www.misplacedwindpower.com Open in urlscan Pro
2400:cb00:2048:1::681b:b421 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.misplacedwindpower.com/
Submission: On August 15 via manual (August 15th 2018, 2:57:26 pm UTC) from AL

Summary HTTP 40 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 11 domains to perform 40 HTTP transactions. The main IP is 2400:cb00:2048:1::681b:b421, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.misplacedwindpower.com.

This is the only time www.misplacedwindpower.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	2400:cb00:204... 2400:cb00:2048:1::681b:b421	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
7	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2400:cb00:204... 2400:cb00:2048:1::681b:b521	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	104.20.2.47 104.20.2.47	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	52.222.163.42 52.222.163.42	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	104.20.3.47 104.20.3.47	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
9	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
40	10

11 2400:cb00:2048:1::681b:b421 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.misplacedwindpower.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:815::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2400:cb00:2048:1::681b:b521 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.misplacedwindpower.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.2.47 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.163.42 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-163-42.fra54.r.cloudfront.net

xslt.alexa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.3.47 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:816::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	misplacedwindpower.com www.misplacedwindpower.com	142 KB
8	googlesyndication.com pagead2.googlesyndication.com	124 KB
6	doubleclick.net googleads.g.doubleclick.net
2	statcounter.com www.statcounter.com c.statcounter.com	11 KB
1	facebook.com staticxx.facebook.com
1	google.com adservice.google.com	490 B
1	google.de adservice.google.de	490 B
1	facebook.net connect.facebook.net	64 KB
1	gstatic.com fonts.gstatic.com	9 KB
1	alexa.com xslt.alexa.com	599 B
1	googleapis.com fonts.googleapis.com	869 B
40	11

	Domain	Requested by
17	www.misplacedwindpower.com	www.misplacedwindpower.com
8	pagead2.googlesyndication.com	www.misplacedwindpower.com pagead2.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	staticxx.facebook.com	connect.facebook.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	c.statcounter.com	www.misplacedwindpower.com
1	connect.facebook.net	www.misplacedwindpower.com
1	fonts.gstatic.com	www.misplacedwindpower.com
1	xslt.alexa.com	www.misplacedwindpower.com
1	www.statcounter.com	www.misplacedwindpower.com
1	fonts.googleapis.com	www.misplacedwindpower.com
40	12

This site contains no links.

Subject Issuer	Validity	Valid
*.statcounter.com Go Daddy Secure Certificate Authority - G2	`2018-01-16` - `2019-01-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
*.google.com Google Internet Authority G3	`2018-08-07` - `2018-10-16`	2 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-08-07` - `2018-10-16`	2 months	crt.sh

This page contains 13 frames:

Primary Page: http://www.misplacedwindpower.com/
Frame ID: E046B3D54E8DFA37758A8CBBE49204D9
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20180808/r20180604/zrt_lookup.html
Frame ID: 5141F6E7F78651181D2DBB5BAF727B9A
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180808/r20180604/show_ads_impl.js
Frame ID: 42DF1F17AB14A634C023E339AF75D37B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8802368285815994&output=html&h=90&slotname=3242875473&adk=2903417382&adf=2310942107&w=728&fwrn=4&fwrnh=100&lmt=1534345032&rafmt=1&guci=1.2.0.0.2.2.0&format=728x90&url=http%3A%2F%2Fwww.misplacedwindpower.com%2F&flash=0&fwr=0&rh=0&rw=728&resp_fmts=3&wgl=1&adsid=NT&dt=1534345032235&bpp=11&bdt=123&fdt=12&idt=110&shv=r20180808&cbv=r20180604&saldr=aa&abxe=1&correlator=7143545548625&frm=20&pv=2&ga_vid=1238926067.1534345032&ga_sid=1534345032&ga_hid=911519164&ga_fc=0&iag=0&icsg=44215024&dssz=21&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=68&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21062171%2C368226401%2C21061319&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&fsb=1&xpc=iycGDO3vdf&p=http%3A//www.misplacedwindpower.com&dtd=131
Frame ID: 9F38C22A765106BEB81DE52056443824
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/QX17B8fU-Vm.js?version=42
Frame ID: E5D91709A3B3900867A15C8969824DEB
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180808/r20180604/show_ads_impl.js
Frame ID: CCF4A4AFD55DEDDF6D3A19EC0CF77DB4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8802368285815994&output=html&h=250&slotname=4692167448&adk=2433197485&adf=4055494987&w=300&lmt=1534345032&guci=1.2.0.0.2.2.0&format=300x250&url=http%3A%2F%2Fwww.misplacedwindpower.com%2F&flash=0&avail_w=615&wgl=1&adsid=NT&dt=1534345032248&bpp=7&bdt=136&fdt=139&idt=140&shv=r20180808&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90&correlator=7143545548625&frm=20&pv=1&ga_vid=1238926067.1534345032&ga_sid=1534345032&ga_hid=911519164&ga_fc=0&iag=0&icsg=178432752&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=580&ady=1949&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21062171%2C368226401%2C21061319&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=2&fsb=1&xpc=qRTurYYcgy&p=http%3A//www.misplacedwindpower.com&dtd=146
Frame ID: C5F9153D7F8D87146D408650A46B8A72
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180808/r20180604/show_ads_impl.js
Frame ID: 8ABA399306157584B13929A24C871C37
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8802368285815994&output=html&h=250&slotname=4692167448&adk=2433197485&adf=11874061&w=300&lmt=1534345032&guci=1.2.0.0.2.2.0&format=300x250&url=http%3A%2F%2Fwww.misplacedwindpower.com%2F&flash=0&avail_w=615&wgl=1&adsid=NT&dt=1534345032255&bpp=4&bdt=143&fdt=169&idt=170&shv=r20180808&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&correlator=7143545548625&frm=20&pv=1&ga_vid=1238926067.1534345032&ga_sid=1534345032&ga_hid=911519164&ga_fc=0&iag=0&icsg=178432752&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=580&ady=4082&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21062171%2C368226401%2C21061319&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=3&fsb=1&xpc=uHb9WzMNCp&p=http%3A//www.misplacedwindpower.com&dtd=176
Frame ID: 71CC758A01037D52A92E72628982240F
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180808/r20180604/show_ads_impl.js
Frame ID: 19D06ACC7D2E912B493ADF17EBD1CAA1
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180808/r20180604/show_ads_impl.js
Frame ID: F8998CD8FFFC9E9E3ADE9EF01A307A7B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8802368285815994&output=html&h=600&slotname=5622105735&adk=2428159553&adf=2113530352&w=160&lmt=1534345032&guci=1.2.0.0.2.2.0&format=160x600&url=http%3A%2F%2Fwww.misplacedwindpower.com%2F&flash=0&wgl=1&adsid=NT&dt=1534345032264&bpp=5&bdt=152&fdt=191&idt=193&shv=r20180808&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x250&correlator=7143545548625&frm=20&pv=1&ga_vid=1238926067.1534345032&ga_sid=1534345032&ga_hid=911519164&ga_fc=0&iag=0&icsg=178432752&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=390&ady=188&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21062171%2C368226401%2C21061319&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=5&fsb=1&xpc=pf4DaSOiQu&p=http%3A//www.misplacedwindpower.com&dtd=200
Frame ID: 4B47AA3594F0F8CCC8BF4F85A59D1F9A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8802368285815994&output=html&h=250&slotname=4692167448&adk=2433197485&adf=1906627674&w=300&lmt=1534345032&guci=1.2.0.0.2.2.0&format=300x250&url=http%3A%2F%2Fwww.misplacedwindpower.com%2F&flash=0&avail_w=615&wgl=1&adsid=NT&dt=1534345032260&bpp=4&bdt=147&fdt=182&idt=185&shv=r20180808&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x250%2C160x600&correlator=7143545548625&frm=20&pv=1&ga_vid=1238926067.1534345032&ga_sid=1534345032&ga_hid=911519164&ga_fc=0&iag=0&icsg=178432752&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=580&ady=5942&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21062171%2C368226401%2C21061319&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=4&fsb=1&xpc=VIV4PhliVd&p=http%3A//www.misplacedwindpower.com&dtd=393
Frame ID: 349BAC92BD888494DE76057381523D9E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^google_ad_/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

HeadJS (JavaScript Libraries) Expand

Overall confidence: 50%
Detected patterns

env /^head$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

40
Requests

33 %
HTTPS

70 %
IPv6

11
Domains

12
Subdomains

10
IPs

2
Countries

352 kB
Transfer

1612 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.misplacedwindpower.com/ 91 KB
10 KB 575ms
569ms Document
text/html 2400:cb00:2048:1::681b:b421
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

http://www.misplacedwindpower.com/

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681b:b421 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

567bc4afacf95fbd997dd004ba2203956c1e25f8ef95260bffe1a9269d10672a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.misplacedwindpower.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E046B3D54E8DFA37758A8CBBE49204D9

Response headers

Date: Wed, 15 Aug 2018 14:57:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=df48f66cf1c831c55dfb703d074f566841534345031; expires=Thu, 15-Aug-19 14:57:11 GMT; path=/; domain=.misplacedwindpower.com; HttpOnly
Vary: Accept-Encoding
Link: <http://www.misplacedwindpower.com/wp-json/>; rel="https://api.w.org/"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 44ac831f274227b0-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK so.css
www.misplacedwindpower.com/wp-content/themes/5u5u/ 9 KB
4 KB 12ms
9ms Stylesheet
text/css 2400:cb00:2048:1::681b:b421
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

http://www.misplacedwindpower.com/wp-content/themes/5u5u/so.css

Requested by

Host: www.misplacedwindpower.com
URL: http://www.misplacedwindpower.com/

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681b:b421 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c742944e20c15d0903d3c8f652696921b6a394ca6b77ed855a10d1827249ddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.misplacedwindpower.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.misplacedwindpower.com/
Cookie: __cfduid=df48f66cf1c831c55dfb703d074f566841534345031
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.misplacedwindpower.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 14:57:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 28 Jan 2018 08:25:20 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5a6d88f0-2548"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: public, max-age=31536000
CF-RAY: 44ac8322b00a27b0-FRA
Expires: Thu, 15 Aug 2019 14:57:12 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 763 B
869 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:815::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Ruda

Requested by

Host: www.misplacedwindpower.com
URL: http://www.misplacedwindpower.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

fe82434db9ca0edfde3819990cbf0523a560f1008c4fc6a0d46e8d0052d114c4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.misplacedwindpower.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 14:57:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Aug 2018 14:57:12 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 1; mode=block
Expires: Wed, 15 Aug 2018 14:57:12 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 74 KB
28 KB 36ms
30ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.misplacedwindpower.com
URL: http://www.misplacedwindpower.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

1376979ff3e08e7a73617b78c3e5f8b9eb73cbf1b113bb8ceb529ab3b9f8935f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.misplacedwindpower.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Wed, 15 Aug 2018 14:57:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 7342800383020177943
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 27625
X-XSS-Protection: 1; mode=block
Expires: Wed, 15 Aug 2018 14:57:12 GMT

GET
H/1.1 200
OK a.png
www.misplacedwindpower.com/wp-content/themes/5u5u/i/ 110 B
669 B 30ms
24ms Image
image/png 2400:cb00:2048:1::681b:b421
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.misplacedwindpower.com/wp-content/themes/5u5u/i/a.png

Requested by

Host: www.misplacedwindpower.com
URL: http://www.misplacedwindpower.com/

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681b:b421 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f064b11007507ecebb88b25c6b21a41e51189b079c5a30342c8dc8950019c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.misplacedwindpower.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.misplacedwindpower.com/
Cookie: __cfduid=df48f66cf1c831c55dfb703d074f566841534345031
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.misplacedwindpower.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 14:57:12 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Connection: keep-alive
Content-Length: 110
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 28 Jan 2018 08:25:20 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: "5a6d88f0-6e"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 44ac8322d34727aa-FRA
Expires: Thu, 15 Aug 2019 14:57:12 GMT

GET
H/1.1 200
OK cg.png
www.misplacedwindpower.com/wp-content/themes/5u5u/i/ 18 KB
17 KB 39ms
33ms Image
image/png 2400:cb00:2048:1::681b:b421
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.misplacedwindpower.com/wp-content/themes/5u5u/i/cg.png

Requested by

Host: www.misplacedwindpower.com
URL: http://www.misplacedwindpower.com/

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681b:b421 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd8a22a51850297471ddc53cf7965ff829ca27bbb31ec3cc22c33d6cbe069c7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.misplacedwindpower.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.misplacedwindpower.com/
Cookie: __cfduid=df48f66cf1c831c55dfb703d074f566841534345031
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.misplacedwindpower.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 14:57:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 28 Jan 2018 08:25:20 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5a6d88f0-490a"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Cache-Control: public, max-age=31536000
CF-RAY: 44ac8322d13c27a4-FRA
Expires: Thu, 15 Aug 2019 14:57:12 GMT

GET
H/1.1 200
OK j.js Show response
www.misplacedwindpower.com/wp-content/themes/5u5u/ 90 KB
33 KB 25ms
24ms Script
application/javascript 2400:cb00:2048:1::681b:b421
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

http://www.misplacedwindpower.com/wp-content/themes/5u5u/j.js

Requested by

Host: www.misplacedwindpower.com
URL: http://www.misplacedwindpower.com/

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681b:b421 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d85a448becac14b8df66ad9d5657e9624d10cfd3758af50d43c266a1f9465d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.misplacedwindpower.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://www.misplacedwindpower.com/
Cookie: __cfduid=df48f66cf1c831c55dfb703d074f566841534345031
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.misplacedwindpower.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 14:57:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 28 Jan 2018 08:25:20 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5a6d88f0-16972"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: public, max-age=31536000
CF-RAY: 44ac8322d00f27b0-FRA
Expires: Thu, 15 Aug 2019 14:57:12 GMT

GET
H/1.1 200
OK u.js Show response
www.misplacedwindpower.com/wp-content/themes/5u5u/ 711 B
983 B 12ms
12ms Script
application/javascript 2400:cb00:2048:1::681b:b521
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

http://www.misplacedwindpower.com/wp-content/themes/5u5u/u.js

Requested by

Host: www.misplacedwindpower.com
URL: http://www.misplacedwindpower.com/

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681b:b521 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

66791e1df5cee9cd298fe5a22510f0c924bb9ebb55fce63664b983ec357bd9e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.misplacedwindpower.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://www.misplacedwindpower.com/
Cookie: __cfduid=df48f66cf1c831c55dfb703d074f566841534345031
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.misplacedwindpower.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 14:57:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 28 Jan 2018 08:25:20 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5a6d88f0-2c7"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: public, max-age=31536000
CF-RAY: 44ac8322d3af96a6-FRA
Expires: Thu, 15 Aug 2019 14:57:12 GMT

GET
S 200 counter.js Show response
www.statcounter.com/counter/ 28 KB
11 KB 31ms
8ms Script
application/x-javascript 104.20.2.47
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: www.misplacedwindpower.com
URL: http://www.misplacedwindpower.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.20.2.47 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03da92f035c699a414e7379fc4e431b20d29e4901ed6b1172eb30f2d7308c2ca

Request headers

Referer: http://www.misplacedwindpower.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 15 Aug 2018 14:57:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Apr 2017 13:36:00 GMT
server: cloudflare
etag: W/"59034540-7083"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=43200
x-px: ht h0-s4008.p11-fra.cdngp.net
cf-ray: 44ac8322f9a0befd-FRA
content-length: 10411
expires: Thu, 16 Aug 2018 02:57:12 GMT

GET
H/1.1 200
OK a Show response
xslt.alexa.com/site_stats/js/t/ 151 B
599 B 13ms
7ms Script
binary/octet-stream 52.222.163.42
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://xslt.alexa.com/site_stats/js/t/a?url=misplacedwindpower.com
Requested by: Host: www.misplacedwindpower.com
URL: http://www.misplacedwindpower.com/
Protocol: HTTP/1.1
Server: 52.222.163.42 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-163-42.fra54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd19302865a315df9a57552a585191f452efcbed7b0ab6b6569f4bebb764366e

Request headers

Referer: http://www.misplacedwindpower.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 27 Oct 2017 21:38:35 GMT
Via: 1.1 1eb4c4d1a01293f27e472fcc60f7102d.cloudfront.net (CloudFront)
Last-Modified: Fri, 27 Oct 2017 21:35:55 GMT
Server: AmazonS3
Age: 17107
ETag: "394d6f2c6c2041a2fbcdaad0e525aa7b"
X-Cache: Hit from cloudfront
Content-Type: binary/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 151
X-Amz-Cf-Id: I0BJqFoEozF0VnP2zZ4Quu_-F1VrafCgnef7QvvDB6FfL2v9JrgCAA==

GET
H/1.1 200
OK bgp.png
www.misplacedwindpower.com/wp-content/themes/5u5u/i/ 3 KB
4 KB 19ms
14ms Image
image/png 2400:cb00:2048:1::681b:b521
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.misplacedwindpower.com/wp-content/themes/5u5u/i/bgp.png

Requested by

Host: www.misplacedwindpower.com
URL: http://www.misplacedwindpower.com/

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681b:b521 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e3935d9a2056b686c5c3dcd32d119943821f5dcec39a40f5b77221172ac2de3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.misplacedwindpower.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.misplacedwindpower.com/wp-content/themes/5u5u/so.css
Cookie: __cfduid=df48f66cf1c831c55dfb703d074f566841534345031
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.misplacedwindpower.com/wp-content/themes/5u5u/so.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 14:57:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 28 Jan 2018 08:25:20 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5a6d88f0-c3a"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Cache-Control: public, max-age=31536000
CF-RAY: 44ac8322d62196e8-FRA
Expires: Thu, 15 Aug 2019 14:57:12 GMT

GET
H/1.1 404
Not Found bl.gif
www.misplacedwindpower.com/wp-content/themes/5u5u/i/ 564 B
564 B 35ms
29ms Image
text/html 2400:cb00:2048:1::681b:b421
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.misplacedwindpower.com/wp-content/themes/5u5u/i/bl.gif

Requested by

Host: www.misplacedwindpower.com
URL: http://www.misplacedwindpower.com/

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681b:b421 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.misplacedwindpower.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.misplacedwindpower.com/wp-content/themes/5u5u/so.css
Cookie: __cfduid=df48f66cf1c831c55dfb703d074f566841534345031
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.misplacedwindpower.com/wp-content/themes/5u5u/so.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 14:57:12 GMT
Content-Encoding: gzip
CF-Cache-Status: EXPIRED
Server: cloudflare
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CF-RAY: 44ac8322d5152324-FRA
Expires: Wed, 15 Aug 2018 18:57:12 GMT

GET
H/1.1 404
Not Found lg.png
www.misplacedwindpower.com/wp-content/themes/5u5u/i/ 564 B
564 B 37ms
33ms Image
text/html 2400:cb00:2048:1::681b:b521
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.misplacedwindpower.com/wp-content/themes/5u5u/i/lg.png

Requested by

Host: www.misplacedwindpower.com
URL: http://www.misplacedwindpower.com/

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681b:b521 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.misplacedwindpower.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.misplacedwindpower.com/wp-content/themes/5u5u/so.css
Cookie: __cfduid=df48f66cf1c831c55dfb703d074f566841534345031
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.misplacedwindpower.com/wp-content/themes/5u5u/so.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 14:57:12 GMT
Content-Encoding: gzip
CF-Cache-Status: EXPIRED
Server: cloudflare
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CF-RAY: 44ac8322e3b996a6-FRA
Expires: Wed, 15 Aug 2018 18:57:12 GMT

GET
H/1.1 200
OK k3kfo8YQJOpFqngdaPTKI0E.woff2
fonts.gstatic.com/s/ruda/v9/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/ruda/v9/k3kfo8YQJOpFqngdaPTKI0E.woff2

Requested by

Host: www.misplacedwindpower.com
URL: http://www.misplacedwindpower.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fc3362b082b2d57b744f87386bb3769f598fa66505f6ee912bc3d67736df4c5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Ruda
Origin: http://www.misplacedwindpower.com

Response headers

Date: Sat, 14 Jul 2018 10:20:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 10 Oct 2017 23:10:22 GMT
Server: sffe
Age: 2781408
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 9212
X-XSS-Protection: 1; mode=block
Expires: Sun, 14 Jul 2019 10:20:24 GMT

GET
S

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

210 KB
64 KB

17ms
6ms

Script
application/x-javascript

2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.misplacedwindpower.com
URL: http://www.misplacedwindpower.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

9da3b6259166db154403e27230ffa5117ab38a9f6bd899e00cdddfa29c43b8e3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://www.misplacedwindpower.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 4PWMv82cT/rXcHm7T0lKGw==
status: 200
content-length: 64379
x-xss-protection: 0
x-fb-debug: FiTKE69ek9326o0SDlG7FiS+imVGiAZBRzrLHzJ6IB1FrZI4msMk6p/rp6oeKqKC2zT4jcjcmRU/iky0Ly7qZg==
x-fb-content-md5: 897d891aa116a421fc1bca223db2a31a
x-frame-options: DENY
date: Wed, 15 Aug 2018 14:57:12 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "39e02c3e4762ab880bf2d5d1ed84a783"
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin: *
expires: Wed, 15 Aug 2018 15:00:12 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js#xfbml=1
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK can-you-temporarily-dye-your-hair-blonde-unique-a-brief-guide-to-hair-dye-semi-permanent-vs-permanent-vs-bleach-of-can-you-temporarily-dye-your-hair-blonde-300x150.jpg
www.misplacedwindpower.com/wp-content/uploads/2018/01/ 10 KB
11 KB 22ms
21ms Image
image/jpeg 2400:cb00:2048:1::681b:b521
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.misplacedwindpower.com/wp-content/uploads/2018/01/can-you-temporarily-dye-your-hair-blonde-unique-a-brief-guide-to-hair-dye-semi-permanent-vs-permanent-vs-bleach-of-can-you-temporarily-dye-your-hair-blonde-300x150.jpg

Requested by

Host: www.misplacedwindpower.com
URL: http://www.misplacedwindpower.com/

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681b:b521 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ddbc7077ecb69be0661defbae5265a12eda7fe58ce94f7ff8eb32001c40741e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.misplacedwindpower.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.misplacedwindpower.com/
Cookie: __cfduid=df48f66cf1c831c55dfb703d074f566841534345031
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.misplacedwindpower.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 14:57:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 30 Jan 2018 18:59:12 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5a70c080-29db"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
CF-RAY: 44ac832353ef96a6-FRA
Expires: Thu, 15 Aug 2019 14:57:12 GMT

GET
H/1.1 200
OK can-you-temporarily-dye-your-hair-blonde-beautiful-35-best-ombre-hair-color-ideas-s-of-ombre-hairstyles-of-can-you-temporarily-dye-your-hair-blonde-150x150.jpg
www.misplacedwindpower.com/wp-content/uploads/2018/01/ 7 KB
8 KB 33ms
32ms Image
image/jpeg 2400:cb00:2048:1::681b:b421
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.misplacedwindpower.com/wp-content/uploads/2018/01/can-you-temporarily-dye-your-hair-blonde-beautiful-35-best-ombre-hair-color-ideas-s-of-ombre-hairstyles-of-can-you-temporarily-dye-your-hair-blonde-150x150.jpg

Requested by

Host: www.misplacedwindpower.com
URL: http://www.misplacedwindpower.com/

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681b:b421 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47bd7418ccc375cb5e0d6a47b52da09340edca75ce18e536082f0180ed5563a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.misplacedwindpower.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.misplacedwindpower.com/
Cookie: __cfduid=df48f66cf1c831c55dfb703d074f566841534345031
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.misplacedwindpower.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 14:57:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 30 Jan 2018 18:58:55 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5a70c06f-1dd0"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
CF-RAY: 44ac8323515427a4-FRA
Expires: Thu, 15 Aug 2019 14:57:12 GMT

GET
H/1.1 200
OK can-you-temporarily-dye-your-hair-blonde-beautiful-spice-up-your-hair-with-temporary-spray-on-color-of-can-you-temporarily-dye-your-hair-blonde-150x150.jpg
www.misplacedwindpower.com/wp-content/uploads/2018/01/ 5 KB
6 KB 28ms
28ms Image
image/jpeg 2400:cb00:2048:1::681b:b421
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.misplacedwindpower.com/wp-content/uploads/2018/01/can-you-temporarily-dye-your-hair-blonde-beautiful-spice-up-your-hair-with-temporary-spray-on-color-of-can-you-temporarily-dye-your-hair-blonde-150x150.jpg

Requested by

Host: www.misplacedwindpower.com
URL: http://www.misplacedwindpower.com/

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681b:b421 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a66d838d9065367f8e313cfefb0a1cb1f91b3ce507daf8c93fbdde6f84c1dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.misplacedwindpower.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.misplacedwindpower.com/
Cookie: __cfduid=df48f66cf1c831c55dfb703d074f566841534345031
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.misplacedwindpower.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 14:57:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 30 Jan 2018 18:59:18 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5a70c086-15b0"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
CF-RAY: 44ac8323552b2324-FRA
Expires: Thu, 15 Aug 2019 14:57:12 GMT

GET
H/1.1 200
OK can-you-temporarily-dye-your-hair-blonde-new-amazon-professional-waxy-hair-chalk-pens-hair-chalk-salon-of-can-you-temporarily-dye-your-hair-blonde-150x150.jpg
www.misplacedwindpower.com/wp-content/uploads/2018/01/ 8 KB
8 KB 31ms
30ms Image
image/jpeg 2400:cb00:2048:1::681b:b421
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.misplacedwindpower.com/wp-content/uploads/2018/01/can-you-temporarily-dye-your-hair-blonde-new-amazon-professional-waxy-hair-chalk-pens-hair-chalk-salon-of-can-you-temporarily-dye-your-hair-blonde-150x150.jpg

Requested by

Host: www.misplacedwindpower.com
URL: http://www.misplacedwindpower.com/

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681b:b421 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

eac0a94524e6e10eee427f4bfa800f64b2ff465ea9ffe0080e81be5304424199

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.misplacedwindpower.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.misplacedwindpower.com/
Cookie: __cfduid=df48f66cf1c831c55dfb703d074f566841534345031
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.misplacedwindpower.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 14:57:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 30 Jan 2018 18:59:02 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5a70c076-1fda"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
CF-RAY: 44ac8323535b27aa-FRA
Expires: Thu, 15 Aug 2019 14:57:12 GMT

GET
H/1.1 200
OK can-you-temporarily-dye-your-hair-blonde-fresh-the-16-most-beautiful-hair-color-ideas-for-redheads-of-can-you-temporarily-dye-your-hair-blonde-150x150.jpg
www.misplacedwindpower.com/wp-content/uploads/2018/01/ 6 KB
6 KB 22ms
22ms Image
image/jpeg 2400:cb00:2048:1::681b:b421
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.misplacedwindpower.com/wp-content/uploads/2018/01/can-you-temporarily-dye-your-hair-blonde-fresh-the-16-most-beautiful-hair-color-ideas-for-redheads-of-can-you-temporarily-dye-your-hair-blonde-150x150.jpg

Requested by

Host: www.misplacedwindpower.com
URL: http://www.misplacedwindpower.com/

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681b:b421 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

60115ea3f71d24ab3b8833cfc33aff0a4f7af24fcd6ad49f9bf2c95727961736

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.misplacedwindpower.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.misplacedwindpower.com/
Cookie: __cfduid=df48f66cf1c831c55dfb703d074f566841534345031
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.misplacedwindpower.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 14:57:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 30 Jan 2018 18:59:04 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5a70c078-16cf"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
CF-RAY: 44ac8323503027b0-FRA
Expires: Thu, 15 Aug 2019 14:57:12 GMT

GET
H/1.1 200
OK can-you-temporarily-dye-your-hair-blonde-unique-how-to-remove-purple-from-hair-kmanzo01-of-can-you-temporarily-dye-your-hair-blonde-150x150.jpg
www.misplacedwindpower.com/wp-content/uploads/2018/01/ 8 KB
8 KB 30ms
30ms Image
image/jpeg 2400:cb00:2048:1::681b:b521
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.misplacedwindpower.com/wp-content/uploads/2018/01/can-you-temporarily-dye-your-hair-blonde-unique-how-to-remove-purple-from-hair-kmanzo01-of-can-you-temporarily-dye-your-hair-blonde-150x150.jpg

Requested by

Host: www.misplacedwindpower.com
URL: http://www.misplacedwindpower.com/

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681b:b521 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0385349adda0e4fba846f900982b95340ac14858d77177166e49b32591559ad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.misplacedwindpower.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.misplacedwindpower.com/
Cookie: __cfduid=df48f66cf1c831c55dfb703d074f566841534345031
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.misplacedwindpower.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 14:57:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 30 Jan 2018 18:58:40 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5a70c060-1fa4"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
CF-RAY: 44ac8323564f96e8-FRA
Expires: Thu, 15 Aug 2019 14:57:12 GMT

GET
H/1.1 200
OK can-you-temporarily-dye-your-hair-blonde-beautiful-ditching-dye-how-to-go-gray-gracefully-chicago-tribune-of-can-you-temporarily-dye-your-hair-blonde-150x150.jpg
www.misplacedwindpower.com/wp-content/uploads/2018/01/ 7 KB
7 KB 24ms
24ms Image
image/jpeg 2400:cb00:2048:1::681b:b521
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.misplacedwindpower.com/wp-content/uploads/2018/01/can-you-temporarily-dye-your-hair-blonde-beautiful-ditching-dye-how-to-go-gray-gracefully-chicago-tribune-of-can-you-temporarily-dye-your-hair-blonde-150x150.jpg

Requested by

Host: www.misplacedwindpower.com
URL: http://www.misplacedwindpower.com/

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681b:b521 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3534f41b4010c20998bf09f35a4f2dc09e029db93f4ce14fafb35719e9da35a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.misplacedwindpower.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.misplacedwindpower.com/
Cookie: __cfduid=df48f66cf1c831c55dfb703d074f566841534345031; sc_is_visitor_unique=rx11705725.1534345032.2B98B7C406804F26C53822786475B048.1.1.1.1.1.1.1.1.1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.misplacedwindpower.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 14:57:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 30 Jan 2018 18:58:48 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5a70c068-1aae"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
CF-RAY: 44ac8323740396a6-FRA
Expires: Thu, 15 Aug 2019 14:57:12 GMT

GET
H/1.1 200
OK golden-blonde-hair-dye-on-bleached-hair-new-review-nice-n-easy-non-permanent-colour-medium-ash-blonde-73-up-of-golden-blonde-hair-dye-on-bleached-hair-216x300.jpg
www.misplacedwindpower.com/wp-content/uploads/2018/01/ 16 KB
16 KB 30ms
30ms Image
image/jpeg 2400:cb00:2048:1::681b:b421
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.misplacedwindpower.com/wp-content/uploads/2018/01/golden-blonde-hair-dye-on-bleached-hair-new-review-nice-n-easy-non-permanent-colour-medium-ash-blonde-73-up-of-golden-blonde-hair-dye-on-bleached-hair-216x300.jpg

Requested by

Host: www.misplacedwindpower.com
URL: http://www.misplacedwindpower.com/

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681b:b421 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7bea4c05a322bb97b3fa8a077b09824bbb5faabc9413632d9cdb6b6a3d9003f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.misplacedwindpower.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.misplacedwindpower.com/
Cookie: __cfduid=df48f66cf1c831c55dfb703d074f566841534345031; sc_is_visitor_unique=rx11705725.1534345032.2B98B7C406804F26C53822786475B048.1.1.1.1.1.1.1.1.1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.misplacedwindpower.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 14:57:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 30 Jan 2018 19:00:58 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5a70c0ea-402f"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
CF-RAY: 44ac8323703b27b0-FRA
Expires: Thu, 15 Aug 2019 14:57:12 GMT

GET
H/1.1 200
OK t.php
c.statcounter.com/ 49 B
602 B 317ms
310ms Image
image/gif 104.20.3.47
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://c.statcounter.com/t.php?sc_project=11705725&java=1&security=c2d1491b&u1=2B98B7C406804F26C53822786475B048&sc_random=0.43724200930859225&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=http%3A//www.misplacedwindpower.com/&t=misplacedwindpower.com%20-%20Lovely%20Clairol%20Honey%20Blonde%20Hair%20Dye.%20Fresh%20Best%20Diy%20Hair%20Color%20for%20Blondes.%20Beautiful%20Best%20Strawberry%20Blonde%20Hair%20Color%20at%20Home.%20clairol%20honey%20blonde%20textures%20tones%20hair%20dye.%20clairol%20honey%20blonde%20hair%20dye.&sc_snum=1&sess=7a9eb4&p=0&invisible=1
Requested by: Host: www.misplacedwindpower.com
URL: http://www.misplacedwindpower.com/
Protocol: HTTP/1.1
Server: 104.20.3.47 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: http://www.misplacedwindpower.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 14:57:12 GMT
Server: cloudflare
P3P: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
Content-Type: image/gif
Connection: keep-alive
CF-RAY: 44ac832375229792-FRA
Content-Length: 49
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
490 B 47ms
26ms Script
application/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.misplacedwindpower.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.misplacedwindpower.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Aug 2018 14:57:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
490 B 47ms
26ms Script
application/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.misplacedwindpower.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.misplacedwindpower.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Aug 2018 14:57:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 ca-pub-8802368285815994.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 133 B
247 B 7ms
6ms Script
text/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-8802368285815994.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.misplacedwindpower.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 15 Aug 2018 10:00:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 15 Aug 2018 05:52:12 GMT
server: sffe
age: 17806
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 125
x-xss-protection: 1; mode=block
expires: Wed, 15 Aug 2018 22:00:26 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20180808/r20180604/ Frame 5141 0
0 10ms
5ms Document
text/html 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20180808/r20180604/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20180808/r20180604/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.misplacedwindpower.com/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E046B3D54E8DFA37758A8CBBE49204D9
Referer: http://www.misplacedwindpower.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 09 Aug 2018 06:28:08 GMT
expires: Thu, 23 Aug 2018 06:28:08 GMT
content-type: text/html; charset=UTF-8
etag: 15840095812326030575
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6941
x-xss-protection: 1; mode=block
cache-control: public, max-age=1209600
age: 548944
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180808/r20180604/ Frame 42DF 188 KB
70 KB 42ms
37ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20180808/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4bcc1453daa90791a739a930acc73fe8469cfb9fa7f66dcca3e474e96f490350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.misplacedwindpower.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Wed, 15 Aug 2018 14:57:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 5694813182847264045
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 71310
X-XSS-Protection: 1; mode=block
Expires: Wed, 15 Aug 2018 14:57:12 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 9F38 0
0 243ms
242ms Document
text/html 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8802368285815994&output=html&h=90&slotname=3242875473&adk=2903417382&adf=2310942107&w=728&fwrn=4&fwrnh=100&lmt=1534345032&rafmt=1&guci=1.2.0.0.2.2.0&format=728x90&url=http%3A%2F%2Fwww.misplacedwindpower.com%2F&flash=0&fwr=0&rh=0&rw=728&resp_fmts=3&wgl=1&adsid=NT&dt=1534345032235&bpp=11&bdt=123&fdt=12&idt=110&shv=r20180808&cbv=r20180604&saldr=aa&abxe=1&correlator=7143545548625&frm=20&pv=2&ga_vid=1238926067.1534345032&ga_sid=1534345032&ga_hid=911519164&ga_fc=0&iag=0&icsg=44215024&dssz=21&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=68&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21062171%2C368226401%2C21061319&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&fsb=1&xpc=iycGDO3vdf&p=http%3A//www.misplacedwindpower.com&dtd=131

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180808/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8802368285815994&output=html&h=90&slotname=3242875473&adk=2903417382&adf=2310942107&w=728&fwrn=4&fwrnh=100&lmt=1534345032&rafmt=1&guci=1.2.0.0.2.2.0&format=728x90&url=http%3A%2F%2Fwww.misplacedwindpower.com%2F&flash=0&fwr=0&rh=0&rw=728&resp_fmts=3&wgl=1&adsid=NT&dt=1534345032235&bpp=11&bdt=123&fdt=12&idt=110&shv=r20180808&cbv=r20180604&saldr=aa&abxe=1&correlator=7143545548625&frm=20&pv=2&ga_vid=1238926067.1534345032&ga_sid=1534345032&ga_hid=911519164&ga_fc=0&iag=0&icsg=44215024&dssz=21&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=68&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21062171%2C368226401%2C21061319&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&fsb=1&xpc=iycGDO3vdf&p=http%3A//www.misplacedwindpower.com&dtd=131
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.misplacedwindpower.com/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E046B3D54E8DFA37758A8CBBE49204D9
Referer: http://www.misplacedwindpower.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 15 Aug 2018 14:57:12 GMT
server: cafe
cache-control: private
content-length: 383
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Wed, 15-Aug-2018 15:12:12 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Wed, 15 Aug 2018 14:57:12 GMT

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/js/r20180808/r20180604/ 70 KB
26 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20180808/r20180604/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180808/r20180604/show_ads_impl.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

f58398c8f74de364c484b7f01db10b3c3e608699d5d209c02db32e7f066e07a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.misplacedwindpower.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 09 Aug 2018 06:06:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 550258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26275
x-xss-protection: 1; mode=block
server: cafe
etag: 15787436124949168696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Aug 2018 06:06:14 GMT

GET
H2 200 QX17B8fU-Vm.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame E5D9 0
0 8ms
6ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/QX17B8fU-Vm.js?version=42

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/QX17B8fU-Vm.js?version=42
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.misplacedwindpower.com/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E046B3D54E8DFA37758A8CBBE49204D9
Referer: http://www.misplacedwindpower.com/

Response headers

status: 200
expires: Wed, 14 Aug 2019 19:43:27 GMT
cache-control: public,max-age=31536000,immutable
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
x-fb-debug: KS1mPR6yPE4tXvIcmLrOH1scDZi1xZWEbAXE4Md8OkJBGdbX8dmaKkECchyNYwexTlbt65BNK+FDtRRoWBAc/g==
content-length: 13906
date: Wed, 15 Aug 2018 14:57:12 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180808/r20180604/ Frame CCF4 188 KB
0 42ms
37ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20180808/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4bcc1453daa90791a739a930acc73fe8469cfb9fa7f66dcca3e474e96f490350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Date: Wed, 15 Aug 2018 14:57:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 5694813182847264045
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 71310
X-XSS-Protection: 1; mode=block
Expires: Wed, 15 Aug 2018 14:57:12 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame C5F9 0
0 215ms
214ms Document
text/html 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8802368285815994&output=html&h=250&slotname=4692167448&adk=2433197485&adf=4055494987&w=300&lmt=1534345032&guci=1.2.0.0.2.2.0&format=300x250&url=http%3A%2F%2Fwww.misplacedwindpower.com%2F&flash=0&avail_w=615&wgl=1&adsid=NT&dt=1534345032248&bpp=7&bdt=136&fdt=139&idt=140&shv=r20180808&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90&correlator=7143545548625&frm=20&pv=1&ga_vid=1238926067.1534345032&ga_sid=1534345032&ga_hid=911519164&ga_fc=0&iag=0&icsg=178432752&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=580&ady=1949&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21062171%2C368226401%2C21061319&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=2&fsb=1&xpc=qRTurYYcgy&p=http%3A//www.misplacedwindpower.com&dtd=146

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180808/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8802368285815994&output=html&h=250&slotname=4692167448&adk=2433197485&adf=4055494987&w=300&lmt=1534345032&guci=1.2.0.0.2.2.0&format=300x250&url=http%3A%2F%2Fwww.misplacedwindpower.com%2F&flash=0&avail_w=615&wgl=1&adsid=NT&dt=1534345032248&bpp=7&bdt=136&fdt=139&idt=140&shv=r20180808&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90&correlator=7143545548625&frm=20&pv=1&ga_vid=1238926067.1534345032&ga_sid=1534345032&ga_hid=911519164&ga_fc=0&iag=0&icsg=178432752&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=580&ady=1949&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21062171%2C368226401%2C21061319&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=2&fsb=1&xpc=qRTurYYcgy&p=http%3A//www.misplacedwindpower.com&dtd=146
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.misplacedwindpower.com/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E046B3D54E8DFA37758A8CBBE49204D9
Referer: http://www.misplacedwindpower.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 15 Aug 2018 14:57:12 GMT
server: cafe
cache-control: private
content-length: 385
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Wed, 15-Aug-2018 15:12:12 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Wed, 15 Aug 2018 14:57:12 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180808/r20180604/ Frame 8ABA 188 KB
0 42ms
37ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20180808/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4bcc1453daa90791a739a930acc73fe8469cfb9fa7f66dcca3e474e96f490350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Date: Wed, 15 Aug 2018 14:57:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 5694813182847264045
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 71310
X-XSS-Protection: 1; mode=block
Expires: Wed, 15 Aug 2018 14:57:12 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 71CC 0
0 222ms
221ms Document
text/html 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8802368285815994&output=html&h=250&slotname=4692167448&adk=2433197485&adf=11874061&w=300&lmt=1534345032&guci=1.2.0.0.2.2.0&format=300x250&url=http%3A%2F%2Fwww.misplacedwindpower.com%2F&flash=0&avail_w=615&wgl=1&adsid=NT&dt=1534345032255&bpp=4&bdt=143&fdt=169&idt=170&shv=r20180808&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&correlator=7143545548625&frm=20&pv=1&ga_vid=1238926067.1534345032&ga_sid=1534345032&ga_hid=911519164&ga_fc=0&iag=0&icsg=178432752&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=580&ady=4082&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21062171%2C368226401%2C21061319&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=3&fsb=1&xpc=uHb9WzMNCp&p=http%3A//www.misplacedwindpower.com&dtd=176

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180808/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8802368285815994&output=html&h=250&slotname=4692167448&adk=2433197485&adf=11874061&w=300&lmt=1534345032&guci=1.2.0.0.2.2.0&format=300x250&url=http%3A%2F%2Fwww.misplacedwindpower.com%2F&flash=0&avail_w=615&wgl=1&adsid=NT&dt=1534345032255&bpp=4&bdt=143&fdt=169&idt=170&shv=r20180808&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&correlator=7143545548625&frm=20&pv=1&ga_vid=1238926067.1534345032&ga_sid=1534345032&ga_hid=911519164&ga_fc=0&iag=0&icsg=178432752&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=580&ady=4082&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21062171%2C368226401%2C21061319&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=3&fsb=1&xpc=uHb9WzMNCp&p=http%3A//www.misplacedwindpower.com&dtd=176
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.misplacedwindpower.com/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E046B3D54E8DFA37758A8CBBE49204D9
Referer: http://www.misplacedwindpower.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 15 Aug 2018 14:57:12 GMT
server: cafe
cache-control: private
content-length: 48371
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Wed, 15-Aug-2018 15:12:12 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Wed, 15 Aug 2018 14:57:12 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180808/r20180604/ Frame 19D0 188 KB
0 42ms
37ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20180808/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4bcc1453daa90791a739a930acc73fe8469cfb9fa7f66dcca3e474e96f490350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Date: Wed, 15 Aug 2018 14:57:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 5694813182847264045
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 71310
X-XSS-Protection: 1; mode=block
Expires: Wed, 15 Aug 2018 14:57:12 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180808/r20180604/ Frame F899 188 KB
0 42ms
37ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20180808/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4bcc1453daa90791a739a930acc73fe8469cfb9fa7f66dcca3e474e96f490350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Date: Wed, 15 Aug 2018 14:57:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 5694813182847264045
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 71310
X-XSS-Protection: 1; mode=block
Expires: Wed, 15 Aug 2018 14:57:12 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 4B47 0
0 170ms
170ms Document
text/html 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8802368285815994&output=html&h=600&slotname=5622105735&adk=2428159553&adf=2113530352&w=160&lmt=1534345032&guci=1.2.0.0.2.2.0&format=160x600&url=http%3A%2F%2Fwww.misplacedwindpower.com%2F&flash=0&wgl=1&adsid=NT&dt=1534345032264&bpp=5&bdt=152&fdt=191&idt=193&shv=r20180808&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x250&correlator=7143545548625&frm=20&pv=1&ga_vid=1238926067.1534345032&ga_sid=1534345032&ga_hid=911519164&ga_fc=0&iag=0&icsg=178432752&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=390&ady=188&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21062171%2C368226401%2C21061319&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=5&fsb=1&xpc=pf4DaSOiQu&p=http%3A//www.misplacedwindpower.com&dtd=200

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180808/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8802368285815994&output=html&h=600&slotname=5622105735&adk=2428159553&adf=2113530352&w=160&lmt=1534345032&guci=1.2.0.0.2.2.0&format=160x600&url=http%3A%2F%2Fwww.misplacedwindpower.com%2F&flash=0&wgl=1&adsid=NT&dt=1534345032264&bpp=5&bdt=152&fdt=191&idt=193&shv=r20180808&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x250&correlator=7143545548625&frm=20&pv=1&ga_vid=1238926067.1534345032&ga_sid=1534345032&ga_hid=911519164&ga_fc=0&iag=0&icsg=178432752&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=390&ady=188&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21062171%2C368226401%2C21061319&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=5&fsb=1&xpc=pf4DaSOiQu&p=http%3A//www.misplacedwindpower.com&dtd=200
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.misplacedwindpower.com/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E046B3D54E8DFA37758A8CBBE49204D9
Referer: http://www.misplacedwindpower.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 15 Aug 2018 14:57:12 GMT
server: cafe
cache-control: private
content-length: 15524
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Wed, 15-Aug-2018 15:12:12 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Wed, 15 Aug 2018 14:57:12 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 349B 0
0 231ms
230ms Document
text/html 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8802368285815994&output=html&h=250&slotname=4692167448&adk=2433197485&adf=1906627674&w=300&lmt=1534345032&guci=1.2.0.0.2.2.0&format=300x250&url=http%3A%2F%2Fwww.misplacedwindpower.com%2F&flash=0&avail_w=615&wgl=1&adsid=NT&dt=1534345032260&bpp=4&bdt=147&fdt=182&idt=185&shv=r20180808&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x250%2C160x600&correlator=7143545548625&frm=20&pv=1&ga_vid=1238926067.1534345032&ga_sid=1534345032&ga_hid=911519164&ga_fc=0&iag=0&icsg=178432752&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=580&ady=5942&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21062171%2C368226401%2C21061319&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=4&fsb=1&xpc=VIV4PhliVd&p=http%3A//www.misplacedwindpower.com&dtd=393

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180808/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8802368285815994&output=html&h=250&slotname=4692167448&adk=2433197485&adf=1906627674&w=300&lmt=1534345032&guci=1.2.0.0.2.2.0&format=300x250&url=http%3A%2F%2Fwww.misplacedwindpower.com%2F&flash=0&avail_w=615&wgl=1&adsid=NT&dt=1534345032260&bpp=4&bdt=147&fdt=182&idt=185&shv=r20180808&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x250%2C160x600&correlator=7143545548625&frm=20&pv=1&ga_vid=1238926067.1534345032&ga_sid=1534345032&ga_hid=911519164&ga_fc=0&iag=0&icsg=178432752&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=580&ady=5942&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21062171%2C368226401%2C21061319&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=4&fsb=1&xpc=VIV4PhliVd&p=http%3A//www.misplacedwindpower.com&dtd=393
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.misplacedwindpower.com/
accept-encoding: gzip, deflate
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E046B3D54E8DFA37758A8CBBE49204D9
Referer: http://www.misplacedwindpower.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 15 Aug 2018 14:57:12 GMT
server: cafe
cache-control: private
content-length: 386
x-xss-protection: 1; mode=block
set-cookie: IDE=AHWqTUm6lQF-Uy4X5kgoqtyNJY2mTAqphsA27GBAwgemnfdmu0ELDq3aT6aHfEpv; expires=Mon, 09-Sep-2019 14:57:12 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Wed, 15 Aug 2018 14:57:12 GMT

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 03:34:01	Name: IDE Value: AHWqTUm6lQF-Uy4X5kgoqtyNJY2mTAqphsA27GBAwgemnfdmu0ELDq3aT6aHfEpv

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
c.statcounter.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
staticxx.facebook.com
www.misplacedwindpower.com
www.statcounter.com
xslt.alexa.com
104.20.2.47
104.20.3.47
2400:cb00:2048:1::681b:b421
2400:cb00:2048:1::681b:b521
2a00:1450:4001:815::2002
2a00:1450:4001:815::200a
2a00:1450:4001:816::2002
2a00:1450:4001:825::2003
2a03:2880:f02d:12:face:b00c:0:3
52.222.163.42
0385349adda0e4fba846f900982b95340ac14858d77177166e49b32591559ad7
03da92f035c699a414e7379fc4e431b20d29e4901ed6b1172eb30f2d7308c2ca
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2
1376979ff3e08e7a73617b78c3e5f8b9eb73cbf1b113bb8ceb529ab3b9f8935f
2c742944e20c15d0903d3c8f652696921b6a394ca6b77ed855a10d1827249ddd
2e3935d9a2056b686c5c3dcd32d119943821f5dcec39a40f5b77221172ac2de3
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
4bcc1453daa90791a739a930acc73fe8469cfb9fa7f66dcca3e474e96f490350
567bc4afacf95fbd997dd004ba2203956c1e25f8ef95260bffe1a9269d10672a
5ddbc7077ecb69be0661defbae5265a12eda7fe58ce94f7ff8eb32001c40741e
60115ea3f71d24ab3b8833cfc33aff0a4f7af24fcd6ad49f9bf2c95727961736
66791e1df5cee9cd298fe5a22510f0c924bb9ebb55fce63664b983ec357bd9e1
6f064b11007507ecebb88b25c6b21a41e51189b079c5a30342c8dc8950019c0c
7a66d838d9065367f8e313cfefb0a1cb1f91b3ce507daf8c93fbdde6f84c1dd9
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
8d85a448becac14b8df66ad9d5657e9624d10cfd3758af50d43c266a1f9465d1
9da3b6259166db154403e27230ffa5117ab38a9f6bd899e00cdddfa29c43b8e3
cd19302865a315df9a57552a585191f452efcbed7b0ab6b6569f4bebb764366e
dd8a22a51850297471ddc53cf7965ff829ca27bbb31ec3cc22c33d6cbe069c7c
e7bea4c05a322bb97b3fa8a077b09824bbb5faabc9413632d9cdb6b6a3d9003f
eac0a94524e6e10eee427f4bfa800f64b2ff465ea9ffe0080e81be5304424199
f3534f41b4010c20998bf09f35a4f2dc09e029db93f4ce14fafb35719e9da35a
f47bd7418ccc375cb5e0d6a47b52da09340edca75ce18e536082f0180ed5563a
f58398c8f74de364c484b7f01db10b3c3e608699d5d209c02db32e7f066e07a1
fc3362b082b2d57b744f87386bb3769f598fa66505f6ee912bc3d67736df4c5b
fe82434db9ca0edfde3819990cbf0523a560f1008c4fc6a0d46e8d0052d114c4

www.misplacedwindpower.com Open in urlscan Pro 2400:cb00:2048:1::681b:b421 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

40 Requests

33 %HTTPS

70 %IPv6

11 Domains

12 Subdomains

10 IPs

2 Countries

352 kBTransfer

1612 kBSize

1 Cookies

0 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.misplacedwindpower.com Open in urlscan Pro
2400:cb00:2048:1::681b:b421 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

33 %
HTTPS

70 %
IPv6

11
Domains

12
Subdomains

10
IPs

2
Countries

352 kB
Transfer

1612 kB
Size

1
Cookies

40 HTTP transactions
0 data transactions