2BvRPs5NEyS%2BIzG2zNFvmTbAN81UwdnkMXB0o4JiR7UME6qCLhCHx%2Bg5xpWqP7T7PU3PpCd92D5NpkRq0j604rqkFXpfNOIukJjf%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 750c4ee41a85bbf7-FRA

GET
H3 206 BG-Animated_V3_1.mp4
astrotarotreading.com/wp-content/uploads/2020/10/ 166 KB
0 499ms
499ms Media
video/mp4 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://astrotarotreading.com/wp-content/uploads/2020/10/BG-Animated_V3_1.mp4

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 26 Sep 2022 13:22:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8211586
Content-Range: bytes 0-1311625/1311626
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1311626
last-modified: Mon, 12 Oct 2020 19:41:51 GMT
server: cloudflare
etag: "5f84b17f-14038a"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xE4nHaPCGkv5KbubZhasIYOu0mCT0RyG1s53Hhc8squCbDAN%2FzJqZNu6EhWHBjOoc0Xb%2Bcdr%2BqN4SGDpqGcNYKGS2rUTqAYy8M5JyyKkBUKKs1cUoXonBGAz2uFJ%2FU3IpAUQ%2BfJneH0%2BgCuKHC3clS3gRDA%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 750c4ee41a89bbf7-FRA

GET
H3 206 BG-Animated_V3_1.mp4
astrotarotreading.com/wp-content/uploads/2020/10/ 27 KB
0 579ms
578ms Media
video/mp4 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://astrotarotreading.com/wp-content/uploads/2020/10/BG-Animated_V3_1.mp4

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 26 Sep 2022 13:22:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8211586
Content-Range: bytes 0-1311625/1311626
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1311626
last-modified: Mon, 12 Oct 2020 19:41:51 GMT
server: cloudflare
etag: "5f84b17f-14038a"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ciJgmd7Vt%2BGAqx5kb0tu4VzjpB%2BIQvM4dclemqQvUVRwwUAqAjYW4JAchb49Vepvn%2BR6X3LHk4dgOkPsMCm3p8GjRtlNNTFJdTM8qVGy3VRcABAuc4bHdKXSP%2FHDc%2F2f20l9q53nKzf5ghoh0YcT9mwVJkE%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 750c4ee41a8fbbf7-FRA

GET
H3 206 BG-Animated_V3_1.mp4
astrotarotreading.com/wp-content/uploads/2020/10/ 46 KB
0 610ms
610ms Media
video/mp4 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://astrotarotreading.com/wp-content/uploads/2020/10/BG-Animated_V3_1.mp4

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 26 Sep 2022 13:22:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8211586
Content-Range: bytes 0-1311625/1311626
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1311626
last-modified: Mon, 12 Oct 2020 19:41:51 GMT
server: cloudflare
etag: "5f84b17f-14038a"
strict-transport-security: max-age=2592000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=09bt788uaV9PGY8xLcwJQ8XG9oQ9o4xxDo2SNu1GRk9%2BK%2FG3t5IW8egBB%2BKn4F4CYGEry4cV9O%2BYQG6KYVc3VTKNhAjp0tx02mRx%2FLO0md%2Bwmk40G9BitgFN9lXzHfvwmNIVQKMUnzC3ohDKk0Kzl%2BWv9jY%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 750c4ee41a92bbf7-FRA

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame B223 42 KB
22 KB 73ms
39ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeEJtEZAAAAALMZMLXiDrUhMompjDvCgJbjedYi&co=aHR0cHM6Ly9hc3Ryb3Rhcm90cmVhZGluZy5jb206NDQz&hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=fygwyxbigyfn

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e288bef1d616c5a9de347f10de95ed5aaada81f805de1079add243ed7a39576a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e_72zN7lc_ptYEtnj4esfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://astrotarotreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22271
content-security-policy: script-src 'report-sample' 'nonce-e_72zN7lc_ptYEtnj4esfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 13:22:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 54ms
15ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LBV3P2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 386
date: Mon, 26 Sep 2022 13:15:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Mon, 26 Sep 2022 15:15:58 GMT

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 24 KB
6 KB 128ms
46ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by: Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:24 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 29
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
server: cloudflare
etag: W/"4d482a43613d3966f353ec9d97452e0c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: FRA60-P2
cf-ray: 750c4ee64d646964-FRA
x-amz-cf-id: 3qZcWRgTUOQ7vLBDEBi_C2n09VcDpg6AYUrEjNaytUHQFg5uMsCF5Q==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ Frame B223 52 KB
24 KB 54ms
21ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeEJtEZAAAAALMZMLXiDrUhMompjDvCgJbjedYi&co=aHR0cHM6Ly9hc3Ryb3Rhcm90cmVhZGluZy5jb206NDQz&hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=fygwyxbigyfn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:49:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Sep 2023 08:49:48 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ Frame B223 391 KB
156 KB 53ms
20ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ad74b30972057e9efc8dd2c5d013ed97938050ceab38f1209780d584bcd6fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159555
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Sep 2023 13:11:23 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 92ms
24ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=2038901494&t=pageview&_s=1&dl=https%3A%2F%2Fastrotarotreading.com%2Fgift%2Freading-box008wait-ext%2F%3Fhop%3Dbonusforu&ul=en-us&de=UTF-8&dt=Gift%20%7C%20AstroTarotReading%20%7C%20V8WAIT%20-%20Astro%20Reading&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=1482175796&gjid=1181898959&cid=938409541.1664198544&tid=UA-178434532-1&_gid=891399969.1664198544&_r=1&gtm=2wg9l05LBV3P2&z=536410741

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://astrotarotreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 13:22:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://astrotarotreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
prism.app-us1.com/ 246 B
392 B 270ms
251ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prism.app-us1.com/?a=89847574&u=https%3A%2F%2Fastrotarotreading.com%2Fgift%2Freading-box008wait-ext%2F%3Fhop%3Dbonusforu
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.30
Resource Hash: 5f8eeefd4828c3a4d19607cd4ae9cba1e23c87ce1732eb355b0cd0628a53d2c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:24 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.4.30
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 102
cf-ray: 750c4ee6ce296964-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 227ms
27ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-178434532-1&cid=938409541.1664198544&jid=1482175796&gjid=1181898959&_gid=891399969.1664198544&_u=YGBACEAABAAAAC~&z=1562207366

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://astrotarotreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 26 Sep 2022 13:22:24 GMT
content-type: text/plain
access-control-allow-origin: https://astrotarotreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B223 2 KB
2 KB 18ms
16ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 498156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 27 Sep 2022 18:59:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B223 15 KB
15 KB 53ms
18ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 504943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 20 Sep 2023 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B223 15 KB
15 KB 49ms
15ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 572465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 22:21:19 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame B223 102 B
133 B 24ms
23ms Other
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4b424d73a944f41d95c60333c46cb5a2791d2c7dc225e4c6410c36a0ee92fe43

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeEJtEZAAAAALMZMLXiDrUhMompjDvCgJbjedYi&co=aHR0cHM6Ly9hc3Ryb3Rhcm90cmVhZGluZy5jb206NDQz&hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=fygwyxbigyfn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Mon, 26 Sep 2022 13:22:24 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 55ms
55ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-178434532-1&cid=938409541.1664198544&jid=1482175796&_u=YGBACEAABAAAAC~&z=1551685261

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 13:22:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 144ms
65ms Image
image/gif 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-178434532-1&cid=938409541.1664198544&jid=1482175796&_u=YGBACEAABAAAAC~&z=1551685261

Requested by

Host: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 13:22:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
289 B 240ms
161ms Script
text/javascript 2606:4700:4400::6812:2a69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=89847574&prismid=5fd4a70c-c93f-48d8-a6d7-2af6ca0f0f1f&url=https%3A%2F%2Fastrotarotreading.com%2Fgift%2Freading-box008wait-ext%2F%3Fhop%3Dbonusforu
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://astrotarotreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:22:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.1.33
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray: 750c4ee8df48929c-FRA
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Domain: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Domain: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Domain: astrotarotreading.com
URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
theroadmaptoaffluence.com/	1970-01-20 06:59:50	Name: prli_click_157 Value: v5rl
theroadmaptoaffluence.com/	1970-01-20 15:02:14	Name: prli_visitor Value: 6331a78d78bb8
.clickbank.net/	1970-01-20 10:35:50	Name: q Value: 01.8FF123F0D872B0971FBAC9465DC21D96F95652051C0C21087A724B107E12D7FD7A54C512AD799E5C8DCC4B9ADE97FDD1E3F04E8F
.clickbank.net/	1970-01-20 10:35:50	Name: p Value: tsVCOhENp0U8Ahck0eaiBrf6ouqAnhNkt9Cb7YmL7JKKqtslyJxDbVDdmMEp5HRu1bo1mMpvKwBI482AZwEmY3RVB1sLFCR2GL81QGYFxqZQfaYpP7Wj2osQD8T9hy6Kt_3MRd7EFNwLSUafwmvb5CKin0Ud52xYkpcpF1IXsit2XqXSlTy7Hq3FJQ7mrwSMXTJMmQ%3D%3D
.astrotarotreading.com/	1970-01-20 08:26:14	Name: _gcl_au Value: 1.1.1310485551.1664198544
.astrotarotreading.com/	1970-01-20 15:52:38	Name: _ga Value: GA1.2.938409541.1664198544
.astrotarotreading.com/	1970-01-20 06:18:04	Name: _gid Value: GA1.2.891399969.1664198544
.astrotarotreading.com/	1970-01-20 06:16:38	Name: _gat_UA-178434532-1 Value: 1
prism.app-us1.com/	1970-01-20 06:59:50	Name: prism_89847574 Value: 5fd4a70c-c93f-48d8-a6d7-2af6ca0f0f1f
.astrotarotreading.com/	1970-01-20 06:59:50	Name: prism_89847574 Value: 5fd4a70c-c93f-48d8-a6d7-2af6ca0f0f1f

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://astrotarotreading.com/wp-content/plugins/media-element-html5-video-and-audio-player/mediaelement/v4/mediaelement-and-player.min.js?ver=4.2.8(Line 11) Message: A preload for 'https://astrotarotreading.com/fonts/enchantedland.woff' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://astrotarotreading.com/wp-content/plugins/media-element-html5-video-and-audio-player/mediaelement/v4/mediaelement-and-player.min.js?ver=4.2.8(Line 11) Message: A preload for 'https://astrotarotreading.com/fonts/wizardwold.woff' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
javascript	warning	URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu Message: The resource https://astrotarotreading.com/fonts/enchantedland.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://astrotarotreading.com/gift/reading-box008wait-ext/?hop=bonusforu Message: The resource https://astrotarotreading.com/fonts/wizardwold.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

astrotarotreading.com
bonusforu-astrotaro.hop.clickbank.net
diffuser-cdn.app-us1.com
fonts.googleapis.com
fonts.gstatic.com
hop.clickbank.net
prism.app-us1.com
soul-manifestation.com
stats.g.doubleclick.net
theroadmaptoaffluence.com
trackcmp.net
trk.astrotarotreading.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
astrotarotreading.com
192.254.233.73
2606:4700:4400::6812:2a69
2606:4700::6811:925b
2a00:1450:4001:806::2004
2a00:1450:4001:808::200e
2a00:1450:4001:813::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9a
2a00:1450:400c:c0b::5f
2a00:1450:400d:805::2003
2a06:98c1:3120::3
2a06:98c1:3121::3
35.163.29.19
44.240.181.170
0466734b731acb2709928a14d088981cb6ac5f0866c90236325a7f803ed80e56
092c149a293c773abb7e0174a9c23614eb6e65701fcd1387a1fb617dbc0c1785
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2099610bfa0e849863463db96e247c4ba5c13eb6209bf944d39ce1c299f5185c
2738bc80296d5d9d44af2d99711cb7e0b6fc93ceaf25591f915dc356f648273e
28336f5ce88f52b6be8228ca75a7f6eca56aba569c5185eb826ccc8995011b62
31ed27950d2363efe82fce57a51e0d4567a0a44185ea86ce9ccbf8b9a8cd109a
338b0fba44ae1951478cb65779c6c0e7f87776d40d1c70f505c6bd1b060a5b9f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4052b8b4603b58652ca621b5783f4c5f58cb31de40866a400ef1b30116a61955
437ea7b9867606ef9d111d9cbab8ac379432e5aaba8029538793dd6cdf6040c5
44982262917fa73432aa43b9ab0587260623bbefa2d1a00d1ca3e7929bf24d43
4aa03bf34fde422b4f5cbb72683dac89b16e24cbe6b0b6aff0fee920db9dcc3d
4b424d73a944f41d95c60333c46cb5a2791d2c7dc225e4c6410c36a0ee92fe43
55bd442d45ef481e3f0eb795894dd94f1a5e38f2a4847c2f49371010e1e013c2
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5cbdf5b52fb089c3cd1c2b43c5e24fe3a555c826f54f2bddf52483c750ad2067
5f8eeefd4828c3a4d19607cd4ae9cba1e23c87ce1732eb355b0cd0628a53d2c8
64abaece2a91af5229e5fe17bbffea3b2fd8c306cb15342069a298b9ac2f5cdc
651b703f0790f640284c08b5d89f38b88b0aa9d7fda77f3209f63eb4414b54f3
6f0be8e5e3c864c93cca5e8a3512d8a33c388f9ea2ea5eb239715f4c5fe3e63e
6fe578e2e723f32a25cf0093c34c165a1c4e2906d96048911e64cc508785a1f8
72a44b1ea73bae8ab7217bc11f7c54a82ab9f0630c1fd65a7fe81de4a5c81e30
79774923dc3bb1173dcd77d13d18d6aab61860d18cfb677c5b937f239ea5478a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
850d93a91ce2134e42b0da2ca955b4769115e1693356089faa23c115f428250d
8ad74b30972057e9efc8dd2c5d013ed97938050ceab38f1209780d584bcd6fb3
8e2d5b7c96931a7cac72873b2f3715f72349cb9bc6289d1facedca268d686864
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
940c68a6be892b88cfbd1b2a6b1240d8bc1817b2f2767fb0d4328cba56e2f97b
98a03c40f7e03d4bd9b175aff732568826f88b24b3be994e5f3996f344721afd
9a19938485ca7f6c582d3f78d17d9e443d26b260cac24c9dd9499f70b5d28390
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
ad04a1a302b316d8095df69aa052ecf3819c26021574a03c64b3775ccfd8e8ef
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b83ba5bd99f7b743b396f7eeebc032e7509f01314d05ceba9c3cccabc71158dc
b8687cd07cddbef45fe228f98ee6ce508aaf80ef031d100cf2b9319f468d2496
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bedfcd532dab458ada7638aa7af93be48d4776bbf364461b1e846649c01a83ca
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
ced9271e0768d786f6f034caae95305e1e8ad4c18a59a6dd64760cf3735bdf49
d15a81f57f3dcb09b67ebb8b52303d2fba99a8bd6adfe3995d350f458a80b4d2
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d989b2cf32e5b37ff297e055e9ef287318567c417982df49c3d73e55555638d6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df55830dcb9e96c47638399e38c4edbe518bb9adf1ebcea98e082ff74ef7ce04
e288bef1d616c5a9de347f10de95ed5aaada81f805de1079add243ed7a39576a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4408ef73e414f99943a71026429552e15d31612aeeb54493c66ff3d01f5ae84
e8f92b5ff956511a05ce9eb38bf21f53df099fe3e77a7a94cffd3c40e60eec1c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f049b6f65d6177d061f64913f1abde42ac456503b3d5419c1cf7ebbf4b458bda
f060730c61830ba0cd5b018d0edf752ad57801599394a2f890fd5931e4998eb4
f5a1dfb418a5392189c8badb5157fabf288ee166bedb4886d71c1876130dfcf9
fc4c83485900ff13c8557b29c00496f3d77445d586dd787e8653b4bfe2150ce1
fdcc04ff2d8ec3dfbb173c8acf0ca018076f69fb4af357f18d2c849a2362cba4
fec5719e8cd5a06b7792ecfed30d024889a9148d961810649c092541ff67572c

astrotarotreading.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

94 %HTTPS

80 %IPv6

13 Domains

17 Subdomains

13 IPs

4 Countries

6793 kBTransfer

8307 kBSize

10 Cookies

1 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

astrotarotreading.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

94 %
HTTPS

80 %
IPv6

13
Domains

17
Subdomains

13
IPs

4
Countries

6793 kB
Transfer

8307 kB
Size

10
Cookies

68 HTTP transactions
0 data transactions