www.restoremindset.net Open in urlscan Pro
74.115.32.74  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.restoremindset.net/	54 KB 54 KB	377ms 112ms	Document text/html	74.115.32.74 AXXA-RACKCO
General Check archive.org Show headers Download Go to Full URL https://www.restoremindset.net/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 74.115.32.74 , United States, ASN36529 (AXXA-RACKCO, US), Reverse DNS wesleyv01.rackco.com Software Apache / Resource Hash 707e00adce05d1cc5d885b7e89ab4ed74be93b63b15c740ca6452a6d81b11f4f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Thu, 13 Jan 2022 06:09:37 GMT Server Apache Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	lander.css www.7mindhacks.com/assets/	425 KB 71 KB	190ms 50ms	Stylesheet text/css	2606:4700::6810:10c2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.7mindhacks.com/assets/lander.css Requested by Host: www.restoremindset.net URL: https://www.restoremindset.net/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.restoremindset.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 13 Jan 2022 06:09:37 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 1123 last-modified Tue, 11 Jan 2022 21:44:24 GMT server cloudflare etag W/"61ddfa38-6a514" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS content-type text/css access-control-allow-origin * cache-control public, max-age=1200 access-control-allow-credentials true cf-ray 6ccc74f0795523c7-ZRH access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization expires Thu, 13 Jan 2022 06:29:37 GMT
GET H2	200	all.css use.fontawesome.com/releases/v5.9.0/css/	55 KB 12 KB	63ms 26ms	Stylesheet text/css	2606:4700:3031::ac43:d645 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.9.0/css/all.css Requested by Host: www.restoremindset.net URL: https://www.restoremindset.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.restoremindset.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 13 Jan 2022 06:09:37 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6821199 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id F0PHW7H6699FG8TW x-amz-id-2 vC8KBN503iyWKZzHxfJc5rs99Ocw4DSTaifdaL1SsWTbuhhIHZc4Cm+BPlh6dJ7ueugjQrc5cWE= last-modified Wed, 30 Jun 2021 15:48:06 GMT server cloudflare etag W/"dbf9d822cefe851ba6f66e1ad57e8987" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KC%2FRG1D1LWv5BPds4AA5thP24m3ptpZdyCMdYKfuPGa9oCheAxLbOgK3NMEdBMmiRXi%2BkWJjr83xNaaW4EvWwuFQSsRb%2B3t1w7azo3G18oClAoSX%2F1viHrs1XjyuBqcgoJAVDfKNkkm9%2BQgHm6VRJVSe"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31556926 cf-ray 6ccc74efdf1a71ce-LHR
GET H2	200	v4-shims.css use.fontawesome.com/releases/v5.9.0/css/	26 KB 5 KB	59ms 22ms	Stylesheet text/css	2606:4700:3031::ac43:d645 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css Requested by Host: www.restoremindset.net URL: https://www.restoremindset.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.restoremindset.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 13 Jan 2022 06:09:37 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6821199 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id F0PPGVAN5CXAHSGM x-amz-id-2 HpuDfuJOnoRBIn1oGWh6kpnFISyPAhBcUuSh2sgaSOixf+diILYpFUsoF1uDkiR93wgKGECAn7k= last-modified Wed, 30 Jun 2021 15:48:06 GMT server cloudflare etag W/"e140a7d32f343530f016095df3cc2ae4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FuzSKZOwHEDvDs9pj32oVsbwKoYiQaxTkwtvG1ky7xpjhnXIJvUe3gCaND5OGaWUjL8jP1y7XHM0yCeDXWnl0Nw3XgDCjwQ5iJyGo2QMnjKHSTZUwwzmdspT0T3N4i4%2F3C6jW2flCqwWiP4vZ27LNVNf"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31556926 cf-ray 6ccc74efdf1c71ce-LHR
GET H2	200	css fonts.googleapis.com/	43 KB 3 KB	191ms 50ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 Requested by Host: www.restoremindset.net URL: https://www.restoremindset.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 1722e6e2d5278e9ef118a694096bf2040f9e0bd45a6e059dea1ac991c526c580 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.restoremindset.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 13 Jan 2022 06:09:37 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 13 Jan 2022 06:09:37 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 13 Jan 2022 06:09:37 GMT
GET H2	200	closemodal.png assets.clickfunnels.com/images/	672 B 1 KB	138ms 87ms	Image image/webp	2606:4700::6810:10c2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.clickfunnels.com/images/closemodal.png Requested by Host: www.restoremindset.net URL: https://www.restoremindset.net/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.restoremindset.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 13 Jan 2022 06:09:37 GMT vary Accept, Accept-Encoding cf-cache-status HIT age 46359 cf-polished origFmt=png, origSize=788 content-disposition inline; filename="closemodal.webp" content-length 672 last-modified Tue, 11 Jan 2022 21:44:23 GMT server cloudflare etag "61ddfa37-314" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS content-type image/webp access-control-allow-origin * expires Sun, 13 Feb 2022 06:09:37 GMT cache-control public, max-age=2678400 access-control-allow-credentials true accept-ranges bytes cf-ray 6ccc74f14a50cc42-ZRH access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization cf-bgj imgq:100,h2pri
GET H/1.1	200 OK	millionaire-meditation-CD-and-CASE.png www.restoremindset.net/img/	4 MB 4 MB	112ms 112ms	Image image/png	74.115.32.74 AXXA-RACKCO
General Check archive.org Show headers Download Go to Show image Full URL https://www.restoremindset.net/img/millionaire-meditation-CD-and-CASE.png Requested by Host: www.restoremindset.net URL: https://www.restoremindset.net/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 74.115.32.74 , United States, ASN36529 (AXXA-RACKCO, US), Reverse DNS wesleyv01.rackco.com Software Apache / Resource Hash 3698501b9b05aaeb314d447ee0e7d457609a69a313288ca47d6bc00263d8ba39 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.restoremindset.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 13 Jan 2022 06:09:37 GMT Last-Modified Mon, 21 Oct 2019 23:40:16 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 4280460
GET H2	200	IMG_6661.jpg www.7mindhacks.com/hosted/images/48/2ee725cef144e58e8e635ad322b44c/	17 KB 18 KB	37ms 37ms	Image image/jpeg	2606:4700::6810:10c2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.7mindhacks.com/hosted/images/48/2ee725cef144e58e8e635ad322b44c/IMG_6661.jpg Requested by Host: www.restoremindset.net URL: https://www.restoremindset.net/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c3b5924202014a4f9d3d22efcdc492cb79cd2bf6dacc0d83a4bb50b9ef25125 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.restoremindset.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 13 Jan 2022 06:09:37 GMT cf-cache-status HIT age 2197 cf-polished origSize=17745 content-length 17676 last-modified Sun, 20 Oct 2019 18:08:31 GMT server cloudflare etag "2ba63e24b420665bd21ef479f61d47b8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding content-type image/jpeg cache-control max-age=31536000 x-amz-cf-pop MXP63-P3 accept-ranges bytes cf-ray 6ccc74f0fa0023c7-ZRH cf-bgj imgq:85,h2pri
GET H2	200	css fonts.googleapis.com/	6 KB 860 B	46ms 46ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%7COswald%7CRoboto%7CCaveat%7CRoboto%7COswald%7CRoboto%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CRoboto%7CMontserrat%7C Requested by Host: www.restoremindset.net URL: https://www.restoremindset.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5957e4dd42df3eaabc4ea2babc5043d64006950b40d9c5e79d587c8ff95e1a18 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.restoremindset.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 13 Jan 2022 06:09:37 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 13 Jan 2022 06:09:37 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 13 Jan 2022 06:09:37 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.12.4/	95 KB 34 KB	124ms 40ms	Script text/javascript	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Requested by Host: www.restoremindset.net URL: https://www.restoremindset.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.restoremindset.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 06 Jan 2022 15:29:12 GMT content-encoding gzip x-content-type-options nosniff age 571225 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33951 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 06 Jan 2023 15:29:12 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	98 KB 26 KB	24ms 7ms	Script application/x-javascript	2a03:2880:f02d:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.restoremindset.net URL: https://www.restoremindset.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.restoremindset.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 25965 x-xss-protection 0 pragma public x-fb-debug vspL2VmfrrVX7WCnnbIOd06gQrxunWZecZ0Kk9hXTf7az1jNX2ePy5xvlzHcXi/WgGjuYGACNKkMl875cJUDiQ== x-fb-trip-id 2050670934 x-frame-options DENY date Thu, 13 Jan 2022 06:09:37 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	Unknown.jpg www.7mindhacks.com/hosted/images/94/5408ac5aa14931b552206d83bc6a36/	141 KB 141 KB	46ms 46ms	Image image/jpeg	2606:4700::6810:10c2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.7mindhacks.com/hosted/images/94/5408ac5aa14931b552206d83bc6a36/Unknown.jpg Requested by Host: www.restoremindset.net URL: https://www.restoremindset.net/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 32690519d612e59edc305516b2046416e30d841e58a7154dce9e1428cb67a467 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.restoremindset.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 13 Jan 2022 06:09:37 GMT cf-cache-status HIT age 2195 cf-polished degrade=85, origSize=157632 content-length 143940 last-modified Mon, 02 Sep 2019 21:31:54 GMT server cloudflare etag "3615710fd79e6f629b513e2fd534c4dd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding content-type image/jpeg cache-control max-age=31536000 x-amz-cf-pop MXP63-P3 accept-ranges bytes cf-ray 6ccc74f10a1623c7-ZRH cf-bgj imgq:85,h2pri
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	130ms 40ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.restoremindset.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 01:54:06 GMT x-content-type-options nosniff age 101731 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 12 Jan 2023 01:54:06 GMT
GET H2	200	TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 fonts.gstatic.com/s/oswald/v40/	24 KB 24 KB	173ms 83ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oswald/v40/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9c21b3dbf862e916d2689453d7f27dcc0539a0239bf323e5f2db397fca0e5d21 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.restoremindset.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 11:24:21 GMT x-content-type-options nosniff age 67516 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24080 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:16:47 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 12 Jan 2023 11:24:21 GMT
GET H3	200	fa-solid-900.woff2 use.fontawesome.com/releases/v5.9.0/webfonts/	74 KB 75 KB	231ms 210ms	Font font/woff2	2606:4700:3031::ac43:d645 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.9.0/webfonts/fa-solid-900.woff2 Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0 Request headers Referer https://use.fontawesome.com/releases/v5.9.0/css/all.css Origin https://www.restoremindset.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 13 Jan 2022 06:09:37 GMT access-control-allow-methods GET vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id E2DV66ZDRFEVQHJ7 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 75440 x-amz-id-2 VQmCj5OxOAQrQIRxJBZ4ACeTgXjsjAfEWiC+HCt6suRRxUNpPRtb0UdHmj+yGP5BWZ+jsZveVaQ= last-modified Wed, 30 Jun 2021 15:48:27 GMT server cloudflare etag "b5cf8ae26748570d8fb95a47f46b69e1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCkUItWnOmklqpNrZvGjTzUGMm60ZaU%2B8zxFmR%2B4FgAYOimMYXM%2FqwpuVrTLKBIa%2BFs9QcZJWBB5M7613LNdOTGZuiPNoV3DvsPfxeicQF2fiH%2Fld8aBE6%2Fy%2F2D4PKYX7LtxVqKfJo5fd%2BOXyETR1R73"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 6ccc74f12e51774d-LHR
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	140ms 50ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.restoremindset.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 11 Jan 2022 20:07:55 GMT x-content-type-options nosniff age 122502 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:28 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 11 Jan 2023 20:07:55 GMT
GET H3	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	16ms 7ms	Script application/x-javascript	2a03:2880:f02d:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: www.restoremindset.net URL: https://www.restoremindset.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aaee47e1033b504d53ce22f60f8a6863f9c13fe9e6de2966a72bce8761ba426e Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.restoremindset.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 hei8K4I5tu4AAtIfyJQ2YA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 1687 x-fb-rlafr 0 x-fb-debug 4JQrQUXBR2gIvR1GpSazX6dfGeRPyMIwbh6FcVqujtORzw3tDzvfIpxWy5yC/wGMhtHAswxqZhSd2UTN/E+4RQ== x-fb-content-md5 6ca7a5d02863d2eefb556a6a669ec747 x-frame-options DENY date Thu, 13 Jan 2022 06:09:37 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 etag "8b1d2b7656adf9d30409076a8159437b" timing-allow-origin * priority u=3,i expires Thu, 13 Jan 2022 06:18:21 GMT
GET H2	200	WnznHAc5bAfYB2QRah7pcpNvOx-pjfJ9eIWpYQ.woff2 fonts.gstatic.com/s/caveat/v10/	47 KB 47 KB	137ms 102ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/caveat/v10/WnznHAc5bAfYB2QRah7pcpNvOx-pjfJ9eIWpYQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%7COswald%7CRoboto%7CCaveat%7CRoboto%7COswald%7CRoboto%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CRoboto%7CMontserrat%7C Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 56bbe59d59b8a7c33323137a3386e06c4c987ee497598c3ce16ff30b5bf0b062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.restoremindset.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 11 Jan 2022 21:52:14 GMT x-content-type-options nosniff age 116243 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47664 x-xss-protection 0 last-modified Thu, 28 Jan 2021 20:38:46 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 11 Jan 2023 21:52:14 GMT
GET H3	200	2515692502005418 Show response connect.facebook.net/signals/config/	305 KB 87 KB	73ms 73ms	Script application/x-javascript	2a03:2880:f02d:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/2515692502005418?v=2.9.48&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f0f36a89d2e4a9f7a50e7e70c269a04b945de57f59957135e47892f3ab60d7bc Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.restoremindset.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug 6XZ37HU0kMXAVVux4XoEMc88exTrfP++kpilCeEKTiNnA+8Tu0j18RiIqeJyoo8jYJ+bKOgjxpkazhGBLpnnNA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Thu, 13 Jan 2022 06:09:37 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	sdk.js Show response connect.facebook.net/en_US/	285 KB 80 KB	16ms 7ms	Script application/x-javascript	2a03:2880:f02d:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=ba3f74f97b6dcb55d2887a7cf0625d72 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 909898ed286dbef4c2a88f992001480f5c8b66fe4f021a17cd427f90cb1c7983 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.restoremindset.net/ Origin https://www.restoremindset.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 l1qqmSQMRw/yTylT8Ulqmg== document-policy force-load-at-top cross-origin-resource-policy cross-origin expires Fri, 13 Jan 2023 05:37:29 GMT alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 82070 x-fb-rlafr 0 x-fb-debug UMjP4TE3sAVbl3eaPl6tBAUc3Sj2LrZWc6kIHrzkRyNtUqB5lVxnO4cNlaUlVm3LXALAhOT3r9nPVpNhFegwJg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 21172300f8f8a47e6320be7f168c4635 cross-origin-opener-policy same-origin-allow-popups date Thu, 13 Jan 2022 06:09:37 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable etag "960e6313ee120aa02641724baa252bca" timing-allow-origin * priority u=3,i access-control-expose-headers X-FB-Content-MD5
GET H2	200	status www.facebook.com/x/oauth/	0 0	74ms 31ms	Fetch text/plain	2a03:2880:f158:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/x/oauth/status?client_id=246441615530259&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.restoremindset.net%2F&sdk=joey&wants_cookie_data=false Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js?hash=ba3f74f97b6dcb55d2887a7cf0625d72 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f158:181:face:b00c:0:25de London, United Kingdom, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.restoremindset.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=15552000; preload x-content-type-options nosniff document-policy force-load-at-top content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 content-length 0 x-fb-rlafr 0 pragma no-cache x-fb-debug 4YCkkN/xpKL3slRpQEqK2Oq2Noqtt85/pHlju+TgaCLV6KMHgc4bNfsYvTfmOxkkWlIHWj281zuazeuTlheZVw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" fb-s unknown date Thu, 13 Jan 2022 06:09:37 GMT report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.restoremindset.net access-control-expose-headers fb-s cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 295 B	46ms 16ms	Image image/gif	2a03:2880:f158:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2515692502005418&ev=PageView&dl=https%3A%2F%2Fwww.restoremindset.net%2F&rl=&if=false&ts=1642054177732&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1642054177731.1739271306&it=1642054177501&coo=false&rqm=GET Requested by Host: www.restoremindset.net URL: https://www.restoremindset.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f158:181:face:b00c:0:25de London, United Kingdom, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.restoremindset.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 13 Jan 2022 06:09:37 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 content-length 44 expires Thu, 13 Jan 2022 06:09:37 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 91 B	36ms 17ms	Image image/gif	2a03:2880:f158:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2515692502005418&ev=Microdata&dl=https%3A%2F%2Fwww.restoremindset.net%2F&rl=&if=false&ts=1642054178235&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Download%20Free%20Meditation%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%22%2C%22og%3Atitle%22%3A%22Download%20Free%20Meditation%22%2C%22og%3Adescription%22%3A%22Where%20should%20I%20send%20your%20free%20meditation%22%2C%22og%3Aurl%22%3A%22https%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1642054177731.1739271306&it=1642054177501&coo=false&es=automatic&tm=3&rqm=GET Requested by Host: www.restoremindset.net URL: https://www.restoremindset.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f158:181:face:b00c:0:25de London, United Kingdom, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.restoremindset.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 13 Jan 2022 06:09:38 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i expires Thu, 13 Jan 2022 06:09:38 GMT

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onsecuritypolicyviolation object| onslotchange function| fbq function| _fbq function| CFFacebookMessengerCheckbox string| CFAppDomain object| cfFacebookInitOptions function| fbAsyncInit object| FB function| $ function| jQuery function| myTimer number| myVar

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.www.7mindhacks.com/	1970-01-20 00:07:35	Name: __cf_bm Value: zkZh7SNiJHtTZCxy25O6pMqHYl37_4O2EaARztoEhG8-1642054177-0-AZK5SSuQ0WDo7QbiqBJufjn2O94DB9wSUFHy3whKvNPwhshq3gEN2q4b0iStKTUWq07PoNUtLZ9c+G0xLZbCHA4Jm1v4wxza+ZVlUpDh0tih
			.clickfunnels.com/	1970-01-20 00:07:35	Name: __cf_bm Value: xhVE8U18pBGokRBOGKfaEMw0OSZFKdrgXhY5NiKM2RM-1642054177-0-AbylXeicB7cGW5V6NLM9DGyby2U4IvIL5RjnuMxq0qlF7F5vcB5VKThUn/uN5SB/6mBTAH0FP3+c3zfgHj1cN3Tg01lyPWddrSYhBljVhlW+
			.restoremindset.net/	1970-01-20 02:17:10	Name: _fbp Value: fb.1.1642054177731.1739271306

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.clickfunnels.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
use.fontawesome.com
www.7mindhacks.com
www.facebook.com
www.restoremindset.net
2606:4700:3031::ac43:d645
2606:4700::6810:10c2
2a00:1450:4001:809::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:82f::200a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f158:181:face:b00c:0:25de
74.115.32.74
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1722e6e2d5278e9ef118a694096bf2040f9e0bd45a6e059dea1ac991c526c580
32690519d612e59edc305516b2046416e30d841e58a7154dce9e1428cb67a467
3698501b9b05aaeb314d447ee0e7d457609a69a313288ca47d6bc00263d8ba39
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
56bbe59d59b8a7c33323137a3386e06c4c987ee497598c3ce16ff30b5bf0b062
5957e4dd42df3eaabc4ea2babc5043d64006950b40d9c5e79d587c8ff95e1a18
5c3b5924202014a4f9d3d22efcdc492cb79cd2bf6dacc0d83a4bb50b9ef25125
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
707e00adce05d1cc5d885b7e89ab4ed74be93b63b15c740ca6452a6d81b11f4f
909898ed286dbef4c2a88f992001480f5c8b66fe4f021a17cd427f90cb1c7983
9c21b3dbf862e916d2689453d7f27dcc0539a0239bf323e5f2db397fca0e5d21
aaee47e1033b504d53ce22f60f8a6863f9c13fe9e6de2966a72bce8761ba426e
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
f0f36a89d2e4a9f7a50e7e70c269a04b945de57f59957135e47892f3ab60d7bc