bluelotustarotreadings.com Open in urlscan Pro
172.67.153.23 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bluelotustarotreadings.com/
Effective URL:
https://bluelotustarotreadings.com/
Submission: On November 06 via api (November 6th 2024, 7:06:18 am UTC) from US — Scanned from US

Summary HTTP 22 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 22 HTTP transactions. The main IP is 172.67.153.23, located in United States and belongs to CLOUDFLARENET, US. The main domain is bluelotustarotreadings.com.
TLS certificate: Issued by WE1 on October 10th 2024. Valid for: 3 months.

This is the only time bluelotustarotreadings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	172.67.153.23 172.67.153.23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:400d:c0b::5f	15169 (GOOGLE) (GOOGLE)
2	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
3	2607:f8b0:400... 2607:f8b0:4004:c1d::5f	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c1d::64	15169 (GOOGLE) (GOOGLE)
2	173.194.204.94 173.194.204.94	15169 (GOOGLE) (GOOGLE)
22	7

11 172.67.153.23 (United States)

ASN13335 (CLOUDFLARENET, US)

bluelotustarotreadings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0b::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1d::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c1d::64 (Morganton, United States)

ASN15169 (GOOGLE, US)

calendar.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.204.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	bluelotustarotreadings.com bluelotustarotreadings.com	11 MB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 412 fonts.googleapis.com — Cisco Umbrella Rank: 30	33 KB
2	gstatic.com fonts.gstatic.com	40 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	77 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1113	32 KB
1	google.com calendar.google.com — Cisco Umbrella Rank: 746
22	6

	Domain	Requested by
11	bluelotustarotreadings.com	bluelotustarotreadings.com
3	fonts.googleapis.com	bluelotustarotreadings.com
2	fonts.gstatic.com	fonts.googleapis.com
2	connect.facebook.net	bluelotustarotreadings.com connect.facebook.net
2	maxcdn.bootstrapcdn.com	bluelotustarotreadings.com
1	calendar.google.com	bluelotustarotreadings.com
1	ajax.googleapis.com	bluelotustarotreadings.com
22	7

This site contains links to these domains. Also see Links.

Domain
www.enlightenedsoulcenter.com
www.schedulicity.com
g.page
instagram.com
www.youtube.com
www.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
bluelotustarotreadings.com WE1	`2024-10-10` - `2025-01-08`	3 months	crt.sh
bootstrapcdn.com WE1	`2024-09-20` - `2024-12-19`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-15` - `2024-11-13`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://bluelotustarotreadings.com/
Frame ID: A522C63A35B709998441D4F56C8DE388
Requests: 21 HTTP requests in this frame

Frame: https://calendar.google.com/calendar/embed?src=562db7fc20948e4895aada74421049fef14dc530a7e1e8f62e9c948bd0215d3c%40group.calendar.google.com&ctz=America%2FNew_York
Frame ID: 81E62127DFAEB3913B1A90FC43C0AE46
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Blue Lotus Tarot

Page URL History Show full URLs

http://bluelotustarotreadings.com/ HTTP 307
https://bluelotustarotreadings.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

11768 kB
Transfer

12844 kB
Size

1
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.enlightenedsoulcenter.com/
Title: Enlightened Soul Center

Search URL Search Domain Scan URL

URL: https://www.schedulicity.com/scheduling/BLTLBWP
Title: Click here to book an appointment!

Search URL Search Domain Scan URL

URL: https://g.page/r/CcGvUinAyXcXEB0/review
Title: Click here to leave a review!

Search URL Search Domain Scan URL

URL: https://instagram.com/_u/laufeyjarsen
Title: laufeyjarsen

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@Laufeyjarsen9/
Title: @Laufeyjarsen9

Search URL Search Domain Scan URL

URL: https://www.facebook.com/leif.larsen.77920/
Title: Leif Laufeyjarsen

Search URL Search Domain Scan URL

URL: https://www.instagram.com/_u/laufeyjarsen/
Title: laufeyjarsen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bluelotustarotreadings.com/ HTTP 307
https://bluelotustarotreadings.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
bluelotustarotreadings.com/
Redirect Chain

http://bluelotustarotreadings.com/
https://bluelotustarotreadings.com/

16 KB
5 KB

519ms
318ms

Document
text/html

172.67.153.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluelotustarotreadings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.153.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ede85c6bdd46bb25ccafe0a7f3c1ca849d9edbdfea61a835b39ef2dd9a2c37ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8de33d4abb6f7cb6-LAX
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 06 Nov 2024 07:06:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sDAzfCtHoa6Nv%2FHLjp2snIwpkvunNFOHnKI28Vn4BfilUuYkMK9%2BQDpIkD0yEyJLxYrEtF2bV5%2B2icPKfr5h7N%2BLB8IINFlGtUomg61MMA1YOtVJkkjEUwXEFBfldkw1g0IQIONSkry%2B%2BvNk%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=60375&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4195&recv_bytes=4540&delivery_rate=325&cwnd=12000&unsent_bytes=0&cid=e85b0992c4afff0d&ts=454&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

Location: https://bluelotustarotreadings.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/ 119 KB
20 KB 212ms
133ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css

Requested by

Host: bluelotustarotreadings.com
URL: https://bluelotustarotreadings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bluelotustarotreadings.com/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: "7f89537eaf606bff49f5cc1a7c24dbca"
age: 58405
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Wed, 06 Nov 2024 07:06:11 GMT
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 09/26/2024 10:52:22
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 68dd61bfcd482ebd1e16fe2f3f9fc061
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8de33d4d69e82eff-LAX
access-control-allow-origin: *
cdn-edgestorageid: 998
server: cloudflare
cdn-requestcountrycode: US

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.4/ 88 KB
31 KB 367ms
122ms Script
text/javascript 2607:f8b0:400d:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js

Requested by

Host: bluelotustarotreadings.com
URL: https://bluelotustarotreadings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0b::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bluelotustarotreadings.com/

Response headers

content-encoding: gzip
age: 18794
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 01:52:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 01:52:57 GMT
last-modified: Tue, 04 Apr 2023 03:27:01 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31154
x-xss-protection: 0
server: sffe

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/ 39 KB
12 KB 150ms
72ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js

Requested by

Host: bluelotustarotreadings.com
URL: https://bluelotustarotreadings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bluelotustarotreadings.com/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: "2f34b630ffe30ba2ff2b91e3f3c322a1"
age: 1175952
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Wed, 06 Nov 2024 07:06:11 GMT
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 10/10/2024 07:46:40
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a53712bcc4a9dd9ce963f323d88f31b3
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8de33d4d69e52eff-LAX
access-control-allow-origin: *
cdn-edgestorageid: 999
server: cloudflare
cdn-requestcountrycode: US

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 243ms
119ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: bluelotustarotreadings.com
URL: https://bluelotustarotreadings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

8ef5eb87d029f4f271d0c9de4b32ef7d727c2c7ec263182104ad811683b43e40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://bluelotustarotreadings.com
Referer: https://bluelotustarotreadings.com/

Response headers

content-md5: yOkvaI0JelUq9DNxge7F9Q==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "fb62bb1003e8e67501ddd61e864136d8"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 07:11:58 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 06 Nov 2024 07:06:12 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 17030b50d529dd601d2951c4965087e2
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=24, mss=1232, tbw=8183, tp=13, tpl=0, uplat=0, ullat=-1
x-fb-debug: jPdHDCWaiRfXm1NhFaESub0iuFCSjsAUm669ATvLgpOz81GW49spkFYbP0d7nhSZyPdYTmjz5qXVKYn3FECc6Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 1689
origin-agent-cluster: ?1

GET
H3 200 milligram.css
bluelotustarotreadings.com/ 21 KB
5 KB 223ms
221ms Stylesheet
text/css 172.67.153.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluelotustarotreadings.com/milligram.css

Requested by

Host: bluelotustarotreadings.com
URL: https://bluelotustarotreadings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.153.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8ff48b4f60b6ac56ed2b1b5d720e75f79758b1b815a4c9382beeececb94d49b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bluelotustarotreadings.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"618200b948fbc8388adf3878cedeae3e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PQh1ejfP6a8QQYtzq3vyAXfD%2FKrc7abp5S0gSF9uiMwhiijWdZgfyLiL5fCUgFwqSmKYRn8xeI9gWdHB%2FpVYTzwE8xSwoeUet8HesvXJiQi40rAOwfM3h7K8lzea%2FYYt2SGzDrevm9%2B9rMNU2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=60393&sent=18&recv=17&lost=0&retrans=0&sent_bytes=9587&recv_bytes=5745&delivery_rate=88949&cwnd=12000&unsent_bytes=0&cid=e85b0992c4afff0d&ts=712&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 06 Nov 2024 07:06:11 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8de33d4cee027cb6-LAX
access-control-allow-origin: *
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
568 B 382ms
137ms Stylesheet
text/css 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Maitree&display=swap

Requested by

Host: bluelotustarotreadings.com
URL: https://bluelotustarotreadings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f731a6bcf5416bba9d6ea93779c64ac97d161f07193f487fc490fdc1e7ca71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bluelotustarotreadings.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 07:06:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 07:06:11 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 06 Nov 2024 07:06:11 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
657 B 384ms
139ms Stylesheet
text/css 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather&display=swap

Requested by

Host: bluelotustarotreadings.com
URL: https://bluelotustarotreadings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

743b059dcac2926650c6bf94662cd68f410f015783da3f880edbd5eabfd7814d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bluelotustarotreadings.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 07:06:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 07:06:11 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 06 Nov 2024 05:47:04 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 380ms
136ms Stylesheet
text/css 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Croissant+One&family=Merriweather&display=swap

Requested by

Host: bluelotustarotreadings.com
URL: https://bluelotustarotreadings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

865f7b524aba8a74dc8681eef5e091b80ade4fd5e4a2f0785a7682f3bb9a9ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bluelotustarotreadings.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 07:06:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 07:06:11 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 06 Nov 2024 07:06:11 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 tools_of_the_trade.jpg
bluelotustarotreadings.com/images/ 3 MB
3 MB 651ms
650ms Image
image/jpeg 172.67.153.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluelotustarotreadings.com/images/tools_of_the_trade.jpg

Requested by

Host: bluelotustarotreadings.com
URL: https://bluelotustarotreadings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.153.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5f1687844c579e1d4af933400f79d7ddd528d065400df4ff40853833ce77702

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bluelotustarotreadings.com/

Response headers

cf-cache-status: MISS
etag: "659ee1b71c4d8849c48c90eabfdb36bd"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GHiC4%2BxUsiL3Ie3EMT5Z7XMNxqY%2FRPul7N1T3B%2FDscsYQlHrUXf2horEniLe9H%2FyevFEev6JW4srx%2FGV%2BcqSS4dIRezNFg2293xRFH9VSneB9kcSzg7KkM2Anodz4q1FO19oBvS4V87ERbDrOA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=60970&sent=549&recv=111&lost=0&retrans=0&sent_bytes=633259&recv_bytes=11519&delivery_rate=3658661&cwnd=321600&unsent_bytes=0&cid=e85b0992c4afff0d&ts=1142&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 06 Nov 2024 07:06:11 GMT
content-type: image/jpeg
vary: Accept-Encoding
priority: u=2,i
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8de33d4cee057cb6-LAX
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2762608
server: cloudflare

GET
H3 200 Blue-Lotus-Tarot-Readings_Main%20Logo.png
bluelotustarotreadings.com/images/ 589 KB
590 KB 274ms
273ms Image
image/png 172.67.153.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluelotustarotreadings.com/images/Blue-Lotus-Tarot-Readings_Main%20Logo.png

Requested by

Host: bluelotustarotreadings.com
URL: https://bluelotustarotreadings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.153.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a2e2543d66cd34a76e058f98d9af2d29ae5c911c13ae86eb5f9f4a80c441d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bluelotustarotreadings.com/

Response headers

cf-cache-status: MISS
etag: "c00a9b11dbf7dd2ab172c4d8a778e670"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M6s2uqJAMQC2dHw0ZZhlbCTOclk8nUcWl3qwcEXBHY8bPbGmER1%2B77zXHWL0rzt%2BVDcUjncxwC2OYGZLCOjCdcrfyzDRDLfPAWdt4AAwbY9rE2FcsRz%2B7ZMgvtvgSrFAKRV2iMuieixdaOJCQw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=60393&sent=23&recv=17&lost=0&retrans=0&sent_bytes=14821&recv_bytes=5745&delivery_rate=88949&cwnd=12000&unsent_bytes=0&cid=e85b0992c4afff0d&ts=764&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 06 Nov 2024 07:06:11 GMT
content-type: image/png
vary: Accept-Encoding
priority: u=2,i
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8de33d4cee077cb6-LAX
accept-ranges: bytes
access-control-allow-origin: *
content-length: 602722
server: cloudflare

GET
H3 200 20240221_173747.jpg
bluelotustarotreadings.com/images/ 1 MB
1 MB 251ms
250ms Image
image/jpeg 172.67.153.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluelotustarotreadings.com/images/20240221_173747.jpg

Requested by

Host: bluelotustarotreadings.com
URL: https://bluelotustarotreadings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.153.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92d5fec163720edfb11ad96cc5e4cb56388f72bd7b8aa142ce0a10e214230b10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bluelotustarotreadings.com/

Response headers

cf-cache-status: MISS
etag: "4a4a2b833ac2fcad3d23a63cc47e4277"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BHn9ma%2F2hZoKScL3i7jy3QxcPIUQChpeGLbDmutAnEfVTIML0ZPezgEnlez8HfmXiXXJOBODbBTvllU40%2Fk6Xd8FdErNSFuZw%2Bm737CwDMeY%2BjHbGz2MGHz5R3aOsSNsP5dk3fL46gMiWF%2FGgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=64422&sent=1140&recv=138&lost=43&retrans=43&sent_bytes=1339579&recv_bytes=12761&delivery_rate=3679253&cwnd=384720&unsent_bytes=0&cid=e85b0992c4afff0d&ts=1242&x=1", cfExtPri, cfHdrFlush;dur=21
date: Wed, 06 Nov 2024 07:06:12 GMT
content-type: image/jpeg
vary: Accept-Encoding
priority: u=2,i
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8de33d5029747cb6-LAX
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1053076
server: cloudflare

GET
H3 200 email-decode.min.js Show response
bluelotustarotreadings.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 67ms
65ms Script
application/javascript 172.67.153.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluelotustarotreadings.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: bluelotustarotreadings.com
URL: https://bluelotustarotreadings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.153.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bluelotustarotreadings.com/

Response headers

x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"672112ce-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GDoehTtlEfpVj5mRMiQ9nhjXHbkr5IVi%2BlI5E%2FPl6sT7hWxBIoFv87APqHd5SD7rGtEo2wmqhMUU2%2F3HSaUP4%2BPt%2F7g5GOWQuwW8Gn1qkkLfcxUWtxrFeuL3r7d13B1feXpwIyyIaFRtLkAejA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8de33d5029767cb6-LAX
expires: Fri, 08 Nov 2024 07:06:11 GMT
date: Wed, 06 Nov 2024 07:06:11 GMT
content-type: application/javascript
last-modified: Tue, 29 Oct 2024 16:52:30 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 embed
calendar.google.com/calendar/ Frame 81E6 0
0 728ms
450ms Document
text/html 2607:f8b0:400d:c1d::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://calendar.google.com/calendar/embed?src=562db7fc20948e4895aada74421049fef14dc530a7e1e8f62e9c948bd0215d3c%40group.calendar.google.com&ctz=America%2FNew_York

Requested by

Host: bluelotustarotreadings.com
URL: https://bluelotustarotreadings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::64 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /calendar/cspreport script-src 'report-sample' 'nonce-gOFedpa3keV8xsWxVUS5ZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /calendar/cspreport require-trusted-types-for 'script';report-uri /calendar/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluelotustarotreadings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /calendar/cspreport script-src 'report-sample' 'nonce-gOFedpa3keV8xsWxVUS5ZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /calendar/cspreport require-trusted-types-for 'script';report-uri /calendar/cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy-report-only: require-corp; report-to="calendar_coop_coep"
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="calendar_coop_coep"
date: Wed, 06 Nov 2024 07:06:12 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
report-to: {"group":"calendar_coop_coep","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/calendar"}]}
reporting-endpoints: default="/calendar/web-reports?bl=calendar.web_20241029.03_p0&context=eJzjmsGkobqcyRiIVwLxFiCuqljO1ArE96qXMz0DYskjy5lUgFhQ5DWTpdhrpnAgjgLiT_KvmS41vmYq53zDNAGIH17-xfQOiKdb_mfaAMQ6J21YXIG4o8qWRULQgWXzbUeWM0BscseRxReIr0q4sjwEYoVYVxZLIL51wY3lT5c7i2i3O0v7IneWFTnzWX95LGBl91zAWlG5gHUiEJ9UX8wqbLSE9ca9JaxPgZjl6VJWQSCes3kZ69oVy1nTVq9g5Z61hlUFiO2N1rH6APHMrNesy4DYsfA1qx8QG2S9YbUFYu-qN6wRQBz8i5stAoivpAmwPQTiaYZCbIuBWIiH48mqNTvZBCasv_SBUUk6OTEnNS8lsUivPDUp3sjAyMTQwMhSz8A4vsAAADPjey8"
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Blue-Lotus-Tarot-Readings_Main%20Logo.png
bluelotustarotreadings.com/images/ 589 KB
0 1ms
1ms Image
image/png 172.67.153.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluelotustarotreadings.com/images/Blue-Lotus-Tarot-Readings_Main%20Logo.png

Requested by

Host: bluelotustarotreadings.com
URL: https://bluelotustarotreadings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.153.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a2e2543d66cd34a76e058f98d9af2d29ae5c911c13ae86eb5f9f4a80c441d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bluelotustarotreadings.com/

Response headers

cf-cache-status: MISS
etag: "c00a9b11dbf7dd2ab172c4d8a778e670"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M6s2uqJAMQC2dHw0ZZhlbCTOclk8nUcWl3qwcEXBHY8bPbGmER1%2B77zXHWL0rzt%2BVDcUjncxwC2OYGZLCOjCdcrfyzDRDLfPAWdt4AAwbY9rE2FcsRz%2B7ZMgvtvgSrFAKRV2iMuieixdaOJCQw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=60393&sent=23&recv=17&lost=0&retrans=0&sent_bytes=14821&recv_bytes=5745&delivery_rate=88949&cwnd=12000&unsent_bytes=0&cid=e85b0992c4afff0d&ts=764&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 06 Nov 2024 07:06:11 GMT
content-type: image/png
vary: Accept-Encoding
priority: u=2,i
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8de33d4cee077cb6-LAX
accept-ranges: bytes
access-control-allow-origin: *
content-length: 602722
server: cloudflare

GET
H3 200 tools_of_the_trade.png
bluelotustarotreadings.com/images/ 4 MB
4 MB 745ms
745ms Image
image/png 172.67.153.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluelotustarotreadings.com/images/tools_of_the_trade.png

Requested by

Host: bluelotustarotreadings.com
URL: https://bluelotustarotreadings.com/milligram.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.153.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1929a8dec9d9b88c138f905d11bef4ccdb7fad7b1fca9ae5c3a8f50c979aef82

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bluelotustarotreadings.com/milligram.css

Response headers

cf-cache-status: MISS
etag: "e438fc2a58424bad1ff5f17441d267fd"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GNlmKKGkYlDFORde8teses5RsKiw7XVZeVqwS8Kab0U71rth86icB74aZuFa1LW5zki96zPy8bd4O0TdYSH2w1BvjmJyCsZn5yX%2B4cMNj0DAIFOrbaceOrSARfy511DJ3j%2B%2Bc1ZvEfjB%2FKgAHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=63216&sent=1790&recv=205&lost=43&retrans=43&sent_bytes=2115051&recv_bytes=15899&delivery_rate=4730255&cwnd=393120&unsent_bytes=0&cid=e85b0992c4afff0d&ts=1366&x=1", cfExtPri, cfHdrFlush;dur=3
date: Wed, 06 Nov 2024 07:06:12 GMT
content-type: image/png
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8de33d50397d7cb6-LAX
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4492977
server: cloudflare

GET
H3 200 calendar_background.jpg
bluelotustarotreadings.com/images/ 3 MB
3 MB 745ms
744ms Image
image/jpeg 172.67.153.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluelotustarotreadings.com/images/calendar_background.jpg

Requested by

Host: bluelotustarotreadings.com
URL: https://bluelotustarotreadings.com/milligram.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.153.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

153dd540dfe03f17d06e4fbae83ad4050b6c8796aeb41d4569f09315310311f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bluelotustarotreadings.com/milligram.css

Response headers

cf-cache-status: MISS
etag: "340fce6f18879f6098ade6867f7a6d36"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yJT%2FJF58Er53x6ewKrX9wb%2FhGpcEHQkEQsbQvsAIG6MIRABdkaqsMQAlN5lKXLdG8gT2eyJrH2vgjXZG6ejjupukh5sCN%2FICT0foxjHCnta8%2F5Exjbu5tlgofLO9Aml%2BA5yskNIzabDdI6nQMg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=61719&sent=3583&recv=388&lost=43&retrans=43&sent_bytes=4253419&recv_bytes=24181&delivery_rate=6570635&cwnd=415920&unsent_bytes=0&cid=e85b0992c4afff0d&ts=1699&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 06 Nov 2024 07:06:12 GMT
content-type: image/jpeg
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8de33d50397f7cb6-LAX
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2844044
server: cloudflare

GET
H3 200 Khodijah%20Free.ttf
bluelotustarotreadings.com/fonts/ 174 KB
83 KB 284ms
283ms Font
font/ttf 172.67.153.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluelotustarotreadings.com/fonts/Khodijah%20Free.ttf

Requested by

Host: bluelotustarotreadings.com
URL: https://bluelotustarotreadings.com/milligram.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.153.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7af692a1545b0a1f06f290cfd21c42bff863e56d2c8f8062bc44ed0cdce406d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://bluelotustarotreadings.com
Referer: https://bluelotustarotreadings.com/milligram.css

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"4febd54d8504e47e1419d72fbf043474"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CALFyIn%2F5W0Beg7qFfBwexVX0UPWZwnUy%2B6YZqn6HMoJgivMFhfGyby1PdZQ9qrsvxvgJ4aOjAr467pzGZ4I30Km%2BNME2GMgkkWqd7UjerXScEDSz24M6cyvgEsaaaM%2B%2F6kzWD8cYOSfj9L5LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=65293&sent=1464&recv=173&lost=43&retrans=43&sent_bytes=1726699&recv_bytes=14432&delivery_rate=5817558&cwnd=387120&unsent_bytes=0&cid=e85b0992c4afff0d&ts=1303&x=1", cfExtPri, cfHdrFlush;dur=21
date: Wed, 06 Nov 2024 07:06:12 GMT
content-type: font/ttf
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8de33d5059a27cb6-LAX
access-control-allow-origin: *
server: cloudflare

GET
H3 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 20 KB
20 KB 244ms
120ms Font
font/woff2 173.194.204.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f94.1e100.net

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://bluelotustarotreadings.com
Referer: https://fonts.googleapis.com/

Response headers

age: 537971
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 31 Oct 2025 01:40:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 31 Oct 2024 01:40:01 GMT
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20028
x-xss-protection: 0
server: sffe

GET
H3 200 MjQGmil5tffhpBrknt6sfQ.woff2
fonts.gstatic.com/s/maitree/v10/ 20 KB
20 KB 292ms
168ms Font
font/woff2 173.194.204.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/maitree/v10/MjQGmil5tffhpBrknt6sfQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Maitree&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f94.1e100.net

Software

sffe /

Resource Hash

9ba346503b6c880ec143e04f39f756e0d916e7f5aac3963dea250a58efca5fdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://bluelotustarotreadings.com
Referer: https://fonts.googleapis.com/

Response headers

age: 55095
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 05 Nov 2025 15:47:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 15:47:57 GMT
last-modified: Tue, 26 Apr 2022 14:58:50 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20960
x-xss-protection: 0
server: sffe

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 254 KB
75 KB 121ms
121ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=9f486f755ba115590e1ddbf4110820b8

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

a385494822a4b2bf469c3c133436448fc09000c668f4242803d0202052a79950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://bluelotustarotreadings.com
Referer: https://bluelotustarotreadings.com/

Response headers

content-md5: 4vUCL+ggKYpAS1+Q6StOfw==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "cbd91039bc2e0be2f7d0608720293fa8"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 06:17:23 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 06 Nov 2024 07:06:12 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 3d50977f40fece5d5c904035d3e0297d
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=29, mss=1232, tbw=12187, tp=22, tpl=0, uplat=0, ullat=-1
x-fb-debug: ScuIl5SFddZmeA6wMGFZsRcTFqEDyJGzWVWsj0svCQbwJ4HdQunVyJaSOova4SIaItiyd4MLaxaMgOxQEeO2mA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 76575
origin-agent-cluster: ?1

GET
H3 200 favicon.ico
bluelotustarotreadings.com/ 16 KB
5 KB 131ms
130ms Other
text/html 172.67.153.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluelotustarotreadings.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.153.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d15cc17fdd891dd71f9d204ecec5e00a33da1811d52d171afa10bfc0dcee542

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bluelotustarotreadings.com/

Response headers

content-encoding: br
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vebeQwesBUF7D%2FVH0Q1%2FZ%2Fkdy82wqFt%2FkblCkwPo%2Bf6C6de2biFlklxaaU0L9A%2FKdWfazws6lhrhS%2FtfCACQUW1z36UDLZg7gr%2FWwGo8J%2FBaXsXiqqtHpFPQQscfL%2B5d%2BLAl0R3Cri9hiwXxBg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=61053&sent=10221&recv=1091&lost=43&retrans=43&sent_bytes=12186082&recv_bytes=56315&delivery_rate=2979445&cwnd=473520&unsent_bytes=0&cid=e85b0992c4afff0d&ts=3439&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 06 Nov 2024 07:06:14 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 06 Nov 2024 07:06:14 GMT
priority: u=1,i
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8de33d5e890c7cb6-LAX
access-control-allow-origin: *
server: cloudflare

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-21 05:11:27	Name: NID Value: 518=B90VrqgWEQ2c3C6JpHKPJB4vfu1MF8QxjV-IyZin72_WfnsfO5lbBkAi6ixrcCu1Aehika4Jif-_ZHjsU0_F5J4VIFMWb-eLZ7WPBOhBlcoGSGYeKiPUoi9Sgqe0y25lSREb_jSxopGXGfA2F-FWEl2LvhxlPxaR6siuSKVvTAAgk6t3PeNvwG_l

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bluelotustarotreadings.com
calendar.google.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
104.18.10.207
172.67.153.23
173.194.204.94
2607:f8b0:4004:c1d::5f
2607:f8b0:400d:c0b::5f
2607:f8b0:400d:c1d::64
31.13.66.19
153dd540dfe03f17d06e4fbae83ad4050b6c8796aeb41d4569f09315310311f6
1929a8dec9d9b88c138f905d11bef4ccdb7fad7b1fca9ae5c3a8f50c979aef82
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
6a2e2543d66cd34a76e058f98d9af2d29ae5c911c13ae86eb5f9f4a80c441d79
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
743b059dcac2926650c6bf94662cd68f410f015783da3f880edbd5eabfd7814d
7d15cc17fdd891dd71f9d204ecec5e00a33da1811d52d171afa10bfc0dcee542
7f731a6bcf5416bba9d6ea93779c64ac97d161f07193f487fc490fdc1e7ca71f
865f7b524aba8a74dc8681eef5e091b80ade4fd5e4a2f0785a7682f3bb9a9ea3
8ef5eb87d029f4f271d0c9de4b32ef7d727c2c7ec263182104ad811683b43e40
92d5fec163720edfb11ad96cc5e4cb56388f72bd7b8aa142ce0a10e214230b10
9ba346503b6c880ec143e04f39f756e0d916e7f5aac3963dea250a58efca5fdf
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a385494822a4b2bf469c3c133436448fc09000c668f4242803d0202052a79950
a5f1687844c579e1d4af933400f79d7ddd528d065400df4ff40853833ce77702
c8ff48b4f60b6ac56ed2b1b5d720e75f79758b1b815a4c9382beeececb94d49b
e7af692a1545b0a1f06f290cfd21c42bff863e56d2c8f8062bc44ed0cdce406d
ede85c6bdd46bb25ccafe0a7f3c1ca849d9edbdfea61a835b39ef2dd9a2c37ea

bluelotustarotreadings.com Open in urlscan Pro 172.67.153.23 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

43 %IPv6

6 Domains

7 Subdomains

7 IPs

2 Countries

11768 kBTransfer

12844 kBSize

1 Cookies

7 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

bluelotustarotreadings.com Open in urlscan Pro
172.67.153.23 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

11768 kB
Transfer

12844 kB
Size

1
Cookies

22 HTTP transactions
0 data transactions