www.mysticscripts.com Open in urlscan Pro
104.237.52.106 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lodha.org/
Effective URL:
http://www.mysticscripts.com/
Submission: On October 11 via api (October 11th 2019, 11:04:04 pm UTC) from DE

Summary HTTP 73 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 14 domains to perform 73 HTTP transactions. The main IP is 104.237.52.106, located in Los Angeles, United States and belongs to WEBNX - WebNX, Inc., US. The main domain is www.mysticscripts.com.

This is the only time www.mysticscripts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	204.11.58.194 204.11.58.194	394695 (PUBLIC-DO...) (PUBLIC-DOMAIN-REGISTRY - PDR)
2	104.237.52.106 104.237.52.106	18450 (WEBNX) (WEBNX - WebNX)
1	13.224.197.191 13.224.197.191	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	54.192.94.173 54.192.94.173	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
34	13.224.197.110 13.224.197.110	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY - Fastly)
1 3	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
4	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 3	2.16.186.80 2.16.186.80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:816::200d	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER - Twitter Inc.)
73	19

1 204.11.58.194 (Burlington, United States) 1 redirects

ASN394695 (PUBLIC-DOMAIN-REGISTRY - PDR, US)

lodha.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.237.52.106 (Los Angeles, United States)

ASN18450 (WEBNX - WebNX, Inc., US)
PTR: 104-237-52-106.static.webnx.com

www.mysticscripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.197.191 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-197-191.fra2.r.cloudfront.net

d196idvv7qapsh.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.192.94.173 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-94-173.fra2.r.cloudfront.net

d1mrqj0z3ckrq2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 13.224.197.110 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-197-110.fra2.r.cloudfront.net

d1kiol0bszgfa4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.186.80 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-80.deploy.static.akamaitechnologies.com

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	cloudfront.net d196idvv7qapsh.cloudfront.net d1mrqj0z3ckrq2.cloudfront.net d1kiol0bszgfa4.cloudfront.net	752 KB
8	google.com 1 redirects www.google.com cse.google.com adservice.google.com apis.google.com accounts.google.com	102 KB
5	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	102 B
5	twitter.com platform.twitter.com syndication.twitter.com	31 KB
3	scorecardresearch.com 1 redirects b.scorecardresearch.com	2 KB
3	facebook.com staticxx.facebook.com www.facebook.com
3	google-analytics.com 1 redirects www.google-analytics.com	17 KB
3	googlesyndication.com pagead2.googlesyndication.com	150 KB
2	taboola.com cdn.taboola.com	122 KB
2	facebook.net connect.facebook.net	58 KB
2	mysticscripts.com www.mysticscripts.com	89 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	171 B
1	lodha.org 1 redirects lodha.org	244 B
73	14

	Domain	Requested by
34	d1kiol0bszgfa4.cloudfront.net	www.mysticscripts.com connect.facebook.net d1mrqj0z3ckrq2.cloudfront.net
4	apis.google.com	www.mysticscripts.com apis.google.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	platform.twitter.com	www.mysticscripts.com platform.twitter.com
3	b.scorecardresearch.com	1 redirects cdn.taboola.com www.mysticscripts.com
3	www.google-analytics.com	1 redirects www.mysticscripts.com
3	pagead2.googlesyndication.com	www.mysticscripts.com pagead2.googlesyndication.com
3	d1mrqj0z3ckrq2.cloudfront.net	www.mysticscripts.com
2	www.facebook.com	www.mysticscripts.com connect.facebook.net
2	cdn.taboola.com	www.mysticscripts.com cdn.taboola.com
2	connect.facebook.net	www.mysticscripts.com connect.facebook.net
2	www.mysticscripts.com	www.mysticscripts.com
1	syndication.twitter.com	www.mysticscripts.com
1	accounts.google.com	apis.google.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	staticxx.facebook.com	connect.facebook.net
1	stats.g.doubleclick.net	www.mysticscripts.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	cse.google.com	www.mysticscripts.com
1	www.google.com	1 redirects
1	d196idvv7qapsh.cloudfront.net	www.mysticscripts.com
1	lodha.org	1 redirects
73	23

This site contains links to these domains. Also see Links.

Domain
www.facebook.com

Subject Issuer	Validity	Valid
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-09-22` - `2019-12-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh

This page contains 12 frames:

Primary Page: http://www.mysticscripts.com/
Frame ID: 97319DBF84FDD77D88A6E1A2CCF79E2A
Requests: 62 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191003/r20190131/zrt_lookup.html
Frame ID: FDE41C888E43C0B4FFA969AA4CFFD1BD
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 3AC86C8CFBD5326457E9EB412A208E1E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2996762700662197&output=html&adk=1812271804&adf=3025194257&lmt=1570835027&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.mysticscripts.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1570835027789&bpp=4&bdt=70&fdt=48&idt=48&shv=r20191003&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=4137986182565&frm=20&pv=2&ga_vid=1085818211.1570835028&ga_sid=1570835028&ga_hid=1356428374&ga_fc=1&iag=0&icsg=33554600&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20199335%2C21064715&oid=3&pvsid=3321940019385461&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=58
Frame ID: D592D00B49D689C6372FC03957C682DE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2996762700662197&output=html&h=90&slotname=4482529471&adk=650422465&adf=3018247092&w=728&lmt=1570835027&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.mysticscripts.com%2F&flash=0&wgl=1&adsid=NT&dt=1570835027876&bpp=6&bdt=158&fdt=7&idt=7&shv=r20191003&cbv=r20190131&saldr=sa&abxe=1&prev_fmts=0x0&nras=1&correlator=4137986182565&frm=20&pv=1&ga_vid=1085818211.1570835028&ga_sid=1570835028&ga_hid=1356428374&ga_fc=1&iag=0&icsg=671089314&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=306&ady=272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20199335%2C21064715&oid=3&pvsid=3321940019385461&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&xpc=RR7Bo8GnJM&p=http%3A//www.mysticscripts.com&dtd=12
Frame ID: 8622CACDD3949AC667A0831301804776
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FMystic-Scripts%2F142532412485701&width=160&colorscheme=dark&show_faces=true&stream=false&header=true&height=400
Frame ID: 59EFC8A6261B2717F134E4600DF2E7E0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2996762700662197&output=html&h=600&slotname=8827347983&adk=3255493761&adf=3803152997&w=160&lmt=1570835027&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.mysticscripts.com%2F&flash=0&wgl=1&adsid=NT&dt=1570835027904&bpp=5&bdt=186&fdt=5&idt=5&shv=r20191003&cbv=r20190131&saldr=sa&abxe=1&prev_fmts=0x0&prev_slotnames=4482529471&nras=1&correlator=4137986182565&frm=20&pv=1&ga_vid=1085818211.1570835028&ga_sid=1570835028&ga_hid=1356428374&ga_fc=1&iag=0&icsg=2684357258&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1084&ady=1221&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335%2C21064715&oid=3&pvsid=3321940019385461&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Ssx4tRNmHM&p=http%3A//www.mysticscripts.com&dtd=8
Frame ID: C0B2A4C6C552C2664D87DDC9649A81EA
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=small&annotation=inline&width=240&origin=http%3A%2F%2Fwww.mysticscripts.com&url=http%3A%2F%2Fwww.mysticscripts.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.ysvV9EtEi0w.O%2Fam%3DwQE%2Fd%3D1%2Frs%3DAGLTcCMcYZL5zQsWyujyfqZUWUukFuVxmQ%2Fm%3D__features__
Frame ID: F0E0E7092EB4A9FA8C97FFEB2D366D64
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.mysticscripts.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.ysvV9EtEi0w.O%2Fam%3DwQE%2Fd%3D1%2Frs%3DAGLTcCMcYZL5zQsWyujyfqZUWUukFuVxmQ%2Fm%3D__features__
Frame ID: E7FAC5C0BF921B769EB3BE483FF829B8
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.e3a0e1b01ae601b6c9cf798a93ab7e69.html?origin=http%3A%2F%2Fwww.mysticscripts.com
Frame ID: E5721EC72E3CC0360F3785D3EF176470
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df48b539fc49b2c%26domain%3Dwww.mysticscripts.com%26origin%3Dhttp%253A%252F%252Fwww.mysticscripts.com%252Ff1b3b325f7aaf9%26relation%3Dparent.parent&container_width=0&font=tahoma&href=http%3A%2F%2Fwww.facebook.com%2Fmysticscripts&locale=en_US&sdk=joey&send=false&show_faces=false&width=240
Frame ID: 532E9A68A1722B0E9ABFFD6F70421171
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.e3a0e1b01ae601b6c9cf798a93ab7e69.en.html
Frame ID: E4FC34AE94CEEFF211AF4B8F9F85EE0D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://lodha.org/ HTTP 301
http://www.mysticscripts.com/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /apis\.google\.com\/js\/[a-z]*\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui.*\.js/i

Page Statistics

73
Requests

36 %
HTTPS

62 %
IPv6

14
Domains

23
Subdomains

19
IPs

5
Countries

1351 kB
Transfer

2367 kB
Size

12
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/MysticScripts
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lodha.org/ HTTP 301
http://www.mysticscripts.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 8

http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 302
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request Chain 11

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 17

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1783687189&utmhn=www.mysticscripts.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Mystic%20Scripts%20-%20Free%20Astrology%2C%20Numerology%2C%20Psychic%2C%20Tarot%20Readings!&utmhid=1356428374&utmr=-&utmp=%2F&utmht=1570835027804&utmac=UA-431984-2&utmcc=__utma%3D241774110.1085818211.1570835028.1570835028.1570835028.1%3B%2B__utmz%3D241774110.1570835028.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=809282128&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1783687189&utmhn=www.mysticscripts.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Mystic%20Scripts%20-%20Free%20Astrology%2C%20Numerology%2C%20Psychic%2C%20Tarot%20Readings!&utmhid=1356428374&utmr=-&utmp=%2F&utmht=1570835027804&utmac=UA-431984-2&utmcc=__utma%3D241774110.1085818211.1570835028.1570835028.1570835028.1%3B%2B__utmz%3D241774110.1570835028.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=809282128&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-431984-2&cid=1085818211.1570835028&jid=809282128&_v=5.7.2&z=1783687189

Request Chain 54

http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FMystic-Scripts%2F142532412485701&width=160&colorscheme=dark&show_faces=true&stream=false&header=true&height=400 HTTP 307
https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FMystic-Scripts%2F142532412485701&width=160&colorscheme=dark&show_faces=true&stream=false&header=true&height=400

Request Chain 63

http://b.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1570835028002&ns_c=windows-1252&cv=3.1&c8=Mystic%20Scripts%20-%20Free%20Astrology%2C%20Numerology%2C%20Psychic%2C%20Tarot%20Readings!&c7=http%3A%2F%2Fwww.mysticscripts.com%2F&c9= HTTP 302
http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1570835028002&ns_c=windows-1252&cv=3.1&c8=Mystic%20Scripts%20-%20Free%20Astrology%2C%20Numerology%2C%20Psychic%2C%20Tarot%20Readings!&c7=http%3A%2F%2Fwww.mysticscripts.com%2F&c9=

Request Chain 71

http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=1565277585&utmhn=www.mysticscripts.com&utmt=event&utme=5(Time*Log*0%3A10)&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Mystic%20Scripts%20-%20Free%20Astrology%2C%20Numerology%2C%20Psychic%2C%20Tarot%20Readings!&utmhid=1356428374&utmr=-&utmp=%2F&utmht=1570835038186&utmac=UA-431984-2&utmcc=__utma%3D241774110.1085818211.1570835028.1570835028.1570835028.1%3B%2B__utmz%3D241774110.1570835028.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6AAAAAAAAAAAAAAAAAQAAAgE~ HTTP 307
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=1565277585&utmhn=www.mysticscripts.com&utmt=event&utme=5(Time*Log*0%3A10)&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Mystic%20Scripts%20-%20Free%20Astrology%2C%20Numerology%2C%20Psychic%2C%20Tarot%20Readings!&utmhid=1356428374&utmr=-&utmp=%2F&utmht=1570835038186&utmac=UA-431984-2&utmcc=__utma%3D241774110.1085818211.1570835028.1570835028.1570835028.1%3B%2B__utmz%3D241774110.1570835028.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6AAAAAAAAAAAAAAAAAQAAAgE~

73 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.mysticscripts.com/
Redirect Chain

http://lodha.org/
http://www.mysticscripts.com/

30 KB
31 KB

323ms
174ms

Document
text/html

104.237.52.106
WebNX

General

Check archive.org

Show headers Download Go to

Full URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 104.237.52.106 Los Angeles, United States, ASN18450 (WEBNX - WebNX, Inc., US),
Reverse DNS: 104-237-52-106.static.webnx.com
Software: Apache /
Resource Hash: ac68d5631532ee5ecaf3d04dde2047df833f652e52482704a9cf3b9ca2a00994

Request headers

Host: www.mysticscripts.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:47 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

Redirect headers

Server: nginx
Date: Fri, 11 Oct 2019 23:03:47 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: GOFORIT
Location: http://www.mysticscripts.com

GET
H/1.1 200
OK style.css
d196idvv7qapsh.cloudfront.net/ 63 KB
64 KB 16ms
9ms Stylesheet
text/css 13.224.197.191
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d196idvv7qapsh.cloudfront.net/style.css
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.191 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-191.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7612d8d8f05c10b247da37cb1d6a88faf42c420ca13c92539a9518b4a8207120

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 06 Oct 2019 21:57:46 GMT
Via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
Last-Modified: Mon, 19 Mar 2012 09:27:17 GMT
Server: AmazonS3
Age: 49857
ETag: "b01d3a9ac7292fc2cec7069d4cadba03"
X-Cache: Hit from cloudfront
Content-Type: text/css
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 64660
X-Amz-Cf-Id: zN-h6ClSSmmvQFr-R_Z32zzmmqGVQxULVHNngP-s4mTmNOh6ZMfMIQ==

GET
H/1.1 200
OK getsubmenu.js Show response
d1mrqj0z3ckrq2.cloudfront.net/ 3 KB
4 KB 13ms
6ms Script
application/octet-stream 54.192.94.173
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d1mrqj0z3ckrq2.cloudfront.net/getsubmenu.js
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 54.192.94.173 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-173.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 49195b83079a639e6aca36da505fc42048d1e7a906acce69a3a61df3acd8b2d1

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 11:48:14 GMT
Via: 1.1 6558236a06004e2e5ed43d07e2124e70.cloudfront.net (CloudFront)
Last-Modified: Mon, 19 Mar 2012 09:26:40 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2
ETag: "fb19cb118557a1290c3533d50e252bda"
X-Cache: Hit from cloudfront
Content-Type: application/octet-stream
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3205
X-Amz-Cf-Id: ATsE0hWYb1HFd3nkMUbPJrQu1pEqWM60P_vxNd4veDMa5nJo8l4ZSQ==

GET
H/1.1 200
OK jquery.min.js Show response
d1mrqj0z3ckrq2.cloudfront.net/ 82 KB
83 KB 13ms
7ms Script
application/octet-stream 54.192.94.173
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d1mrqj0z3ckrq2.cloudfront.net/jquery.min.js
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 54.192.94.173 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-173.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b41de32075471d4673e98e30b1d1814d890b9a216be2f84216a238004933589d

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 11:48:14 GMT
Via: 1.1 a907498188cf5fbb13fb98b2dcde84cd.cloudfront.net (CloudFront)
Last-Modified: Tue, 07 Feb 2012 12:39:05 GMT
Server: AmazonS3
Age: 30
ETag: "63c1bc2eb898f68b943e1b0fdd98c746"
X-Cache: Hit from cloudfront
Content-Type: application/octet-stream
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2
Accept-Ranges: bytes
Content-Length: 84362
X-Amz-Cf-Id: mf67QC_WbBHFq2qFOfnpKqUkg6acHA5zIBPdLsFA153AscOjzPAQFw==

GET
H/1.1 200
OK jquery-ui.min.js Show response
d1mrqj0z3ckrq2.cloudfront.net/ 192 KB
192 KB 13ms
7ms Script
application/octet-stream 54.192.94.173
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d1mrqj0z3ckrq2.cloudfront.net/jquery-ui.min.js
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 54.192.94.173 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-173.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9045df73f3f1dbc7ef5bd4046c4e684f1e23f2978032f661d18cef84debb99b1

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 11:48:14 GMT
Via: 1.1 42eda27a8f21acb511ddb91858ee5d5b.cloudfront.net (CloudFront)
Last-Modified: Tue, 07 Feb 2012 12:39:01 GMT
Server: AmazonS3
Age: 30
ETag: "ef9bab0c0f32c450ea163966c74f1c1a"
X-Cache: Hit from cloudfront
Content-Type: application/octet-stream
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2
Accept-Ranges: bytes
Content-Length: 196578
X-Amz-Cf-Id: 1LzQ_VJOhYtzH0nghK9xVJ3QajV2EKgZmXUcX65ksgL0L4vUdMPAew==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 12ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A6) /
Resource Hash: 90476f48e0b8a9f9c5c11fd16f13fc6a8772fe281d12c8e63153a6f948cdd348

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 20:25:42 GMT
Server: ECS (fcn/41A6)
Etag: "1d8d0709ed691e2bc0472dbfc17c8abd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28700

GET
H2

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
2 KB

18ms
6ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

36c99f223d6d9405832934741164b981ba44c98153a8795cf8de10cad5777ad1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: mR4R/LixQiWnVOETiCt9sg==
status: 200
content-length: 1781
etag: "0da793a16c4bec4fcf3cb4b07fe68db5"
x-fb-debug: yxX2f+ccEnl8rIEpH3ZRxv0mo6o4kBB6dMvITZBgNb+lyuEf6UMSJCi9RDJ4LetBAfVlzQXVRUE1UtZuhf9Z4Q==
x-fb-trip-id: 1035547483
x-fb-content-md5: c18057bc9eb54d728ebbfde0ebed2b25
x-frame-options: DENY
date: Fri, 11 Oct 2019 23:03:47 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 11 Oct 2019 23:12:38 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js#xfbml=1
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 103 KB
36 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:800::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7fa9d325558a8c877fe52b509a8dce8cd63107f08617fb9f8e3247be5885df81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 11 Oct 2019 23:03:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 10673192029995764333
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 36814
X-XSS-Protection: 0
Expires: Fri, 11 Oct 2019 23:03:47 GMT

GET
H/1.1 200
OK logo.jpg
d1kiol0bszgfa4.cloudfront.net/images/header/ 18 KB
19 KB 35ms
6ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/header/logo.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0fd4085b6a9cd540ac00761e9ee893847cc65a678c847e1210d4d3737354ab0c

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 10 Oct 2019 17:59:37 GMT
Via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 13:40:24 GMT
Server: AmazonS3
Age: 14129
ETag: "438830f702b86ab88f6c0d3aba689687"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 18594
X-Amz-Cf-Id: 29y99_Dk4bf4LzvUNJSfxE9GDyFerdR9jkCVA3WO_X6RHDlcpv-FwA==

GET
H2

200

brand Show response
cse.google.com/coop/cse/
Redirect Chain

http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en

3 KB
1 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:800::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en

Requested by

Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

pfe /

Resource Hash

4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 22:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: pfe
age: 697
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1181
x-xss-protection: 0
expires: Fri, 11 Oct 2019 23:22:10 GMT

Redirect headers

Date: Fri, 11 Oct 2019 23:03:47 GMT
X-Content-Type-Options: nosniff
Server: sffe
Content-Type: text/html; charset=UTF-8
Location: https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
Cache-Control: private
Content-Length: 266
X-XSS-Protection: 0

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 186 KB
56 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=b4457f12db9c9587eb24d99250157e7d&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

5c348e95318786d0c843ad66dbad69d3df6282a0b0bf115470a10ea0ca233b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: cors
Referer: http://www.mysticscripts.com/
Origin: http://www.mysticscripts.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 56E8xpwF+YzapixVxNarnw==
status: 200
content-length: 56410
etag: "60c9a7cd5d3049d8bb7512a41b478dd1"
x-fb-debug: tvmcW+YvGSTIEFD6lMw6zw1RaWCm25vq/4mfj87CeN1uLx1Qu7luBfHOrM9yJNF9NJy6pZDtK5ZCqRDoKvkm1g==
x-fb-trip-id: 1035547483
x-fb-content-md5: b5d18a2690a597010fff565aa51f6026
x-frame-options: DENY
date: Fri, 11 Oct 2019 23:03:47 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Sat, 10 Oct 2020 20:27:52 GMT

GET
H/1.1 200
OK loader.js Show response
cdn.taboola.com/libtrc/netalways-mysticscripts/ 71 KB
18 KB 202ms
196ms Script
application/javascript 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/netalways-mysticscripts/loader.js
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e18a1d50632994140a0148d0a9fef4c8e2cc20585aa788223bc831ca66147028

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: tTATQIvXuNaw00S0_eTy4FpQCSpP.ZKt
Content-Encoding: gzip
ETag: "064d8fc96cae85f290cae9b676cdf051"
Age: 0
X-Cache: HIT
Connection: keep-alive
Content-Length: 17543
x-amz-id-2: wqyMIB3R90wgip6vCC4IxEObRzXPK9kM95wPt44RL9yuTlYLT87JHzfTM7kTxgxKT998E87AxPc=
X-Served-By: cache-hhn4082-HHN
Last-Modified: Mon, 28 Jan 2019 11:09:42 GMT
Server: AmazonS3
X-Timer: S1570835028.785709,VS0,VE191
Date: Fri, 11 Oct 2019 23:03:47 GMT
Vary: Accept-Encoding
x-amz-request-id: 5FFDF64BE4A476F0
Via: 1.1 varnish
Cache-Control: private,max-age=14401
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 34
X-Cache-Hits: 1

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

5ms
5ms

Script
text/javascript

2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 3448
date: Fri, 11 Oct 2019 22:06:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17168
expires: Sat, 12 Oct 2019 00:06:19 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK header-sprite.jpg
d1kiol0bszgfa4.cloudfront.net/images/all/ 17 KB
18 KB 6ms
6ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/all/header-sprite.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d6d3ef77b6caa0b4a74b988aa96ced3b630ba3d733fcf327a827a3cc713305e

Request headers

Referer: http://d196idvv7qapsh.cloudfront.net/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 20:21:58 GMT
Via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
Last-Modified: Thu, 16 Feb 2012 10:25:03 GMT
Server: AmazonS3
Age: 9710
ETag: "4a6bcad8c8901935165f0d13b240b183"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 17471
X-Amz-Cf-Id: D8UTeHTMygddzmiAUqsfX91xloVpq8VzyBmNNCU8eeNQy1agLUjDZg==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.mysticscripts.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Oct 2019 23:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.mysticscripts.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Oct 2019 23:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20191003/r20190131/ 232 KB
86 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20191003/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

6df5a2fc07e8b543b7428df746cf2d2b79fc5e44eaa58a7e193edca54f3acf4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 23:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 87365
x-xss-protection: 0
server: cafe
etag: 4488748446277364222
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Oct 2019 23:03:47 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191003/r20190131/ Frame FDE4 0
0 6ms
6ms Document
text/html 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20191003/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20191003/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://www.mysticscripts.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://www.mysticscripts.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 10 Oct 2019 01:03:25 GMT
expires: Thu, 24 Oct 2019 01:03:25 GMT
content-type: text/html; charset=UTF-8
etag: 8648543205226238674
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 7402
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 165622
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1783687189&utmhn=www.mysticscripts.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1783687189&utmhn=www.mysticscripts.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-431984-2&cid=1085818211.1570835028&jid=809282128&_v=5.7.2&z=1783687189

35 B
102 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c00::9a
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-431984-2&cid=1085818211.1570835028&jid=809282128&_v=5.7.2&z=1783687189

Requested by

Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Oct 2019 23:03:47 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Oct 2019 23:03:47 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-431984-2&cid=1085818211.1570835028&jid=809282128&_v=5.7.2&z=1783687189
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 368
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame 3AC8 0
0 7ms
6ms Document
text/html 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=b4457f12db9c9587eb24d99250157e7d&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://www.mysticscripts.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://www.mysticscripts.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Sat, 10 Oct 2020 19:43:33 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: 9NJGbVCIuE1hwo/mTpnoVQCfrLMQ89g9zANwwU7kZ4FnFUgAln0eCAXBvE+oAcIFmAEYw1+9iIzJcuHxeAGKig==
content-length: 11767
x-fb-trip-id: 1035547483
date: Fri, 11 Oct 2019 23:03:47 GMT

GET
H/1.1 200
OK bullet_arrow.gif
d1kiol0bszgfa4.cloudfront.net/images/menu/ 46 B
544 B 8ms
8ms Image
image/gif 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/menu/bullet_arrow.gif
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=b4457f12db9c9587eb24d99250157e7d&ua=modern_es6
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df0c1324bd3aec90da0583b3bdbfc10b844ba5a52df358d4210c17b424deee16

Request headers

Referer: http://d196idvv7qapsh.cloudfront.net/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 12:39:36 GMT
Server: AmazonS3
Age: 29
ETag: "e948fe4cc1ea440f79f32f6437586be8"
X-Cache: Hit from cloudfront
Content-Type: image/gif
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 46
X-Amz-Cf-Id: EqEOFMV_Nb3tsq7i0ONocrXGyugSOS4Jy4yT_ntho_CHCijYmpKqXg==

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame D592 0
0 46ms
46ms Document
text/html 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2996762700662197&output=html&adk=1812271804&adf=3025194257&lmt=1570835027&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.mysticscripts.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1570835027789&bpp=4&bdt=70&fdt=48&idt=48&shv=r20191003&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=4137986182565&frm=20&pv=2&ga_vid=1085818211.1570835028&ga_sid=1570835028&ga_hid=1356428374&ga_fc=1&iag=0&icsg=33554600&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20199335%2C21064715&oid=3&pvsid=3321940019385461&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=58

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191003/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2996762700662197&output=html&adk=1812271804&adf=3025194257&lmt=1570835027&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.mysticscripts.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1570835027789&bpp=4&bdt=70&fdt=48&idt=48&shv=r20191003&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=4137986182565&frm=20&pv=2&ga_vid=1085818211.1570835028&ga_sid=1570835028&ga_hid=1356428374&ga_fc=1&iag=0&icsg=33554600&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20199335%2C21064715&oid=3&pvsid=3321940019385461&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=58
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://www.mysticscripts.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://www.mysticscripts.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 11 Oct 2019 23:03:47 GMT
server: cafe
content-length: 481
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 11-Oct-2019 23:18:47 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Fri, 11 Oct 2019 23:03:47 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 77 KB
28 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:800::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191003/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

128869a25131fc642133dda16f4e88b723e1623e20234a39d260a1f0267c518f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 23:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1570792838566027"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
expires: Fri, 11 Oct 2019 23:03:47 GMT

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 77 KB
28 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:800::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

3b03d6063e2cb999b26d8b954554ea4afb55b279e7c9930c3a8688c59e29bf69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 11 Oct 2019 23:03:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 13616018585258236915
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 28222
X-XSS-Protection: 0
Expires: Fri, 11 Oct 2019 23:03:47 GMT

GET
H/1.1 200
OK astrology.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 12 KB
12 KB 6ms
6ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/astrology.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 503d8793f390a9778c09553dbf06de584a2aedbd9054c4786de7005ae9b1b1a4

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:18 GMT
Via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:43 GMT
Server: AmazonS3
Age: 30
ETag: "d38519f2c064d0a19278132b91327d9a"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 11810
X-Amz-Cf-Id: TsjVXazJaSvnZdhBzlMh1td_1kHEtc5gpl9I6uSHZYoUaCXJ3K8e3w==

GET
H/1.1 200
OK numerology.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 11 KB
12 KB 11ms
6ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/numerology.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 61433fd9f1ef2b6b9731c444c33b9a68682590f5cce1a3e7c44ed1d4c486828c

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:51 GMT
Server: AmazonS3
Age: 29
ETag: "9db4041e9dbcfd9ab4dbbd5ca7889199"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 11532
X-Amz-Cf-Id: 0GG1954RUkiGJ1a2N50INxugJGIpKltws1WV4yGdURwUMX8QFdfeMA==

GET
H/1.1 200
OK tarot.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 9 KB
10 KB 12ms
6ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/tarot.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b2c156a207a283ff5e1416a007e10ce78cf8b87da41d1057f736c9c217c5fa94

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:54 GMT
Server: AmazonS3
Age: 29
ETag: "23b91a5e4ca8d57e65b8d189253e2a48"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 9505
X-Amz-Cf-Id: l3dluBbGhilqhOkKa6WtHkw2YyXDTcOz91JeCwiDi3d9tI5PrUT5UA==

GET
H/1.1 200
OK psychic.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 6 KB
7 KB 12ms
6ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/psychic.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16fe6767f25fa778cdaecb5b5af7d97020077e47a74cd6f48c294f728e18c938

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:54 GMT
Server: AmazonS3
Age: 29
ETag: "3cec15c408b4f8f89dc4c9ac50b158f5"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 6265
X-Amz-Cf-Id: T4O-h7BKd7AOV3faV1kMB1vf8_s1M-9FieWUYuHoFDuHhNI8qOeaXg==

GET
H/1.1 200
OK angel.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 7 KB
7 KB 12ms
6ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/angel.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63866f896fcaec7e309227dc08dd168aec05ccc6957e066d24d663bbc95b3f2f

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:43 GMT
Server: AmazonS3
Age: 29
ETag: "f5e390d70077b9aef5d48b7eda84180b"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 6978
X-Amz-Cf-Id: 3fhQIef64Bd1OcTZLJIDJfV1SWIaXyaSLlw896PPvkKr2YUPZZOU4Q==

GET
H/1.1 200
OK biorhythm.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 10 KB
11 KB 12ms
7ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/biorhythm.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dfcd6f70642236e269d6bef2981132d93d19c12b5dda5866f5e0c8c401734bd8

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:44 GMT
Server: AmazonS3
Age: 29
ETag: "c16210e29f77ef3c03da9d7008a0eec4"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 10570
X-Amz-Cf-Id: A5A3dGeervztYbQ0qvP4BvxtFE-LrA8tduf249yVPiOnG_Lazzmhiw==

GET
H/1.1 200
OK chakras.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 13 KB
13 KB 6ms
6ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/chakras.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ba5feaa75d8a226b3b2ff00bae76186db20d3b1709f0523715c0471f8620ca7

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:43 GMT
Server: AmazonS3
Age: 29
ETag: "025158cde8096a3adc48522a5c314f30"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 13215
X-Amz-Cf-Id: k4_KVcIphQsaTtDjx4BVXUUjSZgzB5U5JwmSjIN4Wra1juy21gRh8w==

GET
H/1.1 200
OK compatibility.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 13 KB
14 KB 7ms
6ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/compatibility.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88a50401236c3ccaeaa3a9b0c8bbd1b6669538c9fcb4b581a3fc45dd28cca2fe

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:44 GMT
Server: AmazonS3
Age: 29
ETag: "bbedb5965037ea9a00681d9ef5f5c4be"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 13710
X-Amz-Cf-Id: VrlxYIqBuM1Ajm2_eNab-h_Gj9ViRN_fp1zt-LOHFJAof3ddW8Vlrw==

GET
H/1.1 200
OK daily-horoscope.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 10 KB
10 KB 6ms
6ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/daily-horoscope.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a190e3d05879d928bef6696c718001b875879f13f04483ee5421ff63cb39b0f

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:43 GMT
Server: AmazonS3
Age: 29
ETag: "b03ffdcaa903e147c645684d2808077a"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 9933
X-Amz-Cf-Id: EpT7YCWzxP7iLyGbAAX5PdPQCXwAe-pz3nlx7Y7ldJ5FS7yepX_qdQ==

GET
H/1.1 200
OK dictionary.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 11 KB
12 KB 6ms
6ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/dictionary.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97bc41c7a3e7fecc705824df9c41db03ba881633c7287ad2d7b373fdd7660ad1

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:44 GMT
Server: AmazonS3
Age: 29
ETag: "c7caae767c59c541c484a47958b2d054"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 11547
X-Amz-Cf-Id: AU5M-Jc975eimRQ6hTlBtYLb0E0MWsz2aJF9OcKoiNjRdLxKIufW9Q==

GET
H/1.1 200
OK divination.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 9 KB
9 KB 6ms
6ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/divination.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 19ac5db7697b34fba6371e212f847bdabdff46de195d80e57bce46bc803e4ea6

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:47 GMT
Server: AmazonS3
Age: 29
ETag: "46ff8e74253ae21bcdcf5c1ecd39e583"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 9039
X-Amz-Cf-Id: lnLvcKqSFnLF_qX_tFmDDkE3A9_cVgZJhQZUSZZSpmG3O5jf-0ssaQ==

GET
H/1.1 200
OK dreams.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 9 KB
9 KB 6ms
6ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/dreams.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bde176ead20d7764cec583383728f6e146648f49944274078741b02e05a7b28d

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:47 GMT
Server: AmazonS3
Age: 29
ETag: "b0cd019f50d4eb49d0040eb00a6bb528"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 8820
X-Amz-Cf-Id: sbgkVhn7TXvqRDUclHMRQeHvHUHdd5QGG1NXKbv-fmCddoavqOzYag==

GET
H/1.1 200
OK feng-shui.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 9 KB
9 KB 6ms
6ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/feng-shui.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60e9a66023ecc9ce6827f102fab376ce7335d6fbb0cbcc5d67b983a8c94f3e82

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:47 GMT
Server: AmazonS3
Age: 29
ETag: "aea12017790da30cb76f749e22dd357a"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 8788
X-Amz-Cf-Id: 2indmFpj6BkVah9LIb8naNQ3lGe7iVqyjFtlqqYHZbnlm9iOtrWj3Q==

GET
H/1.1 200
OK gemology.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 8 KB
9 KB 6ms
6ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/gemology.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b14879fbb80093aa13c2b196e942b6b00312f14d652ef4c4f58721b2cbbe9b41

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:47 GMT
Server: AmazonS3
Age: 29
ETag: "44d6c3d297b7b910a81b53053b96eeb7"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 8548
X-Amz-Cf-Id: d0D4OaHXQ-afHA3HeJFatfLtKxo0V9J2Ql-UMmv93AgHUPTgeszk9g==

GET
H/1.1 200
OK health.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 11 KB
11 KB 7ms
6ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/health.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: deada158e32db61e67ff19b0180dfdccd4280784e9513d5401333f1ffde4c895

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:47 GMT
Server: AmazonS3
Age: 29
ETag: "7285fe6c347ffc8b0de47ac6a20a8f0b"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 10955
X-Amz-Cf-Id: tmXaEAFvpyi9SnooH4lYE2jsgki-ripeVxXEr8nLWvPdMmsz6DTozw==

GET
H/1.1 200
OK i-ching.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 9 KB
9 KB 6ms
6ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/i-ching.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06d3d5dc16545b786b4b08ab24fbd74bfcb6221b29d176d468932f45c01cc4fa

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:47 GMT
Server: AmazonS3
Age: 29
ETag: "63a4381860f23687cb48811cbe951629"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 8978
X-Amz-Cf-Id: cHz8UpZVlBpVXMJE1twkIIh-yTb5AHzRCUWbWG3GgTCTNOa6_we7vg==

GET
H/1.1 200
OK kabbalah.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 9 KB
9 KB 7ms
6ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/kabbalah.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8440a4e8781fa8a807acab15a098fea4ad89627b4388d09ce003f2b671534b84

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:47 GMT
Server: AmazonS3
Age: 29
ETag: "03b8030f1a8a26621ea5a0c383d28a61"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 8755
X-Amz-Cf-Id: FFx6CXKpsK6OaMT0tQmRv_SmfJJ2dSGB4sJIw54nkmWk1bZX2DMS3g==

GET
H/1.1 200
OK learning-tools.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 7 KB
8 KB 7ms
7ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/learning-tools.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f4a442b695fab78b34de93b5b13217d8d4af8225dc164869731e961ed56b6e39

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:48 GMT
Server: AmazonS3
Age: 29
ETag: "d43320da20051c921d12fdc9098932dd"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 7647
X-Amz-Cf-Id: X95gsMKF-XuUufij_rM_7f9Tg2bNEGTD2scqy5eNxlLlqEP4TRnSrA==

GET
H/1.1 200
OK magick.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 7 KB
7 KB 7ms
6ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/magick.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 641b262b3894554ea092241f2ece57eec60fab9616f38db4f4ee40ddff859791

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:51 GMT
Server: AmazonS3
Age: 29
ETag: "e6ea8416ff4dcedf9cf43a538b9d0f7b"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 6995
X-Amz-Cf-Id: G8jnjPjuUMH8XDoZrGMWWVJPY2pHjeoix5jcvKCaNgCm_UGC0AMIAQ==

GET
H/1.1 200
OK miscellaneous.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 5 KB
5 KB 7ms
6ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/miscellaneous.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed015b2c66dea750a8d39a72be12cdd2f64cf4880e05097b2bbec64d89c293a2

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:50 GMT
Server: AmazonS3
Age: 29
ETag: "e55194799b6fa9a70f58ca1458c24416"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 5076
X-Amz-Cf-Id: 4XrBtxB_nVJe6o0qdda5NIWxIeWRA70DpVTmrTsDfaOhrqipecVsuw==

GET
H/1.1 200
OK oracle.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 10 KB
10 KB 7ms
7ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/oracle.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e56cb5c62408fa7c11ac1d502bb5f6ee6247d02c6b6a3dbfe459b420d48184e

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:51 GMT
Server: AmazonS3
Age: 29
ETag: "c9added2adeec3e393443c9b53baadde"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 10003
X-Amz-Cf-Id: fhAq2jbE2-7IfXGeog2Jt0zEVj2DNx72Z0zS497S8xOpHyQnPhRODw==

GET
H/1.1 200
OK pagan.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 10 KB
10 KB 7ms
6ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/pagan.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd770be1596d769ff72b69804247896a362fddb4a75e80b8fada31e1dee73b2a

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:51 GMT
Server: AmazonS3
Age: 29
ETag: "5e9fa0cc69803e78ef77f54ac6993b99"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 9795
X-Amz-Cf-Id: NWPi0BgDSyOI82aoo3z5JUCKP76pf5ThxyUOHD0ecyySRq-d6m2fsw==

GET
H/1.1 200
OK palmistry.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 8 KB
9 KB 6ms
6ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/palmistry.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cae18b5991e40c49d2c98658f736b53a4ac2d6b7082e830c04831b5dea300ee1

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:51 GMT
Server: AmazonS3
Age: 29
ETag: "62660009478745a747e7d9066fe4898f"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 8291
X-Amz-Cf-Id: dmqFgE6VBKUVn0PXQsEA1QCui8kN2hq-727gtV5sDcxNi17i_zMSbQ==

GET
H/1.1 200
OK personality-test.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 9 KB
9 KB 6ms
6ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/personality-test.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6af37d7d95d59b5f717469606e09bff1f1e8b2b35b6a617f3766f4021438567f

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:51 GMT
Server: AmazonS3
Age: 29
ETag: "9a320a66464c664af9e6ed0ab398a875"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 9154
X-Amz-Cf-Id: Dj2WBx4Ykl7dxPZxpMdADfCQFAH4q3g5a8XeIteDo1ENwBQkwFn-Eg==

GET
H/1.1 200
OK runes.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 9 KB
10 KB 8ms
8ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/runes.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf98cbceff27ae55a4cdce2505deba698bdd02c641e253071f50e7b70fdbb3cf

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:54 GMT
Server: AmazonS3
Age: 29
ETag: "00b37ced02ee36cbcf2fc7db83d997d6"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 9280
X-Amz-Cf-Id: 5c1hHA-UwLDtWZq0T826phwZnwgUkvZ-UtzeeZn9Q_0zfQmfR6mrXw==

GET
H/1.1 200
OK sabian.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 9 KB
9 KB 7ms
6ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/sabian.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e077416dfb990dec48a19c07cd70496ec18549ce086a68a8edd2faac475cbea

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:54 GMT
Server: AmazonS3
Age: 29
ETag: "59c06b6280f8509c731a1475806146ac"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 8810
X-Amz-Cf-Id: qgXgOiLiN7VXs_pz-I2ZtppgED8sdvWTDBiYOolnrZ5a3qkEXPC2aw==

GET
H/1.1 200
OK self-help.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 7 KB
8 KB 7ms
6ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/self-help.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7af9a1d204d9b6b9bbc472315d9f403179eb2afa2c72aa647de7a76a92c63ae8

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:54 GMT
Server: AmazonS3
Age: 29
ETag: "74dc1aed59df6e65940ca5bac1b5cc75"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 7654
X-Amz-Cf-Id: i4xHbsKtjD4WXIXFbOGDKBlLr78yluEGJAG-KS3fWMH04QZTuVxxDQ==

GET
H/1.1 200
OK zodiac.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 10 KB
11 KB 6ms
6ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/zodiac.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09d2e3c7629609496e32701a4620daaa4f1f11f3f8bfb03f9a7ebf88ae3dec9e

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:08:54 GMT
Server: AmazonS3
Age: 29
ETag: "80f299b5a3a6be2c968112599348bde2"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 10526
X-Amz-Cf-Id: fFdR6xEJueC7NKCgvr1V48oKl0J6uTZV_FVACrpcYfxG8jwUkMfJFw==

GET
H/1.1 403
Forbidden 2014.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 0
0 145ms
145ms Image
application/xml 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/2014.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H/1.1 200
OK search-res.js.php Show response
www.mysticscripts.com/javascript/ 58 KB
58 KB 169ms
169ms Script
text/html 104.237.52.106
WebNX

General

Check archive.org

Show headers Download Go to

Full URL: http://www.mysticscripts.com/javascript/search-res.js.php
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 104.237.52.106 Los Angeles, United States, ASN18450 (WEBNX - WebNX, Inc., US),
Reverse DNS: 104-237-52-106.static.webnx.com
Software: Apache /
Resource Hash: 6369f1738febaf65e96df11d470b745b5a918972e346915d0649944326fba4e5

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:47 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8622 0
0 220ms
219ms Document
text/html 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2996762700662197&output=html&h=90&slotname=4482529471&adk=650422465&adf=3018247092&w=728&lmt=1570835027&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.mysticscripts.com%2F&flash=0&wgl=1&adsid=NT&dt=1570835027876&bpp=6&bdt=158&fdt=7&idt=7&shv=r20191003&cbv=r20190131&saldr=sa&abxe=1&prev_fmts=0x0&nras=1&correlator=4137986182565&frm=20&pv=1&ga_vid=1085818211.1570835028&ga_sid=1570835028&ga_hid=1356428374&ga_fc=1&iag=0&icsg=671089314&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=306&ady=272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20199335%2C21064715&oid=3&pvsid=3321940019385461&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&xpc=RR7Bo8GnJM&p=http%3A//www.mysticscripts.com&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191003/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2996762700662197&output=html&h=90&slotname=4482529471&adk=650422465&adf=3018247092&w=728&lmt=1570835027&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.mysticscripts.com%2F&flash=0&wgl=1&adsid=NT&dt=1570835027876&bpp=6&bdt=158&fdt=7&idt=7&shv=r20191003&cbv=r20190131&saldr=sa&abxe=1&prev_fmts=0x0&nras=1&correlator=4137986182565&frm=20&pv=1&ga_vid=1085818211.1570835028&ga_sid=1570835028&ga_hid=1356428374&ga_fc=1&iag=0&icsg=671089314&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=306&ady=272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20199335%2C21064715&oid=3&pvsid=3321940019385461&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&xpc=RR7Bo8GnJM&p=http%3A//www.mysticscripts.com&dtd=12
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://www.mysticscripts.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://www.mysticscripts.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 11 Oct 2019 23:03:48 GMT
server: cafe
content-length: 20067
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 11-Oct-2019 23:18:47 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Fri, 11 Oct 2019 23:03:48 GMT
cache-control: private

GET
H2

200

likebox.php
www.facebook.com/plugins/ Frame 59EF
Redirect Chain

http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FMystic-Scripts%2F142532412485701&width=160&colorscheme=dark&show_faces=true&stream=false&header=true&height=400
https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FMystic-Scripts%2F142532412485701&width=160&colorscheme=dark&show_faces=true&stream=false&header=true&height...

0
0

60ms
48ms

Document
text/html

2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FMystic-Scripts%2F142532412485701&width=160&colorscheme=dark&show_faces=true&stream=false&header=true&height=400

Requested by

Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FMystic-Scripts%2F142532412485701&width=160&colorscheme=dark&show_faces=true&stream=false&header=true&height=400
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://www.mysticscripts.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.mysticscripts.com/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: 72poYJH0RSq4dahhR/mhQmPBEGUnPsO4GgBt90FIijo7pic2AhaC0ppfioeOl//oJKy0ZQkDpwwm/uFPRlzU6g==
date: Fri, 11 Oct 2019 23:03:47 GMT

Redirect headers

Location: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FMystic-Scripts%2F142532412485701&width=160&colorscheme=dark&show_faces=true&stream=false&header=true&height=400
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK product_frame_box.jpg
d1kiol0bszgfa4.cloudfront.net/images/productimages/ 862 B
1 KB 6ms
6ms Image
image/jpeg 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/productimages/product_frame_box.jpg
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4e43275a5a7d56d36651b50415477016ac7c38fa105dea1ef9dc16800703bb25

Request headers

Referer: http://d196idvv7qapsh.cloudfront.net/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:19 GMT
Via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 14:21:43 GMT
Server: AmazonS3
Age: 29
ETag: "cc5bb44c6f0c48dd900132150190741e"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 862
X-Amz-Cf-Id: KfyiAorCnLeLDsuAGSx8X3nFXWpGV6n15PwLWkIewaBUBD6mCzCeqA==

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame C0B2 0
0 212ms
212ms Document
text/html 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2996762700662197&output=html&h=600&slotname=8827347983&adk=3255493761&adf=3803152997&w=160&lmt=1570835027&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.mysticscripts.com%2F&flash=0&wgl=1&adsid=NT&dt=1570835027904&bpp=5&bdt=186&fdt=5&idt=5&shv=r20191003&cbv=r20190131&saldr=sa&abxe=1&prev_fmts=0x0&prev_slotnames=4482529471&nras=1&correlator=4137986182565&frm=20&pv=1&ga_vid=1085818211.1570835028&ga_sid=1570835028&ga_hid=1356428374&ga_fc=1&iag=0&icsg=2684357258&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1084&ady=1221&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335%2C21064715&oid=3&pvsid=3321940019385461&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Ssx4tRNmHM&p=http%3A//www.mysticscripts.com&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191003/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2996762700662197&output=html&h=600&slotname=8827347983&adk=3255493761&adf=3803152997&w=160&lmt=1570835027&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.mysticscripts.com%2F&flash=0&wgl=1&adsid=NT&dt=1570835027904&bpp=5&bdt=186&fdt=5&idt=5&shv=r20191003&cbv=r20190131&saldr=sa&abxe=1&prev_fmts=0x0&prev_slotnames=4482529471&nras=1&correlator=4137986182565&frm=20&pv=1&ga_vid=1085818211.1570835028&ga_sid=1570835028&ga_hid=1356428374&ga_fc=1&iag=0&icsg=2684357258&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1084&ady=1221&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335%2C21064715&oid=3&pvsid=3321940019385461&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Ssx4tRNmHM&p=http%3A//www.mysticscripts.com&dtd=8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://www.mysticscripts.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://www.mysticscripts.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 11 Oct 2019 23:03:48 GMT
server: cafe
content-length: 4429
x-xss-protection: 0
set-cookie: IDE=AHWqTUln6bHGowwh_ohoOkX80x6OWTSsxfmV3W1QHgX5abkTIsv5oEDao-w1n7Fz; expires=Wed, 04-Nov-2020 23:03:47 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Fri, 11 Oct 2019 23:03:48 GMT
cache-control: private

GET
H2 200 plusone.js Show response
apis.google.com/js/ 43 KB
17 KB 67ms
54ms Script
application/javascript 2a00:1450:4001:81f::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

d996e8927ae45383450bd8314f8bc89259a528aaa698231fe91d2295872d0496

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 23:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-U048Ezf1m8p37x9JrZXrGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "deb3e7b226abe725b3606240ebb6abf7"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Fri, 11 Oct 2019 23:03:47 GMT

GET
H/1.1 200
OK impl.343-11-RELEASE.js Show response
cdn.taboola.com/libtrc/ 367 KB
104 KB 6ms
6ms Script
application/javascript 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/impl.343-11-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/netalways-mysticscripts/loader.js
Protocol: HTTP/1.1
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5cfe33591c80e81705a8b867b97e48bbffd5b5a2ff97aa1b879595017acb3814

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: ENDG3tRfBDoYX5doDQXUVnap1nq6F.Uw
Content-Encoding: gzip
ETag: "9b6361f7ca9b07f7c3b72dd30a62c47c"
Age: 55
X-Cache: HIT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 105541
x-amz-id-2: nX47sVFWrRQ3kdiJKlGyUMwaYqaGDkk8uXiEh9/q6DWKSjc/YwDbhR+gn1nqAYCTMr21lhQArsU=
X-Served-By: cache-hhn4082-HHN
Last-Modified: Tue, 29 Jan 2019 21:25:10 GMT
Server: AmazonS3
X-Timer: S1570835028.990781,VS0,VE1
Date: Fri, 11 Oct 2019 23:03:47 GMT
Vary: Accept-Encoding
x-amz-request-id: C7312BBFCF4B1648
Via: 1.1 varnish
Cache-Control: private,max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 62
X-Cache-Hits: 1

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ 1 KB
1 KB 12ms
6ms Script
application/x-javascript 2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/netalways-mysticscripts/loader.js
Protocol: HTTP/1.1
Server: 2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:48 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 901
Expires: Sat, 12 Oct 2019 23:03:48 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ysvV9EtEi0w.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMcYZL5zQsWyujyfqZUWUukFuVxmQ/ 139 KB
49 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81f::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ysvV9EtEi0w.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMcYZL5zQsWyujyfqZUWUukFuVxmQ/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

aef6eeb769cc25d6f1776c5f7e97aef03258c9b5362d72f0d7955633eadf8f09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 19:41:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 01 Oct 2019 16:14:40 GMT
server: sffe
age: 12165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 49966
x-xss-protection: 0
expires: Sat, 10 Oct 2020 19:41:02 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ysvV9EtEi0w.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMcYZL5zQsWyujyfqZUWUukFuVxmQ/ 95 KB
34 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:81f::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ysvV9EtEi0w.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMcYZL5zQsWyujyfqZUWUukFuVxmQ/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

89b08196df1c9027e73d60d6d0a45a8684b186563984c2a6f71af3acc7ba01cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 12:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 01 Oct 2019 16:14:40 GMT
server: sffe
age: 210252
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 34215
x-xss-protection: 0
expires: Thu, 08 Oct 2020 12:39:35 GMT

GET
H2 404 fastbutton
apis.google.com/se/0/_/+1/ Frame F0E0 0
0 27ms
26ms Document
text/html 2a00:1450:4001:81f::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=small&annotation=inline&width=240&origin=http%3A%2F%2Fwww.mysticscripts.com&url=http%3A%2F%2Fwww.mysticscripts.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.ysvV9EtEi0w.O%2Fam%3DwQE%2Fd%3D1%2Frs%3DAGLTcCMcYZL5zQsWyujyfqZUWUukFuVxmQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=small&annotation=inline&width=240&origin=http%3A%2F%2Fwww.mysticscripts.com&url=http%3A%2F%2Fwww.mysticscripts.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.ysvV9EtEi0w.O%2Fam%3DwQE%2Fd%3D1%2Frs%3DAGLTcCMcYZL5zQsWyujyfqZUWUukFuVxmQ%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://www.mysticscripts.com/
accept-encoding: gzip, deflate, br
cookie: NID=189=UmKXSBBthdv3jVAikAdTYOftyTEEjsVaYc21Fuuqhe0TrvtZQoRjgw6LzLmccEy4DKF2BpRSIdzM3TgNGeWn-5kFCNao4rxHZwh_XFL03321SO3eC_h3tkmghDrKtkit7WKvx9gl3j--EYzKGznp7Eev6kAfexjotTF8y1k2vOI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://www.mysticscripts.com/

Response headers

status: 404
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 11 Oct 2019 23:03:48 GMT
content-security-policy-report-only: script-src 'report-sample' 'nonce-Zknoa3NhXfTd0FqppWh5qg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1

204
No Content

b2
b.scorecardresearch.com/
Redirect Chain

http://b.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1570835028002&ns_c=windows-1252&cv=3.1&c8=Mystic%20Scripts%20-%20Free%20Astrology%2C%20Numerology%2C%20Psychic%2C%20Tarot%20Re...
http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1570835028002&ns_c=windows-1252&cv=3.1&c8=Mystic%20Scripts%20-%20Free%20Astrology%2C%20Numerology%2C%20Psychic%2C%20Tarot%20R...

0
248 B

6ms
6ms

Image
text/plain

2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1570835028002&ns_c=windows-1252&cv=3.1&c8=Mystic%20Scripts%20-%20Free%20Astrology%2C%20Numerology%2C%20Psychic%2C%20Tarot%20Readings!&c7=http%3A%2F%2Fwww.mysticscripts.com%2F&c9=
Requested by: Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/
Protocol: HTTP/1.1
Server: 2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Oct 2019 23:03:48 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1570835028002&ns_c=windows-1252&cv=3.1&c8=Mystic%20Scripts%20-%20Free%20Astrology%2C%20Numerology%2C%20Psychic%2C%20Tarot%20Readings!&c7=http%3A%2F%2Fwww.mysticscripts.com%2F&c9=
Pragma: no-cache
Date: Fri, 11 Oct 2019 23:03:48 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame E7FA 0
0 55ms
43ms Document
text/html 2a00:1450:4001:816::200d
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.mysticscripts.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.ysvV9EtEi0w.O%2Fam%3DwQE%2Fd%3D1%2Frs%3DAGLTcCMcYZL5zQsWyujyfqZUWUukFuVxmQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ysvV9EtEi0w.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMcYZL5zQsWyujyfqZUWUukFuVxmQ/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OubwG9pQc5kRWy2JpEtFSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.mysticscripts.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.ysvV9EtEi0w.O%2Fam%3DwQE%2Fd%3D1%2Frs%3DAGLTcCMcYZL5zQsWyujyfqZUWUukFuVxmQ%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://www.mysticscripts.com/
accept-encoding: gzip, deflate, br
cookie: NID=189=UmKXSBBthdv3jVAikAdTYOftyTEEjsVaYc21Fuuqhe0TrvtZQoRjgw6LzLmccEy4DKF2BpRSIdzM3TgNGeWn-5kFCNao4rxHZwh_XFL03321SO3eC_h3tkmghDrKtkit7WKvx9gl3j--EYzKGznp7Eev6kAfexjotTF8y1k2vOI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://www.mysticscripts.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 11 Oct 2019 23:03:48 GMT
content-security-policy: script-src 'report-sample' 'nonce-OubwG9pQc5kRWy2JpEtFSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK footer_bg.png
d1kiol0bszgfa4.cloudfront.net/images/footer/ 101 KB
102 KB 7ms
6ms Image
image/png 13.224.197.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1kiol0bszgfa4.cloudfront.net/images/footer/footer_bg.png
Requested by: Host: d1mrqj0z3ckrq2.cloudfront.net
URL: http://d1mrqj0z3ckrq2.cloudfront.net/jquery.min.js
Protocol: HTTP/1.1
Server: 13.224.197.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 34b9effb0c59cfc49442ab45b7ca9f1d3316edbeaf063cd64af67ae4127c5219

Request headers

Referer: http://d196idvv7qapsh.cloudfront.net/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 10 Oct 2019 17:59:38 GMT
Via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Feb 2012 12:39:34 GMT
Server: AmazonS3
Age: 17929
ETag: "e3f0dd2efd8c297192f3d7a141847f02"
X-Cache: Hit from cloudfront
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 103861
X-Amz-Cf-Id: HHJiILRBZP1BMltbGFHHB2a2WLGUPuRwB_0N-YchsXjyAd_Cu_miLg==

GET
H/1.1 200
OK widget_iframe.e3a0e1b01ae601b6c9cf798a93ab7e69.html
platform.twitter.com/widgets/ Frame E572 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.e3a0e1b01ae601b6c9cf798a93ab7e69.html?origin=http%3A%2F%2Fwww.mysticscripts.com
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40EB) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://www.mysticscripts.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://www.mysticscripts.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 11 Oct 2019 23:04:26 GMT
Etag: "7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified: Wed, 02 Oct 2019 20:21:47 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40EB)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5816

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 532E 0
0 62ms
62ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df48b539fc49b2c%26domain%3Dwww.mysticscripts.com%26origin%3Dhttp%253A%252F%252Fwww.mysticscripts.com%252Ff1b3b325f7aaf9%26relation%3Dparent.parent&container_width=0&font=tahoma&href=http%3A%2F%2Fwww.facebook.com%2Fmysticscripts&locale=en_US&sdk=joey&send=false&show_faces=false&width=240

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=b4457f12db9c9587eb24d99250157e7d&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df48b539fc49b2c%26domain%3Dwww.mysticscripts.com%26origin%3Dhttp%253A%252F%252Fwww.mysticscripts.com%252Ff1b3b325f7aaf9%26relation%3Dparent.parent&container_width=0&font=tahoma&href=http%3A%2F%2Fwww.facebook.com%2Fmysticscripts&locale=en_US&sdk=joey&send=false&show_faces=false&width=240
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://www.mysticscripts.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://www.mysticscripts.com/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: HXX/23DEVxe0Dn5OusOHncZvI8EGGgffxK9o7JkVTs/N76Pdy8p3vfoiRQWjf019hsbGVSM9bQ7pLhMrNXOf3g==
date: Fri, 11 Oct 2019 23:03:48 GMT

GET
H/1.1 200
OK button.d941c9a422e2e3faf474b82a1f39e936.js Show response
platform.twitter.com/js/ 7 KB
3 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.d941c9a422e2e3faf474b82a1f39e936.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41D7) /
Resource Hash: a05cb65ecfe9bb5ef6968b5cc9099d50cd8401c1aa73df4c214fee47018c4d12

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 11 Oct 2019 23:03:48 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 20:21:39 GMT
Server: ECS (fcn/41D7)
Etag: "89c7a09d87bdc0f1b87105d8f841b83e+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 2296

GET
H/1.1 200
OK follow_button.e3a0e1b01ae601b6c9cf798a93ab7e69.en.html
platform.twitter.com/widgets/ Frame E4FC 0
0 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.e3a0e1b01ae601b6c9cf798a93ab7e69.en.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40D9) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://www.mysticscripts.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://www.mysticscripts.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 11 Oct 2019 23:03:48 GMT
Etag: "96df00870d2a176af27dc50d52365f60+gzip"
Last-Modified: Wed, 02 Oct 2019 20:21:41 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40D9)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 13673

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
121 B 128ms
128ms Image
image/gif 104.244.42.72
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.mysticscripts.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1570835028365%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22708eecd%3A1570046592825%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.mysticscripts.com
URL: http://www.mysticscripts.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 23:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 121
pragma: no-cache
last-modified: Fri, 11 Oct 2019 23:03:48 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 8b57e92d9c72108ac3cdaedab1193061
x-transaction: 00a2893500c4f886
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2

200

__utm.gif
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=1565277585&utmhn=www.mysticscripts.com&utmt=event&utme=5(Time*Log*0%3A10)&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=...
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=1565277585&utmhn=www.mysticscripts.com&utmt=event&utme=5(Time*Log*0%3A10)&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc...

35 B
132 B

6ms
5ms

Image
image/gif

2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=1565277585&utmhn=www.mysticscripts.com&utmt=event&utme=5(Time*Log*0%3A10)&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Mystic%20Scripts%20-%20Free%20Astrology%2C%20Numerology%2C%20Psychic%2C%20Tarot%20Readings!&utmhid=1356428374&utmr=-&utmp=%2F&utmht=1570835038186&utmac=UA-431984-2&utmcc=__utma%3D241774110.1085818211.1570835028.1570835028.1570835028.1%3B%2B__utmz%3D241774110.1570835028.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6AAAAAAAAAAAAAAAAAQAAAgE~

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.mysticscripts.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Oct 2019 15:34:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 26943
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=1565277585&utmhn=www.mysticscripts.com&utmt=event&utme=5(Time*Log*0%3A10)&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Mystic%20Scripts%20-%20Free%20Astrology%2C%20Numerology%2C%20Psychic%2C%20Tarot%20Readings!&utmhid=1356428374&utmr=-&utmp=%2F&utmht=1570835038186&utmac=UA-431984-2&utmcc=__utma%3D241774110.1085818211.1570835028.1570835028.1570835028.1%3B%2B__utmz%3D241774110.1570835028.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6AAAAAAAAAAAAAAAAAQAAAgE~
Non-Authoritative-Reason: HSTS

Verdicts & Comments Add Verdict or Comment

234 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.redintelligence.net/	1970-01-19 06:30:11	Name: 8lcfmzhxc8d6_uid Value: a568d4d7242d4b9d
.zanox.com/	1970-01-19 06:30:11	Name: zptpvc Value: 5C56837S2617875833985387520T0II5C13163S2617875833985387520T0II45475836C0SV1yq00858458027929345753764036594261yb5yb7T2617875833985387520
.doubleclick.net/	1970-01-19 13:42:11	Name: IDE Value: AHWqTUln6bHGowwh_ohoOkX80x6OWTSsxfmV3W1QHgX5abkTIsv5oEDao-w1n7Fz
.mysticscripts.com/	1970-01-19 04:20:36	Name: __utmb Value: 241774110.1.10.1570835028
.mysticscripts.com/	1970-01-19 08:43:23	Name: __utmz Value: 241774110.1570835028.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.mysticscripts.com/	1970-01-19 04:20:35	Name: __utmt Value: 1
.mysticscripts.com/	1969-12-31 23:59:59	Name: __utmc Value: 241774110
.congstar.de/	1970-01-19 04:30:39	Name: staticentry Value: %7B%22zxid%22%3A%2245749447C1551011213SV1yq00858458027929345753764036594261yb5yb7T2617875834014776320%22%2C%22zUserID%22%3A%22992431%22%7D
.zanox.com/	1969-12-31 23:59:59	Name: zttpvc Value: 5C56837S2617875833985387520T0II5C13163S2617875833985387520T0II45475836C0SV1yq00858458027929345753764036594261yb5yb7T2617875833985387520
.google.com/	1970-01-19 08:44:06	Name: NID Value: 189=UmKXSBBthdv3jVAikAdTYOftyTEEjsVaYc21Fuuqhe0TrvtZQoRjgw6LzLmccEy4DKF2BpRSIdzM3TgNGeWn-5kFCNao4rxHZwh_XFL03321SO3eC_h3tkmghDrKtkit7WKvx9gl3j--EYzKGznp7Eev6kAfexjotTF8y1k2vOI
.doubleclick.net/	1970-01-19 04:20:38	Name: DSID Value: NO_DATA
.mysticscripts.com/	1970-01-19 21:51:47	Name: __utma Value: 241774110.1085818211.1570835028.1570835028.1570835028.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
adservice.google.de
apis.google.com
b.scorecardresearch.com
cdn.taboola.com
connect.facebook.net
cse.google.com
d196idvv7qapsh.cloudfront.net
d1kiol0bszgfa4.cloudfront.net
d1mrqj0z3ckrq2.cloudfront.net
googleads.g.doubleclick.net
lodha.org
pagead2.googlesyndication.com
platform.twitter.com
staticxx.facebook.com
stats.g.doubleclick.net
syndication.twitter.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.mysticscripts.com
104.237.52.106
104.244.42.72
13.224.197.110
13.224.197.191
151.101.114.2
2.16.186.80
204.11.58.194
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:800::2002
2a00:1450:4001:800::200e
2a00:1450:4001:814::2002
2a00:1450:4001:815::200e
2a00:1450:4001:816::200d
2a00:1450:4001:81b::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:81e::2002
2a00:1450:4001:81f::200e
2a00:1450:400c:c00::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
54.192.94.173
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06d3d5dc16545b786b4b08ab24fbd74bfcb6221b29d176d468932f45c01cc4fa
09d2e3c7629609496e32701a4620daaa4f1f11f3f8bfb03f9a7ebf88ae3dec9e
0fd4085b6a9cd540ac00761e9ee893847cc65a678c847e1210d4d3737354ab0c
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
128869a25131fc642133dda16f4e88b723e1623e20234a39d260a1f0267c518f
16fe6767f25fa778cdaecb5b5af7d97020077e47a74cd6f48c294f728e18c938
19ac5db7697b34fba6371e212f847bdabdff46de195d80e57bce46bc803e4ea6
34b9effb0c59cfc49442ab45b7ca9f1d3316edbeaf063cd64af67ae4127c5219
36c99f223d6d9405832934741164b981ba44c98153a8795cf8de10cad5777ad1
3b03d6063e2cb999b26d8b954554ea4afb55b279e7c9930c3a8688c59e29bf69
49195b83079a639e6aca36da505fc42048d1e7a906acce69a3a61df3acd8b2d1
4a190e3d05879d928bef6696c718001b875879f13f04483ee5421ff63cb39b0f
4e43275a5a7d56d36651b50415477016ac7c38fa105dea1ef9dc16800703bb25
4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313
503d8793f390a9778c09553dbf06de584a2aedbd9054c4786de7005ae9b1b1a4
5ba5feaa75d8a226b3b2ff00bae76186db20d3b1709f0523715c0471f8620ca7
5c348e95318786d0c843ad66dbad69d3df6282a0b0bf115470a10ea0ca233b7a
5cfe33591c80e81705a8b867b97e48bbffd5b5a2ff97aa1b879595017acb3814
5d6d3ef77b6caa0b4a74b988aa96ced3b630ba3d733fcf327a827a3cc713305e
60e9a66023ecc9ce6827f102fab376ce7335d6fbb0cbcc5d67b983a8c94f3e82
61433fd9f1ef2b6b9731c444c33b9a68682590f5cce1a3e7c44ed1d4c486828c
6369f1738febaf65e96df11d470b745b5a918972e346915d0649944326fba4e5
63866f896fcaec7e309227dc08dd168aec05ccc6957e066d24d663bbc95b3f2f
641b262b3894554ea092241f2ece57eec60fab9616f38db4f4ee40ddff859791
6af37d7d95d59b5f717469606e09bff1f1e8b2b35b6a617f3766f4021438567f
6df5a2fc07e8b543b7428df746cf2d2b79fc5e44eaa58a7e193edca54f3acf4e
7612d8d8f05c10b247da37cb1d6a88faf42c420ca13c92539a9518b4a8207120
7af9a1d204d9b6b9bbc472315d9f403179eb2afa2c72aa647de7a76a92c63ae8
7e077416dfb990dec48a19c07cd70496ec18549ce086a68a8edd2faac475cbea
7e56cb5c62408fa7c11ac1d502bb5f6ee6247d02c6b6a3dbfe459b420d48184e
7fa9d325558a8c877fe52b509a8dce8cd63107f08617fb9f8e3247be5885df81
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8440a4e8781fa8a807acab15a098fea4ad89627b4388d09ce003f2b671534b84
88a50401236c3ccaeaa3a9b0c8bbd1b6669538c9fcb4b581a3fc45dd28cca2fe
89b08196df1c9027e73d60d6d0a45a8684b186563984c2a6f71af3acc7ba01cc
9045df73f3f1dbc7ef5bd4046c4e684f1e23f2978032f661d18cef84debb99b1
90476f48e0b8a9f9c5c11fd16f13fc6a8772fe281d12c8e63153a6f948cdd348
97bc41c7a3e7fecc705824df9c41db03ba881633c7287ad2d7b373fdd7660ad1
a05cb65ecfe9bb5ef6968b5cc9099d50cd8401c1aa73df4c214fee47018c4d12
ac68d5631532ee5ecaf3d04dde2047df833f652e52482704a9cf3b9ca2a00994
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aef6eeb769cc25d6f1776c5f7e97aef03258c9b5362d72f0d7955633eadf8f09
b14879fbb80093aa13c2b196e942b6b00312f14d652ef4c4f58721b2cbbe9b41
b2c156a207a283ff5e1416a007e10ce78cf8b87da41d1057f736c9c217c5fa94
b41de32075471d4673e98e30b1d1814d890b9a216be2f84216a238004933589d
bde176ead20d7764cec583383728f6e146648f49944274078741b02e05a7b28d
cae18b5991e40c49d2c98658f736b53a4ac2d6b7082e830c04831b5dea300ee1
cf98cbceff27ae55a4cdce2505deba698bdd02c641e253071f50e7b70fdbb3cf
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d996e8927ae45383450bd8314f8bc89259a528aaa698231fe91d2295872d0496
dd770be1596d769ff72b69804247896a362fddb4a75e80b8fada31e1dee73b2a
deada158e32db61e67ff19b0180dfdccd4280784e9513d5401333f1ffde4c895
df0c1324bd3aec90da0583b3bdbfc10b844ba5a52df358d4210c17b424deee16
dfcd6f70642236e269d6bef2981132d93d19c12b5dda5866f5e0c8c401734bd8
e18a1d50632994140a0148d0a9fef4c8e2cc20585aa788223bc831ca66147028
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed015b2c66dea750a8d39a72be12cdd2f64cf4880e05097b2bbec64d89c293a2
f4a442b695fab78b34de93b5b13217d8d4af8225dc164869731e961ed56b6e39

www.mysticscripts.com Open in urlscan Pro 104.237.52.106 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

36 %HTTPS

62 %IPv6

14 Domains

23 Subdomains

19 IPs

5 Countries

1351 kBTransfer

2367 kBSize

12 Cookies

1 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.mysticscripts.com Open in urlscan Pro
104.237.52.106 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

36 %
HTTPS

62 %
IPv6

14
Domains

23
Subdomains

19
IPs

5
Countries

1351 kB
Transfer

2367 kB
Size

12
Cookies

73 HTTP transactions
0 data transactions