urlscan.io logo urlscan.io
SecurityTrails logo

departingmind.world Open in urlscan Pro
2606:4700:3037::6815:21ef  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/618f825580f4c5b/f08240b5f3428b3#cl/71329_md/1616/19772/7930/349/299673
Effective URL: https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
Submission Tags: @phish_report
Submission: On October 14 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 33 HTTP transactions. The main IP is 2606:4700:3037::6815:21ef, located in United States and belongs to CLOUDFLARENET, US. The main domain is departingmind.world.
TLS certificate: Issued by GTS CA 1P5 on October 4th 2023. Valid for: 3 months.
This is the only time departingmind.world was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a00:1450:400... 15169 (GOOGLE)
1 2 138.201.253.202 24940 (HETZNER-AS)
1 31.24.251.119 57271 (BITWEB-AS)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
19 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 139.177.207.244 63949 (AKAMAI-LI...)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
33 10
1    2a00:1450:4001:82f::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
2    138.201.253.202 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.202.253.201.138.clients.your-server.de
artizena.uk.net
1    31.24.251.119 (France)

ASN57271 (BITWEB-AS, RU)
PTR: 235019.bitweb.ru
qudricsflops.com
1    2606:4700:3033::6815:1a17 (United States)

ASN13335 (CLOUDFLARENET, US)
unwaryslam.store
19    2606:4700:3037::6815:21ef (United States)

ASN13335 (CLOUDFLARENET, US)
departingmind.world
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
trk-essursta.com
3    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    139.177.207.244 (Atlanta, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 139-177-207-244.ip.linodeusercontent.com
larkjings.com
4    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
event.trk-essursta.com
Apex Domain
Subdomains		 Transfer
19 departingmind.world
departingmind.world
258 KB
5 trk-essursta.com
trk-essursta.com — Cisco Umbrella Rank: 299460
event.trk-essursta.com — Cisco Umbrella Rank: 320108
3 KB
3 gstatic.com
fonts.gstatic.com
68 KB
3 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 439
fonts.googleapis.com — Cisco Umbrella Rank: 49
ajax.googleapis.com — Cisco Umbrella Rank: 405
35 KB
2 uk.net
artizena.uk.net
1 KB
1 larkjings.com
larkjings.com
720 B
1 unwaryslam.store
unwaryslam.store
674 B
1 qudricsflops.com
qudricsflops.com
423 B
33 8
Domain Requested by
19 departingmind.world qudricsflops.com
departingmind.world
4 event.trk-essursta.com trk-essursta.com
3 fonts.gstatic.com fonts.googleapis.com
2 artizena.uk.net 1 redirects storage.googleapis.com
1 larkjings.com ajax.googleapis.com
1 trk-essursta.com departingmind.world
1 ajax.googleapis.com departingmind.world
1 fonts.googleapis.com departingmind.world
1 unwaryslam.store 1 redirects
1 qudricsflops.com artizena.uk.net
1 storage.googleapis.com
33 11

This site contains no links.

Subject Issuer Validity Valid
storage.googleapis.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
qudricsflops.com
R3		 2023-08-19 -
2023-11-17		 3 months crt.sh
departingmind.world
GTS CA 1P5		 2023-10-04 -
2024-01-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
trk-essursta.com
GTS CA 1P5		 2023-08-21 -
2023-11-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
larkjings.com
R3		 2023-10-11 -
2024-01-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
Frame ID: 77E9D2971CA88249A4D28298E81DC883
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TitanSpins

Page URL History Show full URLs

  1. https://storage.googleapis.com/618f825580f4c5b/f08240b5f3428b3 Page URL
  2. http://artizena.uk.net/ Page URL
  3. http://artizena.uk.net/cl/71329_md/1616/19772/7930/349/299673 HTTP 302
    https://qudricsflops.com/0/2/6704/8bf2cd749923b8844cbec383eb73077a/1616/71329_1/349_299673_19772_6160... Page URL
  4. https://unwaryslam.store/?s1=350960&s2=1070094376&s3=2543&s10=1404 HTTP 302
    https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

97 %
HTTPS

73 %
IPv6

8
Domains

11
Subdomains

10
IPs

3
Countries

366 kB
Transfer

4182 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/618f825580f4c5b/f08240b5f3428b3 Page URL
  2. http://artizena.uk.net/ Page URL
  3. http://artizena.uk.net/cl/71329_md/1616/19772/7930/349/299673 HTTP 302
    https://qudricsflops.com/0/2/6704/8bf2cd749923b8844cbec383eb73077a/1616/71329_1/349_299673_19772_616056_md Page URL
  4. https://unwaryslam.store/?s1=350960&s2=1070094376&s3=2543&s10=1404 HTTP 302
    https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://artizena.uk.net/cl/71329_md/1616/19772/7930/349/299673 HTTP 302
  • https://qudricsflops.com/0/2/6704/8bf2cd749923b8844cbec383eb73077a/1616/71329_1/349_299673_19772_616056_md

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
f08240b5f3428b3
storage.googleapis.com/618f825580f4c5b/ 		103 B
588 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/618f825580f4c5b/f08240b5f3428b3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-length
103
content-type
text/html
date
Sat, 14 Oct 2023 15:54:19 GMT
etag
"dca586aafca8387f96b9ef039212839f"
expires
Sat, 14 Oct 2023 16:54:19 GMT
last-modified
Fri, 19 Nov 2021 14:50:50 GMT
server
UploadServer
x-goog-generation
1637333449991940
x-goog-hash
crc32c=BiUORA== md5=3KWGqvyoOH+Wue8DkhKDnw==
x-goog-metageneration
2
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
103
x-guploader-uploadid
ADPycdv-5lJ7YDFRSGHN45M-ptG3_UkL8Z-qH2mzu-To5-VL1kH8CKMopS7TI-g8DABaZzBUPf4As_F0q4VwVXuplpV0tg
/
artizena.uk.net/ 		420 B
681 B 		Document
General
Check archive.org
Download Go to
Full URL
http://artizena.uk.net/
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/618f825580f4c5b/f08240b5f3428b3
Protocol
HTTP/1.1
Server
138.201.253.202 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.202.253.201.138.clients.your-server.de
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 / PHP/7.1.33
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Connection
Keep-Alive
Content-Length
420
Content-Type
text/html; charset=UTF-8
Date
Sat, 14 Oct 2023 15:54:19 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
X-Powered-By
PHP/7.1.33
349_299673_19772_616056_md
qudricsflops.com/0/2/6704/8bf2cd749923b8844cbec383eb73077a/1616/71329_1/
Redirect Chain
  • http://artizena.uk.net/cl/71329_md/1616/19772/7930/349/299673
  • https://qudricsflops.com/0/2/6704/8bf2cd749923b8844cbec383eb73077a/1616/71329_1/349_299673_19772_616056_md
129 B
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://qudricsflops.com/0/2/6704/8bf2cd749923b8844cbec383eb73077a/1616/71329_1/349_299673_19772_616056_md
Requested by
Host: artizena.uk.net
URL: http://artizena.uk.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
31.24.251.119 , France, ASN57271 (BITWEB-AS, RU),
Reverse DNS
235019.bitweb.ru
Software
Apache /
Resource Hash

Request headers

Referer
http://artizena.uk.net/#cl/71329_md/1616/19772/7930/349/299673
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

content-length
129
content-type
text/html; charset=UTF-8
date
Sat, 14 Oct 2023 15:54:20 GMT
server
Apache

Redirect headers

Connection
Keep-Alive
Content-Length
163
Content-Type
text/html; charset=UTF-8
Date
Sat, 14 Oct 2023 15:54:19 GMT
Keep-Alive
timeout=5, max=99
Location
https://qudricsflops.com/0/2/6704/8bf2cd749923b8844cbec383eb73077a/1616/71329_1/349_299673_19772_616056_md
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
X-Powered-By
PHP/7.1.33
Primary Request fc8ef6c6f765dceb829161fd41c87eb4
departingmind.world/
Redirect Chain
  • https://unwaryslam.store/?s1=350960&s2=1070094376&s3=2543&s10=1404
  • https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
28 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
Requested by
Host: qudricsflops.com
URL: https://qudricsflops.com/0/2/6704/8bf2cd749923b8844cbec383eb73077a/1616/71329_1/349_299673_19772_616056_md
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:21ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ecf7ca729c55cc8d4e5450d3b8fd4878b050a9f746778c3f454576fcc8effaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qudricsflops.com/0/2/6704/8bf2cd749923b8844cbec383eb73077a/1616/71329_1/349_299673_19772_616056_md
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8161001ccceb2d68-ARN
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 14 Oct 2023 15:54:22 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yN3zP3veUEWRMNh5VdcWPyqlZYackF8euXhyf3E2ZJNoHK3rjfkro6WuxWke3fNhL4M35tXhq9yuQYsHpfESNmimsp4tDXV0So70%2FEc5y6HvRzbFDEGzwJqx9CI%2Fo5ON46FegSFDlITeExvrVgoyxvIO"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
81610018086d4c8a-HEL
content-type
text/html; charset=UTF-8
date
Sat, 14 Oct 2023 15:54:21 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omr4WX80GuyPvvth%2B0Iv1I2%2FFOYv3AFytDY9hdH0QEAyKZlAs7xBzvTKPgDlgw8YxR6rSZ3moOruxutXgQXnbhQAqHpDVjuUOLUL0ih9Zmesz7WuTqo0BCG6l3h%2BJYk93HaaldKEPF0gVgmy%2Fdu5"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
bootstrap.min.css
departingmind.world/fim/d03ed89a5448364844a89ccb418330d6/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://departingmind.world/fim/d03ed89a5448364844a89ccb418330d6/bootstrap.min.css
Requested by
Host: departingmind.world
URL: https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:21ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f11982020059ca1e3529e154b058c4680091c7ae67d339b7ba2cbf77f99210a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 15:54:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding
binary
content-disposition
inline; filename="/home/verticals/advertorials/views/casino/titanspins-casino-us-v2/assets/bootstrap.min.css"
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9nfHgJsIADedByLkP%2F%2FaSlSlIgZJZaYdodsG2y4rylWhw8cEtT1M9yQc9NcYKQZEcp9TU7dgaCjl9H6e3raE2W5%2F1WuqjF6CKH8EIUzNcWSWtbEWRWFDze5DuKj%2F4BhYDz5FeyjWJVN%2B5%2BJ6%2FbYP5nN"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
81610021cb182d68-ARN
expires
Thu, 19 Nov 1981 08:52:00 GMT
css
fonts.googleapis.com/ 		4 KB
880 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900
Requested by
Host: departingmind.world
URL: https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6ecab19181cc1d7980c6b9eb7a269182b3da33a563686e861322920e427d06e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://departingmind.world/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 14 Oct 2023 15:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 14 Oct 2023 15:54:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 14 Oct 2023 15:54:22 GMT
style.css
departingmind.world/fim/d03ed89a5448364844a89ccb418330d6/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://departingmind.world/fim/d03ed89a5448364844a89ccb418330d6/style.css?v=1697298862
Requested by
Host: departingmind.world
URL: https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:21ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cab5ca97c9254fcb30135597d8b39830db2559ebdd272c6409acdde6ae397b80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 15:54:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding
binary
content-disposition
inline; filename="/home/verticals/advertorials/views/casino/titanspins-casino-us-v2/assets/style.css"
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdllMhHTmCKcWxOxOtylWga0TXAMMDjGUp%2FAiBxjO%2FoGSHreK1qyL9L9S%2FFD2Rq%2F20ugF9N2HEN1GPvXSBb5T6BLPxU%2FMN2qtDGLjsL4Ht2NMw9FnKVXLW2zHxHhWay5JSWiW%2B3kEnLbmL7gBNw136Hc"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
81610021cb1a2d68-ARN
expires
Thu, 19 Nov 1981 08:52:00 GMT
msg.v3.js
departingmind.world/inc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://departingmind.world/inc/msg.v3.js?652ab9ae3e10d
Requested by
Host: departingmind.world
URL: https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:21ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
448b2102656fc14a1cd8cc0e30a1d41aca27281ed91b00fb7cf5a23c7d8f8749
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 15:54:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 11 Jul 2023 21:35:45 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oV3uqqPmM9%2Bv%2FCEG%2FnztUC%2BP5u4AKXqCvCzayHDfVbt20Yn3xT%2BwBuqT6N3IQhh%2FeVU1jhJonoY%2FcvDmR%2FQ48OuB%2BWAnySiiG2JqxXDQWSWbEjxfG8WwfrUnxmX4m6ytwUIQqrn65qjUveFX0bKv3MHg"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
81610021cb1e2d68-ARN
expires
Sat, 21 Oct 2023 15:54:22 GMT
5270033438cac5574656c146fd2c2735.png
departingmind.world/fim/1404/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://departingmind.world/fim/1404/5270033438cac5574656c146fd2c2735.png
Requested by
Host: departingmind.world
URL: https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:21ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0d1f02aa6ba8768f4e5cb10cadf475f714479cd2dc925fe922ef61431dc4cb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 15:54:22 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
39898
x-xss-protection
1; mode=block
last-modified
Sat, 14 Oct 2023 14:57:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yq3dsqcc%2B07SQnxSjMru8g5tFswaNfMzpLPib9zfqnBSVm7%2FWTQMpDiEk21S5mCc0%2Bw1HNCCwG%2FFGTMH8q1Z3Ocm96AJn%2Fs4bKZqSXeMtQZfxgu%2Bat8PHV%2F7DZ%2Fuaz4lB9U550YVz7Lw1p8%2B9lKU9iDQ"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
81610021cb202d68-ARN
expires
Sat, 21 Oct 2023 15:54:22 GMT
370fb14abbcb8b738457f8e202b510e2.png
departingmind.world/fim/1404/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://departingmind.world/fim/1404/370fb14abbcb8b738457f8e202b510e2.png
Requested by
Host: departingmind.world
URL: https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:21ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f255fe4742c1ef8931c9e6686b091aff09f2522bacff1c069376ec5aae853792
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 15:54:22 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
24575
x-xss-protection
1; mode=block
last-modified
Sat, 14 Oct 2023 14:57:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3UvPvUO5rXw8bf4rbZsmpBZsy8oq360SsUjgQ1qtlEJz7f70LsLtHsk1w%2BGOpyFBUhDN4%2B%2BCiWVt5r%2FooVzRNWLZ%2F3%2FOrBhIXreGp7B1C1lEvne0b8DDtCldgcak1NH8G0Yp4Q%2FU8agIU7SMSmb8Sf4%2F"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
81610021cb212d68-ARN
expires
Sat, 21 Oct 2023 15:54:22 GMT
1e98c114497175e6ac7c7f01f0394913.png
departingmind.world/fim/1404/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://departingmind.world/fim/1404/1e98c114497175e6ac7c7f01f0394913.png
Requested by
Host: departingmind.world
URL: https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:21ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f35704d0bd4b1f7c1da4844418ea46091f70cefb86d050a6aac350d9605779d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 15:54:23 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3458
x-xss-protection
1; mode=block
last-modified
Sat, 14 Oct 2023 14:57:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mcv5AN4PboKT0Zoyo%2FHWHbqbRHHodxeJAgLKq33pGY96n%2BgGfHAzShAjnbDFhsgRo5lQzS42xPrWY%2Bdosg6wOUqB3jAQtAeK%2BvLHLObC%2FuIERf9625kFQhGP%2BYTBu8ubDYdQkDKyJaf8zyoE4o2I8x0G"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8161002548d6d957-HEL
expires
Sat, 21 Oct 2023 15:54:23 GMT
707c0411f47f757e7146516950a8bc4c.png
departingmind.world/fim/1404/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://departingmind.world/fim/1404/707c0411f47f757e7146516950a8bc4c.png
Requested by
Host: departingmind.world
URL: https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:21ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9d0832ebd7dc54e2ddf831ff23de969788279857cb659172929889389c4291c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 15:54:23 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3661
x-xss-protection
1; mode=block
last-modified
Sat, 14 Oct 2023 14:57:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IONDpPKErJ3sqcamrySlmz7Gj8P5e3Y00Q6%2FurRiP88FBvs8gsQG1MLdw6KtKT%2FpOedaDhX34J%2FaDqEIN5nJPUAw1Vk5Ym9mgJym3dyRV7gGwfjvdCGgkqJ%2BWXXau%2B3GCCH6%2BXkqU3tYAaUqzCkp3UkJ"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
81610025fa7bd957-HEL
expires
Sat, 21 Oct 2023 15:54:23 GMT
c145dccfdf84fe483fa66e2d530c665f.png
departingmind.world/fim/1404/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://departingmind.world/fim/1404/c145dccfdf84fe483fa66e2d530c665f.png
Requested by
Host: departingmind.world
URL: https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:21ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7195c7c88d7ec9eef6c013593d20ec2dba28a76bff85cdaa465a4e1cdd82184b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 15:54:23 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3613
x-xss-protection
1; mode=block
last-modified
Sat, 14 Oct 2023 14:57:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbk18tuo0gqvG7dlOgstJSnNgMMGzUG9caGMUNJXNCCbSpUQVFonvuhzmEhvd5f6%2Fukd7RUeCqZFfAKlMZNUlgbou%2Fdw%2BDhrFFLs5UwNGMejyWqnyt7cl4avcqwpI4ywUPd3DfMHn3C6iov7DkfxP0t7"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
81610026fce6d957-HEL
expires
Sat, 21 Oct 2023 15:54:23 GMT
7e74a8c1a93c20785baaec16545995a3.png
departingmind.world/fim/1404/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://departingmind.world/fim/1404/7e74a8c1a93c20785baaec16545995a3.png
Requested by
Host: departingmind.world
URL: https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:21ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12b4f4c131c2f2f4b969f2baf134b6967abb6a2c48f52b4d88bad971a44dbe90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 15:54:23 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
12169
x-xss-protection
1; mode=block
last-modified
Sat, 14 Oct 2023 14:57:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nL1jdW1sZl4U8V0HB6BFRJihj6QnB6yvmtNAVJjy2EtR%2FTeL4rqAByk4SDf2Ho3GqSx9X%2B3cmfrZeXCISbk3CEM4IbnSc6Sp2yLiFoXfEE0pFrppaxWklEhM9mlVumdhcJIKwSdGtPLLtrZrf7FOqjr1"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
816100270d09d957-HEL
expires
Sat, 21 Oct 2023 15:54:23 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: departingmind.world
URL: https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://departingmind.world/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 15:32:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
87711
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 15:32:32 GMT
bootstrap.js
departingmind.world/fim/d03ed89a5448364844a89ccb418330d6/ 		0
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://departingmind.world/fim/d03ed89a5448364844a89ccb418330d6/bootstrap.js?v=1.0
Requested by
Host: departingmind.world
URL: https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:21ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 15:54:23 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding
binary
content-disposition
inline; filename="/home/verticals/advertorials/views/casino/titanspins-casino-us-v2/assets/bootstrap.js"
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
text/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21p%2BuXP3aWauWer%2BwKjyjSw%2FsXNXyCOJ%2BG3qjlen%2F4%2FZsK4iFa0SNgknrrVtkfvj8KpYN2B5VD4OCssMBaMzi6%2FzL3j0VDVkARG1zywrL2xm3rSccT%2FnJ6RZVSoZuor1q59VyUbb7NDI1ZRsgHt2Gyz3"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
accept-ranges
bytes
cf-ray
816100270cf7d957-HEL
expires
Thu, 19 Nov 1981 08:52:00 GMT
common.js
departingmind.world/fim/d03ed89a5448364844a89ccb418330d6/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://departingmind.world/fim/d03ed89a5448364844a89ccb418330d6/common.js
Requested by
Host: departingmind.world
URL: https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:21ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
493de67d2d0039bd9c5f3b849dfe4a44b1ba448d4d0c911b0be5dc7227c55e81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 15:54:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding
binary
content-disposition
inline; filename="/home/verticals/advertorials/views/casino/titanspins-casino-us-v2/assets/common.js"
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNC7np85D0dWm165jWHzxo3eUb6%2Fy3nA%2B5gyrePgQRRxetAn0veALs45oOqCbE%2BIRtxAXaFhY9vTtlv4riLzGmTdetDZIBZc2gMRIpX9jwxTMbCZpOOUtUS16XKbm%2F8bXS8%2BLv2zjYqHmpfoRD0xExks"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
816100270d00d957-HEL
expires
Thu, 19 Nov 1981 08:52:00 GMT
functions.js
departingmind.world/templates/assets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://departingmind.world/templates/assets/functions.js?v=1697298862
Requested by
Host: departingmind.world
URL: https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:21ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
758616bfa53c764b803516a1cd9f496a6e010d917d01ef3b2b80dc7e2ed75c9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 15:54:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 30 Aug 2023 20:01:27 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9%2BUpNtanKHKGC1Pu4HfhSXKTKZmeQLOoed9nk78rfiO1YFNjLpEk1kzdtlt9X%2BpLf%2BURKjBv1iHcnPC1%2FvEGBbMS0jC16B50qut75b8q4M87znUuL%2FBab1hz59FlrkLiMZzB%2FRhDxz5uNbJFN6RiDEp"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
816100270d04d957-HEL
expires
Sat, 21 Oct 2023 15:54:23 GMT
v9e118mez8
trk-essursta.com/scripts/push/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-essursta.com/scripts/push/v9e118mez8
Requested by
Host: departingmind.world
URL: https://departingmind.world/inc/msg.v3.js?652ab9ae3e10d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c65c15e3af0d349af61501f7749076aacef349171d95638bb475f800d8367084
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://departingmind.world/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 15:54:23 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NRGtmCo%2FCAW41mftVfqzehppX1oH%2BSpNs2o8MKNT%2Byuzn9pkwm%2FmdiSHJu9Kuu3qtHf%2BySc3GM0z3HA4msRVks7yRIP%2Bl37Cr%2FACuXjgsYQSeLZB7iCg8SBZ1VDZvy2lX8iqeqNLRBBJKC2yEvvm"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
816100277b904c8a-HEL
expires
0
0f9287853a396ed9d35d3ff01482e935.jpg
departingmind.world/fim/1404/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://departingmind.world/fim/1404/0f9287853a396ed9d35d3ff01482e935.jpg
Requested by
Host: departingmind.world
URL: https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:21ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5af8eb61164cca569568bb63bb183a5caf9e575b5c708c8df98850ac9395ab4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 15:54:23 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
72488
x-xss-protection
1; mode=block
last-modified
Sat, 14 Oct 2023 14:57:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBN7erSwWB5PNkAkHumKVsE%2FkWGNSLVjtXKNrZum4YRddiAwQc9gx395yme4wisPz5TrH6ykSQHft0cA5KQupQ3a4vf6A15yHMVqfljmugHV8J3yUGo%2FivfhWYCh18YxFq8EtSetYR0MSVTdAjpPZT9P"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
816100271d19d957-HEL
expires
Sat, 21 Oct 2023 15:54:23 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://departingmind.world
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 03:38:46 GMT
x-content-type-options
nosniff
age
216937
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 03:38:46 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://departingmind.world
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:54:52 GMT
x-content-type-options
nosniff
age
169171
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 16:54:52 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://departingmind.world
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 21:39:44 GMT
x-content-type-options
nosniff
age
152079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22504
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 21:39:44 GMT
bg-video-cut.mp4
departingmind.world/views/casino/titanspins-casino-us-v2/assets/ 		34 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://departingmind.world/views/casino/titanspins-casino-us-v2/assets/bg-video-cut.mp4
Requested by
Host: departingmind.world
URL: https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:21ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
Accept-Encoding
identity;q=1, *;q=0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 14 Oct 2023 15:54:23 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range
bytes 0-5401860/5401861
alt-svc
h3=":443"; ma=86400
Content-Length
5401861
x-xss-protection
1; mode=block
last-modified
Fri, 06 Oct 2023 13:30:11 GMT
server
cloudflare
vary
User-Agent,User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
video/mp4
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Sr5tD4SYN0pHE8p8%2BkVZCIef0Xu8aLIJk2d%2BzXLK5OqDbQhlwtB24%2FGMUOH5oipZApNdSaweHNieTe1KGVm5RKqIsrXNVS%2F4KTqutDjt4tnjY1oRvqAmnL88bopVMcFB5Q36gzYwWgA%2BZ6WbeSQFJay"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
816100273d6cd957-HEL
fc8ef6c6f765dceb829161fd41c87eb4
departingmind.world/ 		25 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
Requested by
Host: departingmind.world
URL: https://departingmind.world/inc/msg.v3.js?652ab9ae3e10d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:21ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c17435e1a09ed89d29dab00015da616c16e39da1c5daf5f8c8026dcbcf5836a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 14 Oct 2023 15:54:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/json
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HzIJteolplcEFD3OsjYh702wZEa9Tov6zDnWhrDD%2FntaHBua8vQ02IkoOlk5j%2BTVgFmTbwipYi8CJVZz%2BX5CMS1%2FAuz8gZJnrd7JbubawmCh8A%2B58pkKPlRBc9QixTxdydLCU8LEcaf8L4L4aKwne3MB"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
8161002a3bd0d957-HEL
expires
Thu, 19 Nov 1981 08:52:00 GMT
bg-video-cut.mp4
departingmind.world/views/casino/titanspins-casino-us-v2/assets/ 		59 KB
60 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://departingmind.world/views/casino/titanspins-casino-us-v2/assets/bg-video-cut.mp4
Requested by
Host: departingmind.world
URL: https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:21ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dc9f45e2088355aa59367f8fcc15dacdd2f555c657204e304d3c7e483507869
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
Accept-Encoding
identity;q=1, *;q=0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range
bytes=5341184-

Response headers

date
Sat, 14 Oct 2023 15:54:23 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
Content-Range
bytes 5341184-5401860/5401861
alt-svc
h3=":443"; ma=86400
Content-Length
60677
x-xss-protection
1; mode=block
last-modified
Fri, 06 Oct 2023 13:30:11 GMT
server
cloudflare
vary
User-Agent,User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
video/mp4
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5A7x53IpGoLtvhi307zuHhndAj%2FKpYF0QVRTO6xT24t8AqkEk3D4T4CE%2FuPIgMiXHdSezq4YXxSmYtJa6T0yDcKk2oWvZNaH8TlXTUeo7Xnv%2BWKhBZAQ%2Fbjdnf%2F%2Fz%2B5JvrmoSJxPyJ1J%2F9jkZNF1baA"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8161002a3bd5d957-HEL
bg-video-cut.mp4
departingmind.world/views/casino/titanspins-casino-us-v2/assets/ 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://departingmind.world/views/casino/titanspins-casino-us-v2/assets/bg-video-cut.mp4
Requested by
Host: departingmind.world
URL: https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:21ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
Accept-Encoding
identity;q=1, *;q=0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range
bytes=32768-

Response headers

date
Sat, 14 Oct 2023 15:54:23 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
Content-Range
bytes 32768-5401860/5401861
alt-svc
h3=":443"; ma=86400
Content-Length
5369093
x-xss-protection
1; mode=block
last-modified
Fri, 06 Oct 2023 13:30:11 GMT
server
cloudflare
vary
User-Agent,User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
video/mp4
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9G4Bgo1bP70LJvvUPnl9Ijxv5GFdEThPGXlgpsIRkUkzVUD4a5Eezmbl9ttK4HC5roQJPLc8kdeD8Ny2Piga9skgZf9bpf%2BRZw93lQCGQbj9lzbIpGUmwwiwxeRbg1YPZDtwMt3OuzzZXOdifdg5FTW"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8161002abce2d957-HEL
survey
larkjings.com/ 		698 B
720 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://larkjings.com/survey
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
139.177.207.244 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
139-177-207-244.ip.linodeusercontent.com
Software
imunify360-webshield/1.21 /
Resource Hash
10f187dfea519b30efdfa6941cb1f1581bfddc7c599379a1324dd6711ffea0f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://departingmind.world/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 14 Oct 2023 15:54:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
imunify360-webshield/1.21
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, max-age=0, no-cache
x-frame-options
SAMEORIGIN
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
296
x-xss-protection
1; mode=block
v9e118mez8
event.trk-essursta.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-essursta.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://departingmind.world
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8161002cbef7d912-HEL
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:
date
Sat, 14 Oct 2023 15:54:24 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZsr5BeVQAoU8PSapWJaxD6vFYIrTW7NS7RQnQAyPJEt1r30qV3F5j8UZ25zp%2ByW9JNAVboihd6OEmvLTGLFFfkyidsOf%2B6zQlgPOQEyAwpFD%2FDLchzm3%2FM9qyuY%2Bw61%2FXfcuFjdOmqTcGNPnkoB641uu8FG"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
v9e118mez8
event.trk-essursta.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-essursta.com/register/event_log/v9e118mez8
Requested by
Host: trk-essursta.com
URL: https://trk-essursta.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://departingmind.world/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Sat, 14 Oct 2023 15:54:24 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Q3fkSjYGCKyi6raeoMeDwMQVMOw2o6ATOxdLzR5T21ZOXD4j9k%2B5H4cdsVw3dYWUoLHgPgoYCSY3AX6efJasDSpNmERTW9SXuJTySgFI%2Bb8Oetc3zvkhefwKw3DeykkxkvGPlHlyRc5BJs%2BfXSK%2B04C104Y"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
8161002f6cf8d912-HEL
x-pushplatformapp-params
v9e118mez8
event.trk-essursta.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-essursta.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://departingmind.world
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8161002cbefdd912-HEL
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:
date
Sat, 14 Oct 2023 15:54:24 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBb6ce5mBt%2FlM2XL1NK1%2BACvF4h6vwvtBPpMXY1WELhmakZvK9xW6MPa64yLEcjmMFHOzQ9BGcg161LPV0HKRTL8ENf8%2FZSAv6maUaRQFQo7C74h4mFRLcZ4dS%2F%2FGhn68oGKQjZuZ6hKwMzl%2BBsbxPw1qU37"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
v9e118mez8
event.trk-essursta.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-essursta.com/register/event_log/v9e118mez8
Requested by
Host: trk-essursta.com
URL: https://trk-essursta.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://departingmind.world/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Sat, 14 Oct 2023 15:54:24 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVFG%2F9Z%2FpRlKVNAzD4WCkkhhJ9UrotKePFtzoWEPcv7kvnNpKxPoTZQbPIpqJIvV8jOq8nAWx2rJGoEIzbI9a1Q6F9UT0qg4guklTPImaazv40K2UJPzk%2FrNdhZNcesO3ecRWyvtlUx8rnogN3%2FtZ0j482pZ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
8161002f6d04d912-HEL
x-pushplatformapp-params
c83587b11c2442d74ff6c930c8346748.png
departingmind.world/fim/1404/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://departingmind.world/fim/1404/c83587b11c2442d74ff6c930c8346748.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:21ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcc3c91f6e26d1f05dd92f6cf293b0ca557d14a98fe2d7e765812e4184949c5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 15:54:24 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1312
x-xss-protection
1; mode=block
last-modified
Sat, 14 Oct 2023 14:57:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xHvVWDbn8HUj%2BJH7kDdDofDYvXuVigKCT3qsJnjLycHRGKwQeWuut%2BXBbYYctraXcjyoehal%2BjaF0vCQB9CHnboh1siOJ%2BZOE5v%2Btq6vDVanx8AeBPG10BaeYKP1vbroSe62Lx%2Fw2PT8KLmJ66ksRWCa"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8161002f5ec7d957-HEL
expires
Sat, 21 Oct 2023 15:54:24 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| change function| pushCount object| MYCALL string| s1 string| s2 string| fp string| esource string| pshpub string| pshdomain string| pshfingerprint string| LNG string| CMP string| CNT string| BID string| FNP string| SID string| API_URL function| $ function| jQuery function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore function| sendEmail function| startSurveyU function| validateData function| nextQuestionU number| refresh_page string| popUrl string| s3 undefined| time function| popunder function| mfq_tags undefined| refresh

3 Cookies

Domain/Path Name / Value
qudricsflops.com/ Name: uid2543
Value: 1070094376-20231014115420-a41396610e4f66471611fcfe522958cd-0
unwaryslam.store/ Name: PHPSESSID
Value: 26d4727c56fc7ec4967eeb6d2fad665a
departingmind.world/ Name: PHPSESSID
Value: a119aa2919480bd74608eddee1936533

1 Console Messages

Source Level URL
Text
other error URL: https://departingmind.world/fc8ef6c6f765dceb829161fd41c87eb4
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
artizena.uk.net
departingmind.world
event.trk-essursta.com
fonts.googleapis.com
fonts.gstatic.com
larkjings.com
qudricsflops.com
storage.googleapis.com
trk-essursta.com
unwaryslam.store
138.201.253.202
139.177.207.244
2606:4700:3033::6815:1a17
2606:4700:3037::6815:21ef
2a00:1450:4001:800::2003
2a00:1450:4001:806::200a
2a00:1450:4001:80b::200a
2a00:1450:4001:82f::201b
2a06:98c1:3120::3
2a06:98c1:3121::3
31.24.251.119
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
10f187dfea519b30efdfa6941cb1f1581bfddc7c599379a1324dd6711ffea0f4
12b4f4c131c2f2f4b969f2baf134b6967abb6a2c48f52b4d88bad971a44dbe90
1ecf7ca729c55cc8d4e5450d3b8fd4878b050a9f746778c3f454576fcc8effaf
448b2102656fc14a1cd8cc0e30a1d41aca27281ed91b00fb7cf5a23c7d8f8749
493de67d2d0039bd9c5f3b849dfe4a44b1ba448d4d0c911b0be5dc7227c55e81
6ecab19181cc1d7980c6b9eb7a269182b3da33a563686e861322920e427d06e9
7195c7c88d7ec9eef6c013593d20ec2dba28a76bff85cdaa465a4e1cdd82184b
758616bfa53c764b803516a1cd9f496a6e010d917d01ef3b2b80dc7e2ed75c9a
8c17435e1a09ed89d29dab00015da616c16e39da1c5daf5f8c8026dcbcf5836a
8dc9f45e2088355aa59367f8fcc15dacdd2f555c657204e304d3c7e483507869
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a5af8eb61164cca569568bb63bb183a5caf9e575b5c708c8df98850ac9395ab4
a9d0832ebd7dc54e2ddf831ff23de969788279857cb659172929889389c4291c
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b0d1f02aa6ba8768f4e5cb10cadf475f714479cd2dc925fe922ef61431dc4cb9
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c65c15e3af0d349af61501f7749076aacef349171d95638bb475f800d8367084
cab5ca97c9254fcb30135597d8b39830db2559ebdd272c6409acdde6ae397b80
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f11982020059ca1e3529e154b058c4680091c7ae67d339b7ba2cbf77f99210a8
f255fe4742c1ef8931c9e6686b091aff09f2522bacff1c069376ec5aae853792
f35704d0bd4b1f7c1da4844418ea46091f70cefb86d050a6aac350d9605779d1
fcc3c91f6e26d1f05dd92f6cf293b0ca557d14a98fe2d7e765812e4184949c5d