urlscan.io logo urlscan.io
SecurityTrails logo

mind-activity.com Open in urlscan Pro
18.158.98.109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cdn-4.mind-activity.com/
Effective URL: https://mind-activity.com/
Submission: On January 17 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 12 domains to perform 36 HTTP transactions. The main IP is 18.158.98.109, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is mind-activity.com.
TLS certificate: Issued by R3 on January 17th 2022. Valid for: 3 months.
This is the only time mind-activity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    192.0.78.24 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
cdn-4.mind-activity.com
6    18.158.98.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
mind-activity.com
8    192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
s0.wp.com
s1.wp.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:3031::6815:496e (United States)

ASN13335 (CLOUDFLARENET, US)
ezodn.com
1    192.0.78.19 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
r-login.wordpress.com
2    2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    2600:9000:206f:8000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
4    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a8aa54cebf47012d839f40585e04c2ac.safeframe.googlesyndication.com
4    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
8 googlesyndication.com
a8aa54cebf47012d839f40585e04c2ac.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
37 KB
8 wp.com
s0.wp.com — Cisco Umbrella Rank: 6441
s1.wp.com — Cisco Umbrella Rank: 18418
113 KB
7 mind-activity.com
cdn-4.mind-activity.com
mind-activity.com
44 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
146 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 80
www.google.com — Cisco Umbrella Rank: 13
2 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1019
pixel.quantserve.com — Cisco Umbrella Rank: 424
10 KB
2 gstatic.com
fonts.gstatic.com
32 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8028
792 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 898
430 B
1 wordpress.com
r-login.wordpress.com — Cisco Umbrella Rank: 23659
292 B
1 ezodn.com
ezodn.com — Cisco Umbrella Rank: 8820
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
2 KB
36 12
Domain Requested by
7 s0.wp.com mind-activity.com
6 mind-activity.com 1 redirects mind-activity.com
ezodn.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 securepubads.g.doubleclick.net ezodn.com
securepubads.g.doubleclick.net
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
1 www.google.com tpc.googlesyndication.com
1 a8aa54cebf47012d839f40585e04c2ac.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 pixel.quantserve.com mind-activity.com
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com mind-activity.com
1 r-login.wordpress.com mind-activity.com
1 ezodn.com mind-activity.com
1 s1.wp.com s0.wp.com
1 fonts.googleapis.com mind-activity.com
1 cdn-4.mind-activity.com 1 redirects
36 18

This site contains links to these domains. Also see Links.

Domain
wordpress.com
Subject Issuer Validity Valid
mind-activity.com
R3		 2022-01-17 -
2022-04-17		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh
*.wordpress.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-12 -
2022-11-14		 2 years crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://mind-activity.com/
Frame ID: 01408CA75D2AB0A1D8853D2601EFA166
Requests: 29 HTTP requests in this frame

Frame: https://r-login.wordpress.com/remote-login.php?wpcom_remote_login=key&origin=aHR0cHM6Ly9taW5kLWFjdGl2aXR5LmNvbQ%3D%3D&wpcomid=200746836&time=1642448698
Frame ID: 9BEE3DCB6F43AC20FBDEC6E3464EDCDD
Requests: 1 HTTP requests in this frame

Frame: https://a8aa54cebf47012d839f40585e04c2ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AB319C7EC5B794E859FCFD7D98C3E8E8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 36C96102C07795126A34E6A2A7AEC787
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C6E5995A37600E97D48EA7B4B3D460C3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mind ActivityMind ActivityWordPress.com

Page URL History Show full URLs

  1. https://cdn-4.mind-activity.com/ HTTP 301
    http://mind-activity.com/ HTTP 301
    https://mind-activity.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • <link[^>]+s\d+\.wp\.com
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

36
Requests

100 %
HTTPS

69 %
IPv6

12
Domains

18
Subdomains

15
IPs

2
Countries

388 kB
Transfer

1267 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cdn-4.mind-activity.com/ HTTP 301
    http://mind-activity.com/ HTTP 301
    https://mind-activity.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mind-activity.com/
Redirect Chain
  • https://cdn-4.mind-activity.com/
  • http://mind-activity.com/
  • https://mind-activity.com/
60 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mind-activity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
90c8cccc46bad6da9f1e81cdd02a13e47073d2237fbdd366b94977b12a9c7fbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 17 Jan 2022 19:44:58 GMT
display
orig_site_sol
expires
Sun, 16 Jan 2022 19:44:58 GMT
host-header
WordPress.com
pagespeed
off
response
200
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding Accept-Encoding,User-Agent
x-ac
2.hhn _dfw
x-ezoic-cdn
Miss
x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
x-middleton-display
orig_site_sol
x-middleton-response
200
x-origin-cache-control
no-cache, must-revalidate, max-age=0
x-sol
orig

Redirect headers

Cache-Control
public, max-age=2592000
Content-Type
text/html
Date
Mon, 17 Jan 2022 19:44:57 GMT
Display
staticcontent_sol, orig_site_sol
Location
https://mind-activity.com/
Pagespeed
off
Response
301
Server
nginx
Vary
Accept-Encoding User-Agent,Origin,Accept-Encoding
X-Ac
2.hhn _dfw
X-Ezoic-Cdn
Hit ds;mm;fcd777dbd321da86cc2292979ff492d4;2-321813-0;771f81e0-06a4-4d63-7970-ecd18f8c61a2
X-Middleton-Display
staticcontent_sol, orig_site_sol
X-Middleton-Response
301
X-Origin-Cache-Control
X-Sol
orig
Content-Length
162
/
s0.wp.com/_static/ 		149 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/_static/??-eJytUtFuwyAM/KERJ2067WXatwDxmDtDEIZW/P1IqmpZp0592AvS2dzpzjaco7JzyBgy+KIiF0dB4Bzt7JV4Yqw3qLMiT0Dw3lgCCe3MmDW0Kox933kKlx8b4auqKw0aTK51EsJp2HX7bgemEE9geLafiskknSpIroz/IZQ/0H8LUbBcJhQ4CnicSCO39pJ9AyLrikkxOm3rj0B36a23xQ9OYXXaxDBHvVjWdS5ZuUTTw/lvJJLOFJzcoW8WvMyt1X3Uv83/QbtcgjExoYhqr6fi1Trj9TDe/OvwPA5jPxxe9scv57DhoQ==?cssminify=yes
Requested by
Host: mind-activity.com
URL: https://mind-activity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
945368ce05e19e2303fd513d59498f475a1880f3a5aea02e62c43ffd6463d0f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mind-activity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 17 Jan 2022 19:44:58 GMT
content-encoding
br
last-modified
Mon, 10 Jan 2022 23:55:12 GMT
server
nginx
etag
W/"61dcc760-255c2"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-ac
2.hhn _dca
timing-allow-origin
*
expires
Wed, 11 Jan 2023 01:07:44 GMT
/
s0.wp.com/_static/ 		37 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/_static/??/wp-content/mu-plugins/comment-likes/css/comment-likes.css,/i/noticons/noticons.css?m=1436783281j&cssminify=yes
Requested by
Host: mind-activity.com
URL: https://mind-activity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
423a0f85fa7135f2313d8646df16701a715b58b00558b89ba758e2b7a773e336

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mind-activity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 17 Jan 2022 19:44:58 GMT
content-encoding
br
last-modified
Thu, 29 Nov 2018 13:53:33 GMT
server
nginx
etag
W/"5bffef5d-9278"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-ac
2.hhn _dca
timing-allow-origin
*
expires
Thu, 10 Nov 2022 15:12:14 GMT
/
s0.wp.com/_static/ 		176 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/_static/??-eJx9j8EKwzAMQ39omTs22l3GviUNXuqR2CFxWvr3C+xSaOlNgichwZKME1ZkBZ0wYoFUR8g0E3sVhqJrwKsr5QLH6GwzWSB2f9QsyUncBWI1KVRPXMCjmCDOKrX6rTGfYCmfRTOOQXyTHhq1sWcDD7684+vWP7pueA73/vsDQ6thBQ==?cssminify=yes
Requested by
Host: mind-activity.com
URL: https://mind-activity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
3128fed0adccdbe8b3b1f830739be568f64c54002600ba81a1253665056bfe28

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mind-activity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 17 Jan 2022 19:44:58 GMT
content-encoding
br
last-modified
Tue, 21 Dec 2021 09:29:11 GMT
server
nginx
etag
W/"61c19e67-2c192"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-ac
2.hhn _dca
timing-allow-origin
*
expires
Wed, 21 Dec 2022 09:29:23 GMT
css
fonts.googleapis.com/ 		29 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:thin,extralight,light,regular,medium,semibold,bold,italic,bolditalic,extrabold,black|Rubik:thin,extralight,light,regular,medium,semibold,bold,italic,bolditalic,extrabold,black|
Requested by
Host: mind-activity.com
URL: https://mind-activity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f1c6660787e6c28148cf65932e5743f34616a05ff45f853636f5fc11abf48329
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mind-activity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 19:44:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 17 Jan 2022 19:44:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Jan 2022 19:44:58 GMT
/
s0.wp.com/_static/ 		28 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/_static/??-eJzTLy/QTc7PK0nNK9HPLdUtyClNz8wr1i/ILy7RTctJzCzSL85ILMrMS4fResnFxTr62HUV5ydnJubo5uSn56NyQJrsc20NzYwtTE0NTC1NsgC9eivU?cssminify=yes
Requested by
Host: mind-activity.com
URL: https://mind-activity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5b2fb55270c60e2a2a58046c154b53898ee0cad3e1b4040287ebfc33b75e19a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mind-activity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 17 Jan 2022 19:44:58 GMT
content-encoding
br
last-modified
Fri, 03 Dec 2021 16:56:38 GMT
server
nginx
etag
W/"61aa4c46-71a9"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-ac
2.hhn _dca
timing-allow-origin
*
expires
Sat, 03 Dec 2022 17:00:30 GMT
/
s0.wp.com/_static/ 		19 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/_static/??/wp-content/js/mobile-useragent-info.js,/wp-content/js/rlt-proxy.js?m=1637704497j
Requested by
Host: mind-activity.com
URL: https://mind-activity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
7551cbecbf078a66df8f9d246d8b11c773247921f5ff0bbe601f0cf67e1e287b

Request headers

Referer
https://mind-activity.com/
Origin
https://mind-activity.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 17 Jan 2022 19:44:58 GMT
content-encoding
br
last-modified
Tue, 23 Nov 2021 21:55:38 GMT
server
nginx
etag
W/"619d635a-4b6b"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-ac
2.hhn _dfw
timing-allow-origin
*
expires
Wed, 23 Nov 2022 21:55:42 GMT
/
s0.wp.com/_static/ 		51 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/_static/??-eJx9jkkOwjAMRS9EaqAqsEGcxUms4rZ2owwFbk8qJAQs2P3BT99wC8bNmkkzDAk8Lewo3JshbeCjkmLCVHrWBG4WqZGZeKS0Ml/BL5ivJPUsFAsLRsYVCJEF48MoLtxj5ln/zKEXVmMxgmDKFKsyOaIb31Osbir+9Uu1JJZ8U6HaX+S8O7TH7tTt2+3wBBniVsg=
Requested by
Host: mind-activity.com
URL: https://mind-activity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2e3a7406f074267ca5bcc7ec737a1e2bad9096c4eddf8945c69de4dfda164740

Request headers

Referer
https://mind-activity.com/
Origin
https://mind-activity.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 17 Jan 2022 19:44:58 GMT
content-encoding
br
last-modified
Mon, 22 Nov 2021 12:47:19 GMT
server
nginx
etag
W/"619b9157-cd85"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-ac
2.hhn _dfw
timing-allow-origin
*
expires
Tue, 22 Nov 2022 12:47:32 GMT
print.css
s0.wp.com/wp-content/themes/pub/varia/ 		3 KB
856 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/themes/pub/varia/print.css?m=1571655471h&cssminify=yes
Requested by
Host: mind-activity.com
URL: https://mind-activity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
8e936bc7ea3237bccefa2f3697cad469548e7de0812eb19c583ec5f91a6b948d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mind-activity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 17 Jan 2022 19:44:58 GMT
content-encoding
br
server
nginx
etag
W/"5dad8f47-eed"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
x-ac
2.hhn _dca
timing-allow-origin
*
expires
Thu, 10 Nov 2022 15:12:16 GMT
cmbv2.js
mind-activity.com/detroitchicago/ 		67 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mind-activity.com/detroitchicago/cmbv2.js?gcb=195-5&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y21-3y53-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x53
Requested by
Host: mind-activity.com
URL: https://mind-activity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a8da58204c60a9be72305471be7067aad31bc245e1cbf52877f6d4c02540a0ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mind-activity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 19:44:58 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public, max-age=31536000, public
x-robots-tag
noindex
400.woff2
s1.wp.com/i/fonts/recoleta/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.wp.com/i/fonts/recoleta/400.woff2
Requested by
Host: s0.wp.com
URL: https://s0.wp.com/_static/??-eJytUtFuwyAM/KERJ2067WXatwDxmDtDEIZW/P1IqmpZp0592AvS2dzpzjaco7JzyBgy+KIiF0dB4Bzt7JV4Yqw3qLMiT0Dw3lgCCe3MmDW0Kox933kKlx8b4auqKw0aTK51EsJp2HX7bgemEE9geLafiskknSpIroz/IZQ/0H8LUbBcJhQ4CnicSCO39pJ9AyLrikkxOm3rj0B36a23xQ9OYXXaxDBHvVjWdS5ZuUTTw/lvJJLOFJzcoW8WvMyt1X3Uv83/QbtcgjExoYhqr6fi1Trj9TDe/OvwPA5jPxxe9scv57DhoQ==?cssminify=yes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
ac93a9e9e8db46bb89ede8e367d9f90b48970ed785be75eedbcfc348df68a092

Request headers

Referer
https://s0.wp.com/
Origin
https://mind-activity.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 17 Jan 2022 19:44:58 GMT
x-ac
2.hhn _dfw
last-modified
Fri, 03 Sep 2021 12:58:42 GMT
server
nginx
etag
"61321c02-8380"
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
33664
expires
Thu, 10 Nov 2022 15:12:14 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:thin,extralight,light,regular,medium,semibold,bold,italic,bolditalic,extrabold,black|Rubik:thin,extralight,light,regular,medium,semibold,bold,italic,bolditalic,extrabold,black|
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mind-activity.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 17:56:19 GMT
x-content-type-options
nosniff
age
438519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 12 Jan 2023 17:56:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:thin,extralight,light,regular,medium,semibold,bold,italic,bolditalic,extrabold,black|Rubik:thin,extralight,light,regular,medium,semibold,bold,italic,bolditalic,extrabold,black|
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mind-activity.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 13:39:48 GMT
x-content-type-options
nosniff
age
281110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 14 Jan 2023 13:39:48 GMT
saw.js
ezodn.com/detroitchicago/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ezodn.com/detroitchicago/saw.js?c=1
Requested by
Host: mind-activity.com
URL: https://mind-activity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:496e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7adfda53d25e934b2411334e9e30ab38a2c345575f5a4f576ef21d486812a9fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mind-activity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 19:44:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14985345
cf-ray
6cf214ccbe3e374b-MXP
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 28 Jul 2021 09:09:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmbORWBf336FNIFv4MeoxOSK4oQkt8xfSK%2Fd5jOKLrN5z99GzMWqmoIYkqD01VOyjlPtPj3UJyv2R3omq6Mc%2B2C7waNvx5NdUjH%2BaFZf7IHipgg2fkfOC68aAB%2FPXu4vQ5fj5aFmrG8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
remote-login.php
r-login.wordpress.com/ Frame 9BEE 		127 B
292 B 		Document
General
Check archive.org
Download Go to
Full URL
https://r-login.wordpress.com/remote-login.php?wpcom_remote_login=key&origin=aHR0cHM6Ly9taW5kLWFjdGl2aXR5LmNvbQ%3D%3D&wpcomid=200746836&time=1642448698
Requested by
Host: mind-activity.com
URL: https://mind-activity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e8db29bfa0f21f7773a2b4f537148593a013b7b1f3f71050d7573062977f986b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mind-activity.com/

Response headers

server
nginx
date
Mon, 17 Jan 2022 19:44:58 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding Cookie
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
content-encoding
br
x-ac
1.hhn _dfw
strict-transport-security
max-age=15552000
imp.gif
mind-activity.com/detroitchicago/ 		43 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mind-activity.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A0%2C%22ad_lazyload_version%22%3A0%2C%22ad_load_version%22%3A0%2C%22city%22%3A%22Frankfurt%20am%20Main%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22domain_id%22%3A321813%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A1%2C%22ezcache_skip_code%22%3A11%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22metro_code%22%3A0%2C%22page_ad_positions%22%3A%22%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%2266dec023-55ba-4eea-7567-663afcf80354%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%2260326%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A47905%2C%22response_time_orig%22%3A233%2C%22serverid%22%3A%2218.157.76.18%3A22804%22%2C%22state%22%3A%22HE%22%2C%22t_epoch%22%3A1642448697%2C%22template_id%22%3A120%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fmind-activity.com%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A27%2C%22worst_bad_word_level%22%3A0%7D&ez_orig=1
Requested by
Host: mind-activity.com
URL: https://mind-activity.com/detroitchicago/cmbv2.js?gcb=195-5&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y21-3y53-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mind-activity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 19:44:58 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/gif
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-length
47
expires
Sun, 16 Jan 2022 19:44:56 GMT
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: mind-activity.com
URL: https://mind-activity.com/detroitchicago/cmbv2.js?gcb=195-5&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y21-3y53-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x53
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mind-activity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 19:44:58 GMT
content-encoding
gzip
etag
"FMCWFRCBdbNj8Eh2c0G78Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 24 Jan 2022 19:44:58 GMT
cmbdv2.js
mind-activity.com/detroitchicago/ 		43 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mind-activity.com/detroitchicago/cmbdv2.js?gcb=195-5&cb=03-5y0c-5y18-4&cmbcb=20&sj=x03x0cx18
Requested by
Host: mind-activity.com
URL: https://mind-activity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1f9a55760c486613c8fd6ef1c58974113be5bc6efd3984b02aa646d5dd7929fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mind-activity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 19:44:58 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public, max-age=31536000, public
x-robots-tag
noindex
rules-p-31iz6hfFutd16.js
rules.quantcount.com/ 		3 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mind-activity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 22:10:09 GMT
via
1.1 6b38a2e1db230db568190464ab7177da.cloudfront.net (CloudFront)
age
77690
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 19:50:24 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
BL3RPlXqeQMoVhmpNYQBfUk_qWPQi76lbGhEkaZ-y-NgJ_UZB_AH7w==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ezodn.com
URL: https://ezodn.com/detroitchicago/saw.js?c=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
37ffaf519d628423e1ea7147364a8d2af10c3b63f3ec5a9b598f989aeaafd74c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mind-activity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 19:44:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26979
x-xss-protection
0
server
sffe
etag
"1105 / 853 of 1000 / last-modified: 1642206167"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 17 Jan 2022 19:44:58 GMT
pixel;r=1478341336;labels=Domain.mind_activity_com%2CDomainId.321813;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fmind-activity.com%2F;uht=2;fpan=1;fpa=P0-280807957-1642448698405;pbc=;ns=0;ce=1;qjs=1;q...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1478341336;labels=Domain.mind_activity_com%2CDomainId.321813;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fmind-activity.com%2F;uht=2;fpan=1;fpa=P0-280807957-1642448698405;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=mind-activity.com;je=0;sr=1600x1200x24;dst=0;et=1642448698405;tzo=0;ogl=type.website%2Ctitle.Mind%20Activity%2Curl.https%3A%2F%2Fmind-activity%252Ecom%2F%2Csite_name.Mind%20Activity%2Cimage.https%3A%2F%2Fmindactivitydotcom%252Efiles%252Ewordpress%252Ecom%2F2021%2F12%2Fmind_activity_logo_250%252Epn%2Cimage%3Awidth.250%2Cimage%3Aheight.250%2Cimage%3Aalt.%2Clocale.en_US
Requested by
Host: mind-activity.com
URL: https://mind-activity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mind-activity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 19:44:58 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pubads_impl_2022011002.js
securepubads.g.doubleclick.net/gpt/ 		352 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mind-activity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 19:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121009
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 21:10:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 17 Jan 2023 19:43:16 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		36 B
76 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mind-activity.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
5279d7bde6696488a75945cc956460155ac99cc573b2cae266f6456ef4464cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mind-activity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 17 Jan 2022 19:44:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52
x-xss-protection
0
expires
Mon, 17 Jan 2022 19:44:58 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=mind-activity.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mind-activity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 17 Jan 2022 19:44:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mind-activity.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mind-activity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 17 Jan 2022 19:44:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		449 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2808536822104909&correlator=1545738136943577&output=ldjh&impl=fif&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220117&iu_parts=1254144%3A22672553632%2Cezoic-30083&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x75&prev_scp=ga%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1642448698&dt=1642448698532&dlt=1642448698188&idt=324&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=302377745&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fmind-activity.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x75&msz=0x-1&ga_vid=1619613787.1642448699&ga_sid=1642448699&ga_hid=192616303&ga_fc=false&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
c15ba8eb3ef50ac45eb59db7d16d581fa2f8bc230341bfe6a8f77c66136315ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mind-activity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 19:44:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
239
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mind-activity.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
fig
mind-activity.com/detroitchicago/ 		0
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mind-activity.com/detroitchicago/fig?m=eyJ0eXBlIjoibWNtYXV0aCIsImRJRCI6MzIxODEzLCJ1cmwiOiJodHRwczovL21pbmQtYWN0aXZpdHkuY29tLyIsInBuIjoiMTI1NDE0NCIsImNuIjoiMjI2NzI1NTM2MzIifQ==
Requested by
Host: ezodn.com
URL: https://ezodn.com/detroitchicago/saw.js?c=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mind-activity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-middleton-display
imp_sol
date
Mon, 17 Jan 2022 19:44:58 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
expires
Sun, 16 Jan 2022 19:45:01 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
application/json
container.html
a8aa54cebf47012d839f40585e04c2ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AB31 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a8aa54cebf47012d839f40585e04c2ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mind-activity.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 17 Jan 2022 19:44:58 GMT
expires
Tue, 17 Jan 2023 19:44:58 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022011002&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
79aac870b5b4adf97950fab440651511aa9111cd14d1fbf8cbe03c62b819235e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mind-activity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 17 Jan 2022 19:44:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8744
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mind-activity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 19:44:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 17 Jan 2022 19:44:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 36C9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mind-activity.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 17 Jan 2022 19:24:54 GMT
expires
Tue, 17 Jan 2023 19:24:54 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
1204
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame C6E5 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5483b728753b496e6a164782eb00c86d3cfd0436fa6fb7912d5982a9c749b0c7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-svUVDb0KqrqNW+/Hc5XVuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mind-activity.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 17 Jan 2022 19:44:58 GMT
date
Mon, 17 Jan 2022 19:44:58 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-svUVDb0KqrqNW+/Hc5XVuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
qOjxjXcXCvgvcs-4P0zsCT9Wg6D8_9jxJtnS_OGjMvI.js
pagead2.googlesyndication.com/bg/ Frame 36C9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qOjxjXcXCvgvcs-4P0zsCT9Wg6D8_9jxJtnS_OGjMvI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8e8f18d77170af82f72cfb83f4cec093f5683a0fcffd8f126d9d2fce1a332f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 17:47:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
7045
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13349
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Jan 2023 17:47:33 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C6E5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022011002&jk=2808536822104909&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 36C9 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?kD0dGg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 19:44:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022011002&jk=2808536822104909&bg=!xsWlxYHNAAaocxMpqHM7ACkAdvg8WlZRVvYmByKxJz5e0PU2D604WQRANEgv0Lqjw6DpL19UuOPJGwIAAABQUgAAAAJoAQcKAM3dsvtYKjRTE1PeI7VnCMS6lZb3tBg1NvpkDEzHzzc8zqz6a5iba-OpGymENj4ptbVLfm4G4UOKT-AA3sxoaNifk0rAZOdZXARU9kpGGE_SSAYdJ0U_Ipky2wAmXbYBWJh8Mk1Ee1T6YKsp0CSIos5Tryuyy-juVq4g8woFcfRTNQ974to6NJkdc2xht3psLgJ3C1ZNenSWGNNrKSjdL4TP3gGd_WTqDIdol4ASdY8Hhh1cK6WdFfImE6qckCR-roBZw_yE-eG5v6qlasNmmQKye9MLIyo3WRv3eub9idBH-3DAccTM5Z8xym66oJji5Y41NK0aPEXx2FSK695TMd0A_4Aq6qwUQ3tcAl4pLELc6V2tiCnvru4rPEH8Knf_ywrdLBTZrTXrnWdP4kQ_O3CS8NeRH4o_b7QePBgEdTWfwg8_vl-qw_ys-ZmUCYfZdq1W0eoFj-kbbGf-zPBLBaGOB-_vNob8geXK96yr9Fwrcvg9VEiDknsGvldiSX1SUCW_yjhekvGlI0ZS5d_4q02YcKvXKj6kD-qKYYw3Umr-ZVeNj7YGz6HIlfQAORfUVyWUIr8d4wletikyA93JrD_Lb4efFzcNLuCUCd1RR4XLxrrtQeTY2_w9B_5PPmYTrcd2qNXeTu4ZCxIpg8xDkbexgpcXofWGOErg9WGIcvC1IdJvMkb12GtuQz1RSJK2Yn1esm0aXGLk7kjkf4maA1pOCUGS1JQTrB-rgi6hZEKT_LqUPxAGLFTY1EVClfzigk02F4LCEUrJqyHPyPpbzr-7SjYDdQIrjW7wbf97Bld3UfmalDH6kXv3z-z518ng1oOLvR0B4cZ_E3Bn1bELamEW8MzgmKV1fqGaPAWj9dy1opixGgAXP6aFcTj_c9aH6CA6yHE2jKCF9-UpvrFotyK2aMyTZiQQmZYEFAhJSUXrbuNgQz-TZRTMHAd-KA3XcZFyo8VCXORCPNbwV3wJCfBulQ9FZ0HlDPpUYLheiiN0USmyXuT-ZCAqzR8Va3gWgyeKCIkSO5n2DsEWJYb5oEEX3zNTDwgTCXJGNVkGedwP4I4n4z1ZgTHrvp1TUOSZ2r1DW_1F8fTUDITJDMGeYpmC9jBqRC6zjs30t7ViT9Uf8Sl3Gv4k6LtXU97CIDkiJ4BhZSAAbRbTcHpReWNK6JRI4H0s8-mR8nGSXCfSa8IHVHCL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mind-activity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jan 2022 19:44:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| __ez string| wpcom_remote_login_extra_auth function| wpcom_remote_login_remove_dom_node_id function| wpcom_remote_login_remove_dom_node_classes function| wpcom_remote_login_final_cleanup object| wpcom_mobile_user_agent_info function| rltInvalidateToken function| rltInjectToken function| rltIsAuthenticated function| rltGetToken function| rltAddInitializationListener function| rltStoreToken function| rltInitialize string| ezouid string| ezoTemplate string| ezoFormfactor object| ezo_elements_to_check string| soc_app_id number| did string| ezdomain number| ezoicSearchable object| _ezaq string| _ezExtraQueries function| create_ezolpl function| attach_ezolpl string| _audins_dom number| _audins_did object| comment_like_text object| wpcom_img_zoomer object| detectZoom object| wp string| mobileStatsQueryString object| mcmAuth boolean| comment_likes_loaded function| ez_attachEvent function| ez_attachEventWithCapture function| ez_detachEvent function| ez_getQueryString function| __ezDotData object| ezux function| _ez_TOS_TrackEvent function| ezocfol number| netStartTime function| hashCode function| ezogetrqbykey function| ezorqs function| ezorqe function| _fEzDt object| metricNameMap function| ezlogVital object| _qevents object| _ezfd object| riveted number| ez_tos_track_count number| ez_last_activity_count function| ES6Promise function| EzoIvent function| _findOverlappingQuietPeriods function| _findNetworkQuietPeriods function| ezoFetchConst object| webVitals object| ct object| ezmt object| ezua object| ezuxgoals object| ezdent object| ezDenty function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| googletag object| ggeac object| google_js_reporting_queue number| indexKey undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| perf_vals object| GoogleGcLKhOms object| google_image_requests

13 Cookies

Domain/Path Name / Value
.mind-activity.com/ Name: ezoadgid_321813
Value: -1
.mind-activity.com/ Name: ezoref_321813
Value:
.mind-activity.com/ Name: ezosuibasgeneris-0
Value: bd1ae614400885e0806b270c9b8ff281
.mind-activity.com/ Name: ezoab_321813
Value: mod1-c
.mind-activity.com/ Name: lp_321813
Value: https://mind-activity.com/
.mind-activity.com/ Name: ezovuuidtime_321813
Value: 1642448698
.mind-activity.com/ Name: ezovuuid_321813
Value: 2cc1a0d0-d4b9-44bc-7729-5f63d4342251
.mind-activity.com/ Name: ezopvc_321813
Value: 1
.quantserve.com/ Name: mc
Value: 61e5c73a-69242-a3cba-d3fcf
.mind-activity.com/ Name: __qca
Value: P0-280807957-1642448698405
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.mind-activity.com/ Name: __gads
Value: ID=ba23e6c7a12ab931-228ed51722cd0008:T=1642448698:S=ALNI_Mb1THKi7hNkctxB8xS7S9NcI3JlDg
mind-activity.com/ Name: ezux_lpl_321813
Value: 1642448698669|66dec023-55ba-4eea-7567-663afcf80354|false

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a8aa54cebf47012d839f40585e04c2ac.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
cdn-4.mind-activity.com
ezodn.com
fonts.googleapis.com
fonts.gstatic.com
mind-activity.com
pagead2.googlesyndication.com
pixel.quantserve.com
r-login.wordpress.com
rules.quantcount.com
s0.wp.com
s1.wp.com
secure.quantserve.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
142.250.186.130
18.158.98.109
192.0.77.32
192.0.78.19
192.0.78.24
2600:9000:206f:8000:6:44e3:f8c0:93a1
2606:4700:3031::6815:496e
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:802::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1f9a55760c486613c8fd6ef1c58974113be5bc6efd3984b02aa646d5dd7929fb
2e3a7406f074267ca5bcc7ec737a1e2bad9096c4eddf8945c69de4dfda164740
3128fed0adccdbe8b3b1f830739be568f64c54002600ba81a1253665056bfe28
37ffaf519d628423e1ea7147364a8d2af10c3b63f3ec5a9b598f989aeaafd74c
423a0f85fa7135f2313d8646df16701a715b58b00558b89ba758e2b7a773e336
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
5279d7bde6696488a75945cc956460155ac99cc573b2cae266f6456ef4464cbc
5483b728753b496e6a164782eb00c86d3cfd0436fa6fb7912d5982a9c749b0c7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b2fb55270c60e2a2a58046c154b53898ee0cad3e1b4040287ebfc33b75e19a4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7551cbecbf078a66df8f9d246d8b11c773247921f5ff0bbe601f0cf67e1e287b
79aac870b5b4adf97950fab440651511aa9111cd14d1fbf8cbe03c62b819235e
7adfda53d25e934b2411334e9e30ab38a2c345575f5a4f576ef21d486812a9fb
8e936bc7ea3237bccefa2f3697cad469548e7de0812eb19c583ec5f91a6b948d
90c8cccc46bad6da9f1e81cdd02a13e47073d2237fbdd366b94977b12a9c7fbf
945368ce05e19e2303fd513d59498f475a1880f3a5aea02e62c43ffd6463d0f7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8da58204c60a9be72305471be7067aad31bc245e1cbf52877f6d4c02540a0ca
a8e8f18d77170af82f72cfb83f4cec093f5683a0fcffd8f126d9d2fce1a332f2
ac93a9e9e8db46bb89ede8e367d9f90b48970ed785be75eedbcfc348df68a092
c15ba8eb3ef50ac45eb59db7d16d581fa2f8bc230341bfe6a8f77c66136315ab
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
e8db29bfa0f21f7773a2b4f537148593a013b7b1f3f71050d7573062977f986b
f1c6660787e6c28148cf65932e5743f34616a05ff45f853636f5fc11abf48329