mysterydoug.com Open in urlscan Pro
34.201.246.51 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward
Effective URL:
https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward
Submission: On March 15 via api (March 15th 2020, 12:09:04 am UTC) from US

Summary HTTP 63 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 22 domains to perform 63 HTTP transactions. The main IP is 34.201.246.51, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is mysterydoug.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 20th 2020. Valid for: 3 months.

This is the only time mysterydoug.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	34.201.246.51 34.201.246.51	14618 (AMAZON-AES) (AMAZON-AES)
9	2a04:4e42:3::609 2a04:4e42:3::609	54113 (FASTLY) (FASTLY)
6	2a04:4e42:3::622 2a04:4e42:3::622	54113 (FASTLY) (FASTLY)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	13.225.73.123 13.225.73.123	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
1	52.45.70.48 52.45.70.48	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:3::84 2a04:4e42:3::84	54113 (FASTLY) (FASTLY)
1	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2.16.186.18 2.16.186.18	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	52.202.106.32 52.202.106.32	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	151.101.12.84 151.101.12.84	54113 (FASTLY) (FASTLY)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
2	162.247.242.19 162.247.242.19	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	54.209.247.25 54.209.247.25	14618 (AMAZON-AES) (AMAZON-AES)
1	54.244.82.212 54.244.82.212	16509 (AMAZON-02) (AMAZON-02)
2	34.195.41.56 34.195.41.56	14618 (AMAZON-AES) (AMAZON-AES)
63	27

2 34.201.246.51 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-246-51.compute-1.amazonaws.com

mysterydoug.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a04:4e42:3::609 (Ascension Island)

ASN54113 (FASTLY, US)

cloud.mysteryscience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a04:4e42:3::622 (Ascension Island)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.73.123 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-123.fra2.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.70.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-70-48.compute-1.amazonaws.com

mysteryscience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::84 (Ascension Island)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s17-in-f66.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.186.18 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-18.deploy.static.akamaitechnologies.com

embedwistia-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.202.106.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-106-32.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.12.84 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.19 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-7.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.209.247.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-247-25.compute-1.amazonaws.com

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.244.82.212 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-244-82-212.us-west-2.compute.amazonaws.com

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.195.41.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-41-56.compute-1.amazonaws.com

fg8vvsvnieiv3ej16jby.litix.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	mysteryscience.com cloud.mysteryscience.com mysteryscience.com	470 KB
8	wistia.com fast.wistia.com distillery.wistia.com pipedream.wistia.com	212 KB
4	google.de www.google.de	439 B
4	google.com 1 redirects www.google.com	510 B
4	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	4 KB
4	heapanalytics.com cdn.heapanalytics.com heapanalytics.com	33 KB
3	pinterest.com ct.pinterest.com	471 B
3	akamaihd.net embedwistia-a.akamaihd.net	308 KB
3	facebook.net connect.facebook.net	154 KB
3	gstatic.com fonts.gstatic.com	39 KB
2	litix.io fg8vvsvnieiv3ej16jby.litix.io	419 B
2	nr-data.net bam.nr-data.net	457 B
2	facebook.com www.facebook.com	297 B
2	bing.com bat.bing.com	8 KB
2	pinimg.com s.pinimg.com	47 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	bugsnag.com sessions.bugsnag.com	328 B
2	mysterydoug.com 1 redirects mysterydoug.com	16 KB
1	newrelic.com js-agent.newrelic.com	10 KB
1	googleadservices.com www.googleadservices.com	10 KB
1	googleapis.com fonts.googleapis.com	963 B
1	googletagmanager.com www.googletagmanager.com	38 KB
63	22

	Domain	Requested by
9	cloud.mysteryscience.com	mysterydoug.com
6	fast.wistia.com	mysterydoug.com fast.wistia.com
4	www.google.de	mysterydoug.com
4	www.google.com	1 redirects mysterydoug.com
3	ct.pinterest.com	mysterydoug.com
3	googleads.g.doubleclick.net	www.googleadservices.com
3	heapanalytics.com	mysterydoug.com
3	embedwistia-a.akamaihd.net	mysterydoug.com
3	connect.facebook.net	mysterydoug.com connect.facebook.net
3	fonts.gstatic.com	mysterydoug.com
2	fg8vvsvnieiv3ej16jby.litix.io	mysterydoug.com
2	bam.nr-data.net	js-agent.newrelic.com mysterydoug.com
2	www.facebook.com	mysterydoug.com connect.facebook.net
2	bat.bing.com	www.googletagmanager.com mysterydoug.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	www.google-analytics.com	www.googletagmanager.com mysterydoug.com
2	sessions.bugsnag.com	cloud.mysteryscience.com mysterydoug.com
2	mysterydoug.com	1 redirects
1	pipedream.wistia.com	mysterydoug.com
1	distillery.wistia.com	mysterydoug.com
1	js-agent.newrelic.com	mysterydoug.com
1	stats.g.doubleclick.net	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	mysteryscience.com	mysterydoug.com
1	fonts.googleapis.com	mysterydoug.com
1	cdn.heapanalytics.com	mysterydoug.com
1	www.googletagmanager.com	mysterydoug.com
63	27

This site contains links to these domains. Also see Links.

Domain
mysteryscience.com
about.mystery.org
twitter.com

Subject Issuer	Validity	Valid
mys.ci Let's Encrypt Authority X3	`2020-02-20` - `2020-05-20`	3 months	crt.sh
s2-cloudinary-pin.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-03-10` - `2021-01-23`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-04-10` - `2020-03-21`	a year	crt.sh
*.bugsnag.com COMODO RSA Domain Validation Secure Server CA	`2018-05-18` - `2020-06-01`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
cdn.heapanalytics.com Amazon	`2019-10-22` - `2020-11-22`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2019-06-05` - `2020-07-22`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2019-08-13` - `2020-08-12`	a year	crt.sh
heapanalytics.com Amazon	`2020-01-21` - `2021-02-21`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.wistia.com Amazon	`2019-05-28` - `2020-06-28`	a year	crt.sh
*.litix.io Amazon	`2019-12-25` - `2021-01-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward
Frame ID: 0083004139BF5499871EA1919965013D
Requests: 66 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward HTTP 301
https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward Page URL

Detected technologies

Erlang (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Cowboy (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\/bugsnag.*\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /heap-\d+\.js/i

Page Statistics

63
Requests

100 %
HTTPS

56 %
IPv6

22
Domains

27
Subdomains

27
IPs

5
Countries

1374 kB
Transfer

3254 kB
Size

12
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://mysteryscience.com/school-closure-planning
Title: starter list of K-5 science lessons

Search URL Search Domain Scan URL

URL: https://mysteryscience.com/?s=mysterydougfooter
Title: Mystery Science

Search URL Search Domain Scan URL

URL: https://about.mystery.org/
Title: About

Search URL Search Domain Scan URL

URL: https://about.mystery.org/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://about.mystery.org/team
Title: Team

Search URL Search Domain Scan URL

URL: https://twitter.com/search?q=%23StayCurious%20%40MysterySci
Title: #StayCurious

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward HTTP 301
https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-71796331-2&cid=880706429.1584230928&jid=1051468928&uid=74930295&gjid=518963873&_gid=49349807.1584230928&_u=YGBAgEAB~&z=409144688 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-71796331-2&cid=880706429.1584230928&jid=1051468928&_v=j81&z=409144688 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-71796331-2&cid=880706429.1584230928&jid=1051468928&_v=j81&z=409144688&slf_rd=1&random=1329006477

63 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
mysterydoug.com/
Redirect Chain

http://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward
https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

37 KB
16 KB

553ms
350ms

Document
text/html

34.201.246.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.201.246.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-201-246-51.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

5552ec8e4eac99cb8552c133f848dc0c134247dadcee553c4332c55889bbf3a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: mysterydoug.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: Cowboy
Date: Sun, 15 Mar 2020 00:08:46 GMT
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
P3p: CP="Please see https://mysteryscience.com/privacy"
Content-Type: text/html; charset=utf-8
Link: <https://cloud.mysteryscience.com/raw/upload/assets/bugsnag-b67fcf5e328325cbe5350adcea8a8c212ae4868c8fb1b9392e30b89f1ff4538f.js>; rel=preload; as=script,<https://cloud.mysteryscience.com/raw/upload/assets/mystery-d15d422a312b94cef72f275f0929524a1aa2cbaadb9175c4adb513ccfed10a03.js>; rel=preload; as=script,<https://www.googletagmanager.com>; rel=dns-prefetch,<https://www.googletagmanager.com>; rel=preconnect,<https://www.google-analytics.com>; rel=dns-prefetch,<https://www.google-analytics.com>; rel=preconnect,<https://www.googleadservices.com>; rel=dns-prefetch,<https://www.googleadservices.com>; rel=preconnect,<https://googleads.g.doubleclick.net>; rel=dns-prefetch,<https://googleads.g.doubleclick.net>; rel=preconnect,<//cloud.mysteryscience.com>; rel=dns-prefetch,<//cloud.mysteryscience.com>; rel=preconnect,<//fast.wistia.com>; rel=dns-prefetch,<//fast.wistia.com>; rel=preconnect,<//distillery.wistia.com>; rel=dns-prefetch,<//distillery.wistia.com>; rel=preconnect,<//pipedream.wistia.com>; rel=dns-prefetch,<//pipedream.wistia.com>; rel=preconnect,<//bam.nr-data.net>; rel=dns-prefetch,<//bam.nr-data.net>; rel=preconnect
Etag: W/"5552ec8e4eac99cb8552c133f848dc0c"
Cache-Control: max-age=0, private, must-revalidate
Set-Cookie: current_user_session_id=102217332; path=/; expires=Sun, 15 Mar 2020 04:08:47 GMT; secure grade=3; path=/; secure _m_session_id=dDBPOGtTWGxTcDAzck1LeU9vZ1k4YmZVakd0Qm9wWFRubUlsYXczbEhNVGRoQndXWDBWT2JRbSt0ZjV1SHoxL2RiV09mejVxSUVNVmk0aXE0cGdYeWpMZzJXZWFsRzc0MnRoZ2ZKUXpTUlNySndETkRPRitDRXVFejRmeTVkK1FCOW14bWxybTVaM1NVYkEwcFpZUU9mNVEwQmF0SmorZXByQzlYMHl6WER2Zy9DZjRCUkNhOWpzd0tBM2U2U2g2TUxGNW9KOU9GQUk2RFRpN0s3YnlvS2xweHNSMnFXSjIwYmZRYUtkWTNiaFVHalBrK3Rick8rWU9jc1gzaXh5TE1xZDZ1R0hmaTFrYmY2UmpRcWl0K1dCNDVxV0VaN3gvWEVpK1h4b1NzYm1mNzdoa3FjQkFKOUtYeXFpMlVVUmY5eFJIVlJUUExKSE5WcE5aZnpSaGVnPT0tLXRlSUdLR2VRbHQrTjdYajJ3WjJRNWc9PQ%3D%3D--7ad3fb1715b1e3c1d8918d89b009eb725856819f; domain=.mysterydoug.com; path=/; expires=Fri, 15 Mar 2030 00:08:47 GMT; secure; HttpOnly
X-Request-Id: 8ff81e47-68ad-46b1-958b-030ba2db87d6
X-Runtime: 0.243069
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Via: 1.1 vegur

Redirect headers

Server: Cowboy
Date: Sun, 15 Mar 2020 00:08:46 GMT
Connection: keep-alive
Content-Type: text/html
Location: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward
Transfer-Encoding: chunked
Via: 1.1 vegur

GET
H2 200 bugsnag-b67fcf5e328325cbe5350adcea8a8c212ae4868c8fb1b9392e30b89f1ff4538f.js Show response
cloud.mysteryscience.com/raw/upload/assets/ 43 KB
12 KB 59ms
7ms Script
text/javascript 2a04:4e42:3::609
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.mysteryscience.com/raw/upload/assets/bugsnag-b67fcf5e328325cbe5350adcea8a8c212ae4868c8fb1b9392e30b89f1ff4538f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::609 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

b67fcf5e328325cbe5350adcea8a8c212ae4868c8fb1b9392e30b89f1ff4538f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 00:08:48 GMT
content-encoding: gzip
status: 200
server-timing: cloudinary;dur=50;start=2020-03-04T22:32:41.140Z,fastly;dur=1;start=2020-03-15T00:08:48.003Z;desc=HIT,rtt;dur=5
content-length: 11707
last-modified: Mon, 01 Jul 2019 23:10:27 GMT
server: Cloudinary
etag: W/"ada2ea727b0d38a47b1f3513b673c2d9"
vary: Accept-Encoding
strict-transport-security: max-age=604800
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Server-Timing,Vary
cache-control: public, no-transform, immutable, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 mystery-d15d422a312b94cef72f275f0929524a1aa2cbaadb9175c4adb513ccfed10a03.js Show response
cloud.mysteryscience.com/raw/upload/assets/ 267 KB
88 KB 58ms
7ms Script
text/javascript 2a04:4e42:3::609
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.mysteryscience.com/raw/upload/assets/mystery-d15d422a312b94cef72f275f0929524a1aa2cbaadb9175c4adb513ccfed10a03.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::609 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

d15d422a312b94cef72f275f0929524a1aa2cbaadb9175c4adb513ccfed10a03

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 00:08:48 GMT
content-encoding: gzip
status: 200
server-timing: cloudinary;dur=17;start=2020-03-12T19:18:30.853Z,fastly;dur=1;start=2020-03-15T00:08:48.003Z;desc=HIT,rtt;dur=5
content-length: 89514
last-modified: Thu, 12 Mar 2020 19:09:32 GMT
server: Cloudinary
etag: W/"4c8286d34421e228edf0b1e74368829d"
vary: Accept-Encoding
strict-transport-security: max-age=604800
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Server-Timing,Vary
cache-control: public, no-transform, immutable, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 landing-36869be8eec4bce6608690a10963c76af0e56d7e2ea0c6cf93d79f17c3642559.css
cloud.mysteryscience.com/raw/upload/assets/mystery_doug/ 147 KB
31 KB 34ms
18ms Stylesheet
text/css 2a04:4e42:3::609
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.mysteryscience.com/raw/upload/assets/mystery_doug/landing-36869be8eec4bce6608690a10963c76af0e56d7e2ea0c6cf93d79f17c3642559.css

Requested by

Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::609 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

36869be8eec4bce6608690a10963c76af0e56d7e2ea0c6cf93d79f17c3642559

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sun, 15 Mar 2020 00:08:48 GMT
content-encoding: gzip
status: 200
server-timing: cloudinary;dur=161;start=2020-03-08T04:05:11.060Z,fastly;dur=1;total=2;start=2020-03-15T00:08:48.003Z;desc=HIT,rtt;dur=5
content-length: 31317
last-modified: Tue, 03 Mar 2020 21:52:59 GMT
server: Cloudinary
etag: W/"979bc55b581419baeb81cc127e6278a4"
vary: Accept-Encoding
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Server-Timing,Vary
cache-control: public, no-transform, immutable, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 logo-e4453a90eaa25d18b3d56c1a7ff662d2.png
cloud.mysteryscience.com/image/asset/c_pad,w_492/f_auto,q_auto:best/ 8 KB
8 KB 24ms
8ms Image
image/webp 2a04:4e42:3::609
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloud.mysteryscience.com/image/asset/c_pad,w_492/f_auto,q_auto:best/logo-e4453a90eaa25d18b3d56c1a7ff662d2.png

Requested by

Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::609 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

a1123bf6d18c659c866c5cce6dd62422bd48d4746c7bc218c3c8af26f041cbfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 15 Mar 2020 00:08:48 GMT
strict-transport-security: max-age=604800
status: 200
content-disposition: inline; filename="logo-e4453a90eaa25d18b3d56c1a7ff662d2.webp"
server-timing: cloudinary;dur=62;start=2020-03-08T18:34:19.249Z,fastly;dur=1;start=2020-03-15T00:08:48.003Z;desc=HIT,rtt;dur=5
content-length: 8240
last-modified: Thu, 14 Jun 2018 18:26:21 GMT
server: Cloudinary
etag: "227b836f1786d745d3281cd17b925f4e"
vary: Accept,User-Agent
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Server-Timing,Vary
cache-control: private, no-transform, immutable, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 cover_image-abd22f17b294f8539436a981e902bd8a.jpg
cloud.mysteryscience.com/image/asset/f_auto,q_auto/ 30 KB
31 KB 27ms
12ms Image
image/webp 2a04:4e42:3::609
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloud.mysteryscience.com/image/asset/f_auto,q_auto/cover_image-abd22f17b294f8539436a981e902bd8a.jpg

Requested by

Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::609 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

c49b4eb3bbeb7440208f4d8951897ad53e76c1512642471bfb6b84024bee1c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 15 Mar 2020 00:08:48 GMT
strict-transport-security: max-age=604800
status: 200
content-disposition: inline; filename="cover_image-abd22f17b294f8539436a981e902bd8a.webp"
server-timing: cloudinary;dur=61;start=2020-03-08T18:34:19.250Z,fastly;dur=1;start=2020-03-15T00:08:48.003Z;desc=HIT,rtt;dur=5
content-length: 31114
last-modified: Mon, 02 Jul 2018 18:58:55 GMT
server: Cloudinary
etag: "e6bbce3360c5a997efe25bc3ee0349af"
vary: Accept,User-Agent,Save-Data
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Server-Timing,Vary
cache-control: private, no-transform, immutable, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 landing_page_questions-adf8388058bdfb12b6f39d2d21cbb7c1.png
cloud.mysteryscience.com/image/asset/f_auto,q_auto/ 211 KB
211 KB 7ms
7ms Image
image/webp 2a04:4e42:3::609
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloud.mysteryscience.com/image/asset/f_auto,q_auto/landing_page_questions-adf8388058bdfb12b6f39d2d21cbb7c1.png

Requested by

Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::609 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

7f37fd4944c1c56319b3b291b7613435fd7448227620d423f98fa33e4c7a07df

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 15 Mar 2020 00:08:48 GMT
strict-transport-security: max-age=604800
status: 200
content-disposition: inline; filename="landing_page_questions-adf8388058bdfb12b6f39d2d21cbb7c1.webp"
server-timing: cloudinary;dur=71;start=2020-03-05T07:27:16.020Z,fastly;dur=1;start=2020-03-15T00:08:48.036Z;desc=HIT,rtt;dur=5
content-length: 216060
last-modified: Mon, 02 Jul 2018 19:05:00 GMT
server: Cloudinary
etag: "654f4a6dfef14dca663197ee0c2ddd0d"
vary: Accept,User-Agent,Save-Data
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Server-Timing,Vary
cache-control: private, no-transform, immutable, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 619 KB
114 KB 22ms
6ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2e3fc4c2c3b52756b4fad9421320f1abafab6a2f6e29a4829b9f5ffb4e9e13bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 00:08:48 GMT
content-encoding: br
age: 3248
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=0
content-length: 116500
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sea4424-SEA, cache-fra19143-FRA
x-browser-version: 74
last-modified: Fri, 13 Mar 2020 17:55:08 GMT
x-timer: S1584230928.058476,VS0,VE0
etag: "5e6bc8fc-1c714"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 81

GET
H2 200 application-6e2222db17553a1696e130232051e81622600045ccc834bb558f43c15542d2a3.js Show response
cloud.mysteryscience.com/raw/upload/assets/mystery_doug/ 26 KB
9 KB 7ms
6ms Script
text/javascript 2a04:4e42:3::609
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.mysteryscience.com/raw/upload/assets/mystery_doug/application-6e2222db17553a1696e130232051e81622600045ccc834bb558f43c15542d2a3.js

Requested by

Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::609 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

6e2222db17553a1696e130232051e81622600045ccc834bb558f43c15542d2a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 00:08:48 GMT
content-encoding: gzip
status: 200
server-timing: cloudinary;dur=102;start=2020-03-05T06:59:57.664Z,fastly;dur=0;total=1;start=2020-03-15T00:08:48.036Z;desc=HIT,rtt;dur=5
content-length: 8422
last-modified: Mon, 03 Feb 2020 15:33:25 GMT
server: Cloudinary
etag: W/"6b3ffd2d8d1859f6692cec2e0584f306"
vary: Accept-Encoding
strict-transport-security: max-age=604800
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Server-Timing,Vary
cache-control: public, no-transform, immutable, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *

OPTIONS
H2 200 / Show response
sessions.bugsnag.com/ 0
222 B 159ms
146ms XHR
text/plain 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: cloud.mysteryscience.com
URL: https://cloud.mysteryscience.com/raw/upload/assets/bugsnag-b67fcf5e328325cbe5350adcea8a8c212ae4868c8fb1b9392e30b89f1ff4538f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://mysterydoug.com
Referer: https://mysterydoug.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type

Response headers

date: Sun, 15 Mar 2020 00:08:48 GMT
via: 1.1 google
access-control-allow-origin: *
access-control-allow-methods: POST
status: 200
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
alt-svc: clear
content-length: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 144 KB
38 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T6BGZZS

Requested by

Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ca968c4d856c4bb9ce881e6c16187e33462b959a317c1ce29419f957cb729d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 00:08:48 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Cache-Control
content-length: 39305
x-xss-protection: 0
expires: Sun, 15 Mar 2020 00:08:48 GMT

GET
H2 200 heap-3987823424.js Show response
cdn.heapanalytics.com/js/ 77 KB
33 KB 50ms
13ms Script
application/javascript 13.225.73.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heapanalytics.com/js/heap-3987823424.js
Requested by: Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-123.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 56fa605d0e8d48002ce834fe085ad6d4b599765281652c2c5fc2872b6f077098

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 00:07:31 GMT
content-encoding: gzip
server: nginx
age: 77
etag: W/"13289-7ELlXEj1OGhM99jpef46nQ"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=120
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: bnAJq0x2Nbp1T_S2CiuBcYaTojnvL9tZ0nSJfp3o_BXA-396U-8haw==
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)

GET
H2 200 css
fonts.googleapis.com/ 13 KB
963 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,500,600,700

Requested by

Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

892933a134c1c9611c414f846f9cbb6bf5345e871d916543a1888d4247332224

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 15 Mar 2020 00:08:48 GMT
server: ESF
date: Sun, 15 Mar 2020 00:08:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 15 Mar 2020 00:08:48 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v13/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2

Requested by

Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,500,600,700
Origin: https://mysterydoug.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Mar 2020 13:13:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:19 GMT
server: sffe
age: 1076124
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13324
x-xss-protection: 0
expires: Tue, 02 Mar 2021 13:13:24 GMT

GET
H2 200 fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2
cloud.mysteryscience.com/raw/upload/assets/ 75 KB
76 KB 20ms
7ms Font
application/octet-stream 2a04:4e42:3::609
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.mysteryscience.com/raw/upload/assets/fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2

Requested by

Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::609 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://cloud.mysteryscience.com/raw/upload/assets/mystery_doug/landing-36869be8eec4bce6608690a10963c76af0e56d7e2ea0c6cf93d79f17c3642559.css
Origin: https://mysterydoug.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Mar 2020 00:08:48 GMT
last-modified: Sun, 29 Apr 2018 21:13:03 GMT
server: Cloudinary
access-control-allow-origin: *
etag: "af7ae505a9eed503f8b8e6982036873e"
strict-transport-security: max-age=604800
content-type: application/octet-stream
status: 200
access-control-expose-headers: Content-Length,Content-Disposition,Server-Timing
cache-control: public, no-transform, immutable, max-age=31557600
content-disposition: attachment; filename="fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2"
server-timing: cloudinary;dur=66;start=2020-03-04T21:44:20.873Z,fastly;dur=1;start=2020-03-15T00:08:48.093Z;desc=HIT,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 77160

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 13 KB
13 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v13/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2

Requested by

Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,500,600,700
Origin: https://mysterydoug.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Mar 2020 13:13:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:07 GMT
server: sffe
age: 1076130
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13108
x-xss-protection: 0
expires: Tue, 02 Mar 2021 13:13:18 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v13/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2

Requested by

Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,500,600,700
Origin: https://mysterydoug.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 23:54:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:17 GMT
server: sffe
age: 346450
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12976
x-xss-protection: 0
expires: Wed, 10 Mar 2021 23:54:38 GMT

GET
H2 200 rocket-small-4629dc1db94cef9a6d17199f03c71179.png
cloud.mysteryscience.com/image/asset/ 5 KB
5 KB 7ms
7ms Image
image/png 2a04:4e42:3::609
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloud.mysteryscience.com/image/asset/rocket-small-4629dc1db94cef9a6d17199f03c71179.png

Requested by

Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::609 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

38087e4c0d665240e647240e5ee373491272d3b8e2b7280e84cd7480f78cf486

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://cloud.mysteryscience.com/raw/upload/assets/mystery_doug/landing-36869be8eec4bce6608690a10963c76af0e56d7e2ea0c6cf93d79f17c3642559.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 15 Mar 2020 00:08:48 GMT
last-modified: Mon, 30 Sep 2019 20:23:26 GMT
server: Cloudinary
access-control-allow-origin: *
etag: "4629dc1db94cef9a6d17199f03c71179"
strict-transport-security: max-age=604800
content-type: image/png
status: 200
access-control-expose-headers: Content-Length,Content-Disposition,Server-Timing
cache-control: public, no-transform, immutable, max-age=31557600
server-timing: cloudinary;dur=92;start=2020-03-06T09:05:47.774Z,fastly;dur=1;start=2020-03-15T00:08:48.100Z;desc=HIT,rtt;dur=6
accept-ranges: bytes
timing-allow-origin: *
content-length: 4618

GET
H2 200 z9z5dgrti7.json Show response
fast.wistia.com/embed/medias/ 6 KB
3 KB 7ms
7ms Script
text/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/z9z5dgrti7.json?callback=wistiajson1

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cba6deb636cb42f62ddfecd65b322db88e807624c3052e64d95cbe7914663e0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 00:08:48 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 32436
x-cache: MISS, HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
status: 200
strict-transport-security: max-age=0
content-length: 2264
via: 1.1 varnish, 1.1 varnish
x-request-id: e36791c9759dce0762449ca9331f47aa
x-served-by: cache-sea4460-SEA, cache-fra19143-FRA
x-runtime: 0.062365
referrer-policy: strict-origin-when-cross-origin
x-timer: S1584230928.170663,VS0,VE1
x-download-options: noopen
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 74
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 1, 1

GET
H2 200 wistia-mux.js Show response
fast.wistia.com/assets/external/ 95 KB
25 KB 6ms
6ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/wistia-mux.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7c2a6182bc6b056674c4d4ab1091d1bdef119408271bf266f25d5c35f3471f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 00:08:48 GMT
content-encoding: br
age: 3247
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=0
content-length: 25305
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sea4482-SEA, cache-fra19143-FRA
x-browser-version: 74
last-modified: Fri, 13 Mar 2020 17:55:08 GMT
x-timer: S1584230928.170923,VS0,VE0
etag: "5e6bc8fc-62d9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 46

GET
H/1.1 200
OK mystery-auth Show response
mysteryscience.com/ 10 B
599 B 319ms
112ms XHR
application/json 52.45.70.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mysteryscience.com/mystery-auth

Requested by

Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.45.70.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-70-48.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

0944d67c4d96fe949834700d0cb784b99ee5b0b6205b0667d842ece155405df2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Referer: https://mysterydoug.com/
Origin: https://mysterydoug.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.012490
Date: Sun, 15 Mar 2020 00:08:47 GMT
Content-Encoding: gzip
Server: Cowboy
Etag: W/"0944d67c4d96fe949834700d0cb784b9"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://mysterydoug.com
Cache-Control: max-age=0, private, must-revalidate
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Via: 1.1 vegur
X-Request-Id: 5ca6e4f9-01fa-4932-8c2a-0ec16e59097f

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
106 B 149ms
149ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Origin: https://mysterydoug.com
Bugsnag-Api-Key: bf2b427e59c0299882d89f5501237d86
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json
Bugsnag-Payload-Version: 1.0
Sec-Fetch-Dest: empty
Referer: https://mysterydoug.com/
Bugsnag-Sent-At: 2020-03-15T00:08:48.026Z

Response headers

status: 202
date: Sun, 15 Mar 2020 00:08:48 GMT
via: 1.1 google
access-control-allow-origin: *
alt-svc: clear
content-length: 21
content-type: application/json

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6BGZZS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5717
date: Sat, 14 Mar 2020 22:33:31 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Sun, 15 Mar 2020 00:33:31 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 21ms
6ms Script
application/javascript 2a04:4e42:3::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6BGZZS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::84 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a8a5c752f8ae0c033572453cbb3240ca9047eae565ea1f3df7cb1ea67e9984d9

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 00:08:48 GMT
x-cdn: fastly
access-control-allow-origin: *
etag: "fdf03ac619d384023432225dbd221b25"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
status: 200
access-control-max-age: 86400
cache-control: max-age=7200
content-length: 1097
fastly-restarts: 1
access-control-expose-headers: X-CDN

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 16ms
16ms Script
text/javascript 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6BGZZS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

332458d8d7043c9237ea48c995f93f4d47988640c7eea5f50d8c28e80323e77b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 00:08:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9953
x-xss-protection: 0
server: cafe
etag: 242256469415106277
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 15 Mar 2020 00:08:48 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 24 KB
8 KB 44ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6BGZZS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 60dee30fbb522239142324aeb60131e28d3d8e4890cf5eabe7213df0506f98c2

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 00:08:47 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 04:51:11 GMT
x-msedge-ref: Ref A: 2256DA4C2D334906BCFB99ABA6DE60AC Ref B: FRAEDGE0517 Ref C: 2020-03-15T00:08:48Z
access-control-allow-origin: *
etag: "8094a4f3f8d51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7446

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: VI16GNig36s5qP5CVsjAe9hPwgb5P15A5mGQFTYPipHHb97AV8pgzCz4pbgUnUIhdXt84TMq4qzkmyVZwo7pyQ==
x-fb-trip-id: 1850256238
date: Sun, 15 Mar 2020 00:08:48 GMT, Sun, 15 Mar 2020 00:08:48 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d12183924739a0c3a90d68d21aaa347e62a901671d5a836455935dda54bf0caf

Request headers

Origin: https://mysterydoug.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H/1.1 200
OK fdf446e827014223dd89df360c0edd981dbbaf41.webp
embedwistia-a.akamaihd.net/deliveries/ 87 KB
88 KB 51ms
23ms Image
image/webp 2.16.186.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embedwistia-a.akamaihd.net/deliveries/fdf446e827014223dd89df360c0edd981dbbaf41.webp?image_crop_resized=1920x1080
Requested by: Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.18 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b759c122e0a67b1189e066205256c9e0f08fb3f805322e3c1ce1d3b317ed9aec

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 00:08:48 GMT
Access-Control-Request-Method: *
surrogate-key: fdf446e827014223dd89df360c0edd981dbbaf41 thumbnail-delivery
Last-Modified: Sat, 06 May 2017 00:57:00 UTC
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
Cache-Control: max-age=30253705
content-disposition: inline
Connection: keep-alive
Accept-Ranges: none
Alt-Svc: quic=":443"; v="48,46,43,39"; ma=93600
Content-Length: 89116
X-Served-By: bakeryaws-breadroute1e-orange3-haproxy

GET
H2 200 h
heapanalytics.com/ 37 B
212 B 289ms
95ms Image
image/gif 52.202.106.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heapanalytics.com/h?a=3987823424&u=2443400902932265&v=6863715982790846&s=7610352994124180&b=web&tv=4.0&z=0&h=%2F&q=%3Fg%3D74926533%26r%3D74773796%26s%3Dinternal-email-forward&d=mysterydoug.com&t=Mystery%20Doug&k=Membership%20Status&k=basic&k=logged_in_on_ms%3F&k=false&ts=1584230928304&st=1584230928305
Requested by: Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.106.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-106-32.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sun, 15 Mar 2020 00:08:48 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 identify_v4
heapanalytics.com/api/ 37 B
212 B 290ms
96ms Image
image/gif 52.202.106.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heapanalytics.com/api/identify_v4?a=3987823424&u=2443400902932265&v=6863715982790846&s=7610352994124180&i=74930295&if=Mystery%20Science%20ID&b=web&tv=4.0&z=0&st=1584230928306
Requested by: Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.106.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-106-32.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sun, 15 Mar 2020 00:08:48 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 add_user_properties_v3
heapanalytics.com/api/ 37 B
212 B 290ms
96ms Image
image/gif 52.202.106.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heapanalytics.com/api/add_user_properties_v3?a=3987823424&u=2443400902932265&v=6863715982790846&s=7610352994124180&i=74930295&if=Mystery%20Science%20ID&b=web&tv=4.0&_Membership%20Status=basic&st=1584230928306
Requested by: Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.106.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-106-32.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sun, 15 Mar 2020 00:08:48 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 6ms
5ms Image
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1882237325&t=pageview&_s=1&dl=https%3A%2F%2Fmysterydoug.com%2F%3Fg%3D74926533%26r%3D74773796%26s%3Dinternal-email-forward&ul=en-us&de=UTF-8&dt=Mystery%20Doug&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGBAgEAB~&jid=1051468928&gjid=518963873&cid=880706429.1584230928&uid=74930295&tid=UA-71796331-2&_gid=49349807.1584230928&gtm=2wg340T6BGZZS&z=461109042

Requested by

Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 11 Mar 2020 00:49:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 343184
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-71796331-2&cid=880706429.1584230928&jid=1051468928&uid=74930295&gjid=518963873&_gid=49349807.1584230928&_u=YGBAgEAB~&z=40...
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-71796331-2&cid=880706429.1584230928&jid=1051468928&_v=j81&z=409144688
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-71796331-2&cid=880706429.1584230928&jid=1051468928&_v=j81&z=409144688&slf_rd=1&random=1329006477

42 B
109 B

16ms
16ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-71796331-2&cid=880706429.1584230928&jid=1051468928&_v=j81&z=409144688&slf_rd=1&random=1329006477

Requested by

Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Mar 2020 00:08:48 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 15 Mar 2020 00:08:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-71796331-2&cid=880706429.1584230928&jid=1051468928&_v=j81&z=409144688&slf_rd=1&random=1329006477
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/851286855/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/851286855/?random=1584230928323&cv=9&fst=1584230928323&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg340&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmysterydoug.com%2F%3Fg%3D74926533%26r%3D74773796%26s%3Dinternal-email-forward&tiba=Mystery%20Doug&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43e1329e9ddcdc4f9dcc0118240e4e265b17efc7c0a862ff49558999f5d685c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Sun, 15 Mar 2020 00:08:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1029
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/763394716/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763394716/?random=1584230928325&cv=9&fst=1584230928325&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg340&sendb=1&ig=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Deducation%3Bid%3D288&frm=0&url=https%3A%2F%2Fmysterydoug.com%2F%3Fg%3D74926533%26r%3D74773796%26s%3Dinternal-email-forward&tiba=Mystery%20Doug&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b9a925daca21bf0af778102df4d7906fcaad769d0d61ab2c9495958de4ceaa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Sun, 15 Mar 2020 00:08:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1078
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/763394716/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763394716/?random=1584230928326&cv=9&fst=1584230928326&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg340&sendb=1&ig=1&data=user_id%3D74930295&frm=0&url=https%3A%2F%2Fmysterydoug.com%2F%3Fg%3D74926533%26r%3D74773796%26s%3Dinternal-email-forward&tiba=Mystery%20Doug&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed12a1238d7f4d0a64e305e3ffc64e5cc2ceafe5663a5de80b8c8c9163fce6af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Sun, 15 Mar 2020 00:08:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1047
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.a37a8bbc.js Show response
s.pinimg.com/ct/lib/ 45 KB
45 KB 6ms
6ms Script
application/javascript 2a04:4e42:3::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.a37a8bbc.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::84 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5e8923354dc828bba8fd3a84f1fed88a4b7095207803798b521710119bf347da

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 00:08:48 GMT
x-cdn: fastly
access-control-allow-origin: *
etag: "dca924303eac8ed14b9cb0fa8819af3d"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
status: 200
access-control-max-age: 86400
cache-control: max-age=1209600
content-length: 46316
fastly-restarts: 1
access-control-expose-headers: X-CDN

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 42 KB
10 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.15

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2d1ebc88e56ceb0aa1d93c5e7f46539110c25d1d07a1bab71a8dc3afa5d07cb8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 10620
x-xss-protection: 0
pragma: public
x-fb-debug: Kd1AYZG9/NgT0IXTJeMcHcfd5nobnna4y5RU6TvPIKeLQmEsUIsENaZx6JLt7MB+t/U2/mzO6bKr46Al4Ita5Q==
x-fb-trip-id: 1850256238
date: Sun, 15 Mar 2020 00:08:48 GMT, Sun, 15 Mar 2020 00:08:48 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1847306248927532 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 73ms
73ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1847306248927532?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8eca3c823f8dd1f6c65dc1982ad142229b72585469ed214624dcbbf6f4fa1266

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: TzFBopp1MMqDk1COwDA0ytE42UUmCqdLg0NeyHWUYfodF4ZU0+8NOkoz8LIRlIDAJZteUh/9cbuy1B6Gsyg5pw==
x-fb-trip-id: 1850256238
date: Sun, 15 Mar 2020 00:08:48 GMT, Sun, 15 Mar 2020 00:08:48 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 28ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=26069052&Ver=2&mid=87309a01-3371-8ba9-e539-ccffb1faae5a&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Mystery%20Doug&p=https%3A%2F%2Fmysterydoug.com%2F%3Fg%3D74926533%26r%3D74773796%26s%3Dinternal-email-forward&r=&lt=1074&evt=pageLoad&msclkid=N&rn=547735
Requested by: Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
pragma: no-cache
date: Sun, 15 Mar 2020 00:08:47 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 0B8807E2F03C4423BF643D12E351FF99 Ref B: FRAEDGE0517 Ref C: 2020-03-15T00:08:48Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 35 B
299 B 53ms
33ms XHR
image/gif 151.101.12.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2613507069585&ov=%7B%22np%22%3A%22gtm%22%7D&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1584230928348
Requested by: Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer: https://mysterydoug.com/
Origin: https://mysterydoug.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Mar 2020 00:08:48 GMT
x-cdn: fastly
status: 200
content-type: image/gif
access-control-allow-origin: https://mysterydoug.com
access-control-expose-headers: Epik
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-pinterest-rid: 5362501707536418
x-envoy-upstream-service-time: 1
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
85 B 57ms
38ms Image
image/gif 151.101.12.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2613507069585&ov=%7B%22np%22%3A%22gtm%22%7D&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fmysterydoug.com%2F%3Fg%3D74926533%26r%3D74773796%26s%3Dinternal-email-forward%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%7D&cb=1584230928349
Requested by: Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sun, 15 Mar 2020 00:08:48 GMT
x-cdn: fastly
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 5
content-length: 35
x-pinterest-rid: 1790404738619441
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
87 B 57ms
37ms Image
image/gif 151.101.12.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613507069585&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fmysterydoug.com%2F%3Fg%3D74926533%26r%3D74773796%26s%3Dinternal-email-forward%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%7D&cb=1584230928349
Requested by: Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sun, 15 Mar 2020 00:08:48 GMT
x-cdn: fastly
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
content-length: 35
x-pinterest-rid: 4793952419928959
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hls_video.js Show response
fast.wistia.com/assets/external/engines/ 290 KB
64 KB 6ms
6ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4ba72f2208eb6fa10d2c02e16f320253750e9494df0d2cf1f5ff07da27093f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 00:08:48 GMT
content-encoding: br
age: 3246
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=0
content-length: 64882
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sea4431-SEA, cache-fra19143-FRA
x-browser-version: 74
last-modified: Fri, 13 Mar 2020 17:55:08 GMT
x-timer: S1584230928.355046,VS0,VE0
etag: "5e6bc8fc-fd72"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 29

GET
H2 200 /
www.google.com/pagead/1p-user-list/851286855/ 42 B
110 B 21ms
21ms Image
image/gif 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/851286855/?random=1584230928323&cv=9&fst=1584230400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg340&sendb=1&frm=0&url=https%3A%2F%2Fmysterydoug.com%2F%3Fg%3D74926533%26r%3D74773796%26s%3Dinternal-email-forward&tiba=Mystery%20Doug&async=1&fmt=3&is_vtc=1&random=429272033&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sun, 15 Mar 2020 00:08:48 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/851286855/ 42 B
110 B 21ms
21ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/851286855/?random=1584230928323&cv=9&fst=1584230400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg340&sendb=1&frm=0&url=https%3A%2F%2Fmysterydoug.com%2F%3Fg%3D74926533%26r%3D74773796%26s%3Dinternal-email-forward&tiba=Mystery%20Doug&async=1&fmt=3&is_vtc=1&random=429272033&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sun, 15 Mar 2020 00:08:48 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/763394716/ 42 B
110 B 22ms
21ms Image
image/gif 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/763394716/?random=1584230928325&cv=9&fst=1584230400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg340&sendb=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Deducation%3Bid%3D288&frm=0&url=https%3A%2F%2Fmysterydoug.com%2F%3Fg%3D74926533%26r%3D74773796%26s%3Dinternal-email-forward&tiba=Mystery%20Doug&async=1&fmt=3&is_vtc=1&random=1792327339&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sun, 15 Mar 2020 00:08:48 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/763394716/ 42 B
110 B 20ms
20ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/763394716/?random=1584230928325&cv=9&fst=1584230400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg340&sendb=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Deducation%3Bid%3D288&frm=0&url=https%3A%2F%2Fmysterydoug.com%2F%3Fg%3D74926533%26r%3D74773796%26s%3Dinternal-email-forward&tiba=Mystery%20Doug&async=1&fmt=3&is_vtc=1&random=1792327339&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sun, 15 Mar 2020 00:08:48 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/763394716/ 42 B
110 B 22ms
21ms Image
image/gif 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/763394716/?random=1584230928326&cv=9&fst=1584230400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg340&sendb=1&data=user_id%3D74930295&frm=0&url=https%3A%2F%2Fmysterydoug.com%2F%3Fg%3D74926533%26r%3D74773796%26s%3Dinternal-email-forward&tiba=Mystery%20Doug&async=1&fmt=3&is_vtc=1&random=1720825183&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sun, 15 Mar 2020 00:08:48 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/763394716/ 42 B
110 B 19ms
19ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/763394716/?random=1584230928326&cv=9&fst=1584230400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg340&sendb=1&data=user_id%3D74930295&frm=0&url=https%3A%2F%2Fmysterydoug.com%2F%3Fg%3D74926533%26r%3D74773796%26s%3Dinternal-email-forward&tiba=Mystery%20Doug&async=1&fmt=3&is_vtc=1&random=1720825183&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sun, 15 Mar 2020 00:08:48 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
2 KB 19ms
7ms Image
image/gif 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Requested by

Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://mysterydoug.com/
Origin: https://mysterydoug.com
Sec-Fetch-Dest: image
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Mar 2020 00:08:48 GMT
via: 1.1 varnish, 1.1 varnish
age: 89649
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=0
content-length: 1214
x-served-by: cache-sea4476-SEA, cache-fra19133-FRA
x-browser-version: 74
last-modified: Fri, 13 Mar 2020 22:56:53 GMT
x-timer: S1584230928.404860,VS0,VE0
etag: "5e6c0fb5-4be"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 3045

GET
H2 200 /
www.facebook.com/tr/ 44 B
249 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1847306248927532&ev=PageView&dl=https%3A%2F%2Fmysterydoug.com%2F%3Fg%3D74926533%26r%3D74773796%26s%3Dinternal-email-forward&rl=&if=false&ts=1584230928437&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1584230928436.539253679&it=1584230928332&coo=false&rqm=GET

Requested by

Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 15 Mar 2020 00:08:48 GMT, Sun, 15 Mar 2020 00:08:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 15 Mar 2020 00:08:48 GMT

GET
H2 200 nr-1167.min.js Show response
js-agent.newrelic.com/ 26 KB
10 KB 24ms
7ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1167.min.js
Requested by: Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 00:08:48 GMT
content-encoding: gzip
x-amz-request-id: 9F168BA697B778D0
x-cache: HIT
status: 200
content-length: 10178
x-amz-id-2: yYgBioLjCplIhDxMZm/PKonf0xZGo/IH9CxBrQAf8lWo1+WyLnApygFOHARQZ+4eJQtQu20EMwQ=
x-served-by: cache-hhn4065-HHN
last-modified: Fri, 07 Feb 2020 23:39:55 GMT
server: AmazonS3
x-timer: S1584230929.617571,VS0,VE0
etag: "8155781ab74e51eee2ead2c1d5902e63"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 8660

GET
H/1.1 200
OK f82b08443b373bd72258da30806852f1528f5a8f.m3u8 Show response
embedwistia-a.akamaihd.net/deliveries/ 2 KB
2 KB 136ms
116ms XHR
application/vnd.apple.mpegurl 2.16.186.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/f82b08443b373bd72258da30806852f1528f5a8f.m3u8?origin_v2=1
Requested by: Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.18 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d11acd3c82785f1c7009c38298277cdb40e5877ed2b09c67fc9bc8181eda6ef0

Request headers

Referer: https://mysterydoug.com/
Origin: https://mysterydoug.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Mar 2020 00:08:48 GMT
Access-Control-Request-Method: *
Connection: keep-alive
Alt-Svc: quic=":443"; v="48,46,43,39"; ma=93600
Content-Length: 1818
X-Served-By: bakeryaws-breadroute1e-orange4-haproxy
surrogate-key: f82b08443b373bd72258da30806852f1528f5a8f hls-segment
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=31226497
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Thu, 11 Mar 2021 10:10:25 GMT

GET
H/1.1 200
OK 1194573a89 Show response
bam.nr-data.net/1/ 57 B
275 B 439ms
112ms Script
text/javascript 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/1194573a89?a=19217370&v=1167.2a4546b&to=dFYMEUVfWF0GRhteTERNBxdOb1BeFlMbRkZSSxFKWVVD&rst=1521&ref=https://mysterydoug.com/&qt=2&ap=243&be=920&fe=1489&dc=1061&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1584230927110,%22n%22:0,%22f%22:235,%22dn%22:237,%22dne%22:237,%22c%22:237,%22s%22:242,%22ce%22:438,%22rq%22:438,%22rp%22:788,%22rpe%22:874,%22dl%22:798,%22di%22:1060,%22ds%22:1061,%22de%22:1074,%22dc%22:1488,%22l%22:1488,%22le%22:1490%7D,%22navigation%22:%7B%7D%7D&fp=1026&fcp=1026&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1167.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Content-Type: text/javascript;charset=ISO-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 x Show response
distillery.wistia.com/ 0
95 B 326ms
101ms XHR
text/plain 54.209.247.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.209.247.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-247-25.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mysterydoug.com/
Origin: https://mysterydoug.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: text/plain

Response headers

status: 204
date: Sun, 15 Mar 2020 00:08:48 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-origin: *

GET
H/1.1 200
OK seg-1-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/f82b08443b373bd72258da30806852f1528f5a8f.m3u8/ 218 KB
218 KB 91ms
91ms XHR
video/mp2t 2.16.186.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/f82b08443b373bd72258da30806852f1528f5a8f.m3u8/seg-1-v1-a1.ts
Requested by: Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.18 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 81fa7506ec9b60d668bc81ed714900717fb2a01bb53a7cbc3251bb60afc6b47f

Request headers

Referer: https://mysterydoug.com/
Origin: https://mysterydoug.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Mar 2020 00:08:48 GMT
Access-Control-Request-Method: *
Connection: keep-alive
Alt-Svc: quic=":443"; v="48,46,43,39"; ma=93600
Content-Length: 222968
X-Served-By: bakeryaws-breadroute1e-orange4-haproxy
surrogate-key: f82b08443b373bd72258da30806852f1528f5a8f hls-segment
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=31231631
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Thu, 11 Mar 2021 11:35:59 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
48 B 6ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://mysterydoug.com/
Origin: https://mysterydoug.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryfM5VfZOG2UyOA40Y

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
access-control-allow-origin: https://mysterydoug.com
date: Sun, 15 Mar 2020 00:08:48 GMT
content-type: text/plain
status: 200
access-control-allow-credentials: true
alt-svc: h3-27=":443"; ma=3600
content-length: 0

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
206 B 599ms
178ms XHR
text/html 54.244.82.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pipedream.wistia.com/mput?topic=metrics

Requested by

Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.244.82.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-82-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mysterydoug.com/
Origin: https://mysterydoug.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 15 Mar 2020 00:08:49 GMT
x-content-type-options: nosniff
status: 200
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, OPTIONS
content-type: text/html;charset=utf-8
access-control-allow-origin: *
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 allIntegrations.js Show response
fast.wistia.com/assets/external/ 20 KB
4 KB 6ms
6ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0aa335d48cfcbe8eeb4230ff13829e9a4442a4505dfa3ffdb6b8217cf5723e6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://mysterydoug.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 00:08:49 GMT
content-encoding: br
age: 3249
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=0
content-length: 4392
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sea4444-SEA, cache-fra19143-FRA
x-browser-version: 74
last-modified: Fri, 13 Mar 2020 17:55:08 GMT
x-timer: S1584230930.600282,VS0,VE0
etag: "5e6bc8fc-1128"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 37

OPTIONS
H/1.1 200
OK / Show response
fg8vvsvnieiv3ej16jby.litix.io/ 0
247 B 382ms
92ms XHR
text/plain 34.195.41.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fg8vvsvnieiv3ej16jby.litix.io/
Requested by: Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.41.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-41-56.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://mysterydoug.com
Referer: https://mysterydoug.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 15 Mar 2020 00:08:53 GMT
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 0
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: POST, GET

POST
H/1.1 200
OK / Show response
fg8vvsvnieiv3ej16jby.litix.io/ 0
172 B 93ms
93ms XHR
text/plain 34.195.41.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fg8vvsvnieiv3ej16jby.litix.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.41.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-41-56.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mysterydoug.com/
Origin: https://mysterydoug.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 15 Mar 2020 00:08:53 GMT
Connection: keep-alive
Content-Length: 0
Access-Control-Allow-Methods: POST, GET

POST
H/1.1 200
OK 1194573a89 Show response
bam.nr-data.net/events/1/ 24 B
182 B 108ms
107ms XHR
image/gif 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/1194573a89?a=19217370&v=1167.2a4546b&to=dFYMEUVfWF0GRhteTERNBxdOb1BeFlMbRkZSSxFKWVVD&rst=11523&ref=https://mysterydoug.com/
Requested by: Host: mysterydoug.com
URL: https://mysterydoug.com/?g=74926533&r=74773796&s=internal-email-forward
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://mysterydoug.com/
Origin: https://mysterydoug.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://mysterydoug.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mysterydoug.com/	1970-01-19 08:03:52	Name: _hp2_ses_props.3987823424 Value: %7B%22ts%22%3A1584230928304%2C%22d%22%3A%22mysterydoug.com%22%2C%22h%22%3A%22%2F%22%2C%22q%22%3A%22%3Fg%3D74926533%26r%3D74773796%26s%3Dinternal-email-forward%22%7D
.mysterydoug.com/	1970-01-19 08:03:50	Name: _dc_gtm_UA-71796331-2 Value: 1
.mysterydoug.com/	1970-01-20 01:35:02	Name: _ga Value: GA1.2.880706429.1584230928
.mysterydoug.com/	1970-01-19 10:13:26	Name: _fbp Value: fb.1.1584230928436.539253679
.mysterydoug.com/	1970-01-20 01:35:02	Name: _hp2_id.3987823424 Value: %7B%22userId%22%3A%222443400902932265%22%2C%22pageviewId%22%3A%226863715982790846%22%2C%22sessionId%22%3A%227610352994124180%22%2C%22identity%22%3A%2274930295%22%2C%22trackerVersion%22%3A%224.0%22%2C%22identityField%22%3A%22Mystery%20Science%20ID%22%2C%22isIdentified%22%3A1%7D
mysterydoug.com/	1969-12-31 23:59:59	Name: loglevel Value: WARN
mysterydoug.com/	1970-01-19 08:04:05	Name: current_user_session_id Value: 102217332
.mysterydoug.com/	1970-01-20 01:35:02	Name: _hp2_props.3987823424 Value: %7B%22Membership%20Status%22%3A%22basic%22%7D
.mysterydoug.com/	1970-01-22 23:42:43	Name: _m_session_id Value: dDBPOGtTWGxTcDAzck1LeU9vZ1k4YmZVakd0Qm9wWFRubUlsYXczbEhNVGRoQndXWDBWT2JRbSt0ZjV1SHoxL2RiV09mejVxSUVNVmk0aXE0cGdYeWpMZzJXZWFsRzc0MnRoZ2ZKUXpTUlNySndETkRPRitDRXVFejRmeTVkK1FCOW14bWxybTVaM1NVYkEwcFpZUU9mNVEwQmF0SmorZXByQzlYMHl6WER2Zy9DZjRCUkNhOWpzd0tBM2U2U2g2TUxGNW9KOU9GQUk2RFRpN0s3YnlvS2xweHNSMnFXSjIwYmZRYUtkWTNiaFVHalBrK3Rick8rWU9jc1gzaXh5TE1xZDZ1R0hmaTFrYmY2UmpRcWl0K1dCNDVxV0VaN3gvWEVpK1h4b1NzYm1mNzdoa3FjQkFKOUtYeXFpMlVVUmY5eFJIVlJUUExKSE5WcE5aZnpSaGVnPT0tLXRlSUdLR2VRbHQrTjdYajJ3WjJRNWc9PQ%3D%3D--7ad3fb1715b1e3c1d8918d89b009eb725856819f
.mysterydoug.com/	1970-01-19 08:05:17	Name: _gid Value: GA1.2.49349807.1584230928
mysterydoug.com/	1969-12-31 23:59:59	Name: grade Value: 3
.mysterydoug.com/	1970-01-19 10:13:26	Name: _gcl_au Value: 1.1.123430680.1584230928

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://cloud.mysteryscience.com/raw/upload/assets/bugsnag-b67fcf5e328325cbe5350adcea8a8c212ae4868c8fb1b9392e30b89f1ff4538f.js(Line 2) Message: [bugsnag] Loaded!

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
bat.bing.com
cdn.heapanalytics.com
cloud.mysteryscience.com
connect.facebook.net
ct.pinterest.com
distillery.wistia.com
embedwistia-a.akamaihd.net
fast.wistia.com
fg8vvsvnieiv3ej16jby.litix.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
heapanalytics.com
js-agent.newrelic.com
mysterydoug.com
mysteryscience.com
pipedream.wistia.com
s.pinimg.com
sessions.bugsnag.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.225.73.123
151.101.114.110
151.101.12.84
162.247.242.19
172.217.22.66
2.16.186.18
2600:1901:0:7a0b::
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:800::2008
2a00:1450:4001:808::2003
2a00:1450:4001:808::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:81e::2003
2a00:1450:4001:81f::2004
2a00:1450:400c:c00::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:3::609
2a04:4e42:3::622
2a04:4e42:3::84
34.195.41.56
34.201.246.51
52.202.106.32
52.45.70.48
54.209.247.25
54.244.82.212
0944d67c4d96fe949834700d0cb784b99ee5b0b6205b0667d842ece155405df2
0aa335d48cfcbe8eeb4230ff13829e9a4442a4505dfa3ffdb6b8217cf5723e6c
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d1ebc88e56ceb0aa1d93c5e7f46539110c25d1d07a1bab71a8dc3afa5d07cb8
2e3fc4c2c3b52756b4fad9421320f1abafab6a2f6e29a4829b9f5ffb4e9e13bc
332458d8d7043c9237ea48c995f93f4d47988640c7eea5f50d8c28e80323e77b
36869be8eec4bce6608690a10963c76af0e56d7e2ea0c6cf93d79f17c3642559
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
38087e4c0d665240e647240e5ee373491272d3b8e2b7280e84cd7480f78cf486
3b9a925daca21bf0af778102df4d7906fcaad769d0d61ab2c9495958de4ceaa7
43e1329e9ddcdc4f9dcc0118240e4e265b17efc7c0a862ff49558999f5d685c0
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
4ba72f2208eb6fa10d2c02e16f320253750e9494df0d2cf1f5ff07da27093f0b
5552ec8e4eac99cb8552c133f848dc0c134247dadcee553c4332c55889bbf3a5
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56fa605d0e8d48002ce834fe085ad6d4b599765281652c2c5fc2872b6f077098
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5ca968c4d856c4bb9ce881e6c16187e33462b959a317c1ce29419f957cb729d2
5e8923354dc828bba8fd3a84f1fed88a4b7095207803798b521710119bf347da
60dee30fbb522239142324aeb60131e28d3d8e4890cf5eabe7213df0506f98c2
6e2222db17553a1696e130232051e81622600045ccc834bb558f43c15542d2a3
7c2a6182bc6b056674c4d4ab1091d1bdef119408271bf266f25d5c35f3471f7d
7f37fd4944c1c56319b3b291b7613435fd7448227620d423f98fa33e4c7a07df
81fa7506ec9b60d668bc81ed714900717fb2a01bb53a7cbc3251bb60afc6b47f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
892933a134c1c9611c414f846f9cbb6bf5345e871d916543a1888d4247332224
8eca3c823f8dd1f6c65dc1982ad142229b72585469ed214624dcbbf6f4fa1266
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a1123bf6d18c659c866c5cce6dd62422bd48d4746c7bc218c3c8af26f041cbfc
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a8a5c752f8ae0c033572453cbb3240ca9047eae565ea1f3df7cb1ea67e9984d9
b67fcf5e328325cbe5350adcea8a8c212ae4868c8fb1b9392e30b89f1ff4538f
b759c122e0a67b1189e066205256c9e0f08fb3f805322e3c1ce1d3b317ed9aec
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c49b4eb3bbeb7440208f4d8951897ad53e76c1512642471bfb6b84024bee1c85
cba6deb636cb42f62ddfecd65b322db88e807624c3052e64d95cbe7914663e0f
d11acd3c82785f1c7009c38298277cdb40e5877ed2b09c67fc9bc8181eda6ef0
d12183924739a0c3a90d68d21aaa347e62a901671d5a836455935dda54bf0caf
d15d422a312b94cef72f275f0929524a1aa2cbaadb9175c4adb513ccfed10a03
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
ed12a1238d7f4d0a64e305e3ffc64e5cc2ceafe5663a5de80b8c8c9163fce6af
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8

mysterydoug.com Open in urlscan Pro 34.201.246.51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

100 %HTTPS

56 %IPv6

22 Domains

27 Subdomains

27 IPs

5 Countries

1374 kBTransfer

3254 kBSize

12 Cookies

6 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mysterydoug.com Open in urlscan Pro
34.201.246.51 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

100 %
HTTPS

56 %
IPv6

22
Domains

27
Subdomains

27
IPs

5
Countries

1374 kB
Transfer

3254 kB
Size

12
Cookies

63 HTTP transactions
3 data transactions