urlscan.io logo urlscan.io
SecurityTrails logo

blowinthewind.com Open in urlscan Pro
2606:4700:3035::6815:29a  Public Scan

Go To Rescan Add Verdict Report
URL: https://blowinthewind.com/
Submission: On September 30 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 1 countries across 5 domains to perform 39 HTTP transactions. The main IP is 2606:4700:3035::6815:29a, located in United States and belongs to CLOUDFLARENET, US. The main domain is blowinthewind.com.
TLS certificate: Issued by WE1 on September 30th 2024. Valid for: 3 months.
This is the only time blowinthewind.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

17    2606:4700:3035::6815:29a (United States)

ASN13335 (CLOUDFLARENET, US)
blowinthewind.com
www.blowinthewind.com
3    2607:f8b0:400d:c07::71 (Morganton, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
2    2607:f8b0:400d:c04::61 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2607:f8b0:4004:c08::9a (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c0b::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:400d:c0d::9d (Morganton, United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
2    2607:f8b0:400d:c1d::9a (Morganton, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2607:f8b0:400d:c0b::84 (Morganton, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2607:f8b0:400d:c01::68 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
17 blowinthewind.com
blowinthewind.com
www.blowinthewind.com
448 KB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
tpc.googlesyndication.com — Cisco Umbrella Rank: 170
239 KB
5 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 697
analytics.google.com — Cisco Umbrella Rank: 158
www.google.com — Cisco Umbrella Rank: 3
17 KB
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 152
td.doubleclick.net — Cisco Umbrella Rank: 216
googleads.g.doubleclick.net — Cisco Umbrella Rank: 53
555 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
175 KB
39 5
Domain Requested by
12 www.blowinthewind.com blowinthewind.com
www.blowinthewind.com
5 pagead2.googlesyndication.com blowinthewind.com
pagead2.googlesyndication.com
5 blowinthewind.com blowinthewind.com
3 fundingchoicesmessages.google.com blowinthewind.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.googletagmanager.com blowinthewind.com
1 www.google.com tpc.googlesyndication.com
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
39 11

This site contains links to these domains. Also see Links.

Domain
www.blowinthewind.com
Subject Issuer Validity Valid
blowinthewind.com
WE1		 2024-09-30 -
2024-12-29		 3 months crt.sh
*.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.doubleclick.net
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://blowinthewind.com/
Frame ID: A8E701C5B04AA06E44954AA46816AAE5
Requests: 34 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-C34PKPGCGY&gacid=1902076444.1727698045&gtm=45je49p0v9122667613za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101747727&z=492029079
Frame ID: 4BD986AC78209CAA2D3294FA0DDEB92B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240925/r20190131/zrt_lookup_fy2021.html
Frame ID: 96D1688F1E338415133317C9C77F87B6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1697647680804716&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1727692477&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fblowinthewind.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiapm=0.46927&aiapmi=0.48129&aiombap=1&aipecl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727698044576&bpp=7&bdt=353&idt=314&shv=r20240925&mjsv=m202409230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=8101157633529&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95339782%2C31087428%2C31087430%2C31087435%2C95338229%2C95342016%2C95343328&oid=2&pvsid=4008799761622204&tmod=499044243&uas=0&nvt=1&fsapi=1&fc=1920&brdim=350%2C350%2C350%2C350%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=348
Frame ID: 009E345106B5B1F6E3226F2F81F3CE0E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: 545A943FD29EE56C99E51487EF0966D4
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D65FE5A28E071FC966971315DCBBEFF6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

39
Requests

90 %
HTTPS

100 %
IPv6

5
Domains

11
Subdomains

11
IPs

1
Countries

879 kB
Transfer

1733 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
blowinthewind.com/ 		29 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blowinthewind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:29a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3830ac8ac11e9c5f6af63f051f7d017ada452a97a70d2b14123e5496e326a95f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8cb417a65fd44244-EWR
content-encoding
br
content-type
text/html
date
Mon, 30 Sep 2024 12:07:24 GMT
last-modified
Mon, 30 Sep 2024 10:34:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gcebNc6AHZHnM6LmcPhmkNBic%2Bwt8ghVL7AygmDl136e6rmlwjrFIoU%2BQlrs%2BhNkZu62iMxvgJnQRmLjBMjSxadSrp8cXdB0Cl%2BSH4N4n43kXQ417hRBFXJlJAAfM8lINCEjoUGOeERrPkcWV9kCwA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding
speculation
blowinthewind.com/cdn-cgi/ 		128 B
564 B 		Other
General
Check archive.org
Download Go to
Full URL
https://blowinthewind.com/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:29a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://blowinthewind.com
Referer
https://blowinthewind.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B%2BmCZyFKM6UaC93hndMbukMXRjLbzZI2pqwMMdcjYkYL5T9EN9lvHI1QxVcx5qns0Z2EfiwZdC6faX9rBQSlu9c6zLdRvQm9mhyfWx7s%2BC%2FdeuGlWQt5fvqUY2yDVxwt%2FZS3JqyrF%2Fk%2BcggE0bGvuw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb417a88a0c4244-EWR
access-control-allow-origin
https://blowinthewind.com
content-length
128
date
Mon, 30 Sep 2024 12:07:24 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
pub-1697647680804716
fundingchoicesmessages.google.com/i/ 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-1697647680804716?ers=1
Requested by
Host: blowinthewind.com
URL: https://blowinthewind.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
310db8b3316c5323060c928a1515ffedbbd1ef9a57671578534bda01fa2fffb6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-iGZus_g72i47jN1hqE7iag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blowinthewind.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 12:07:24 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJi8NaQYjh56zbTRSA-73SH6ToQS3x9yaQGxE7pM1gDgLj15jnWyUCc9O88awEQu2tdZPUH4iURF1kPJF5kNVS4xGoPxI5Fl1g9gVi15xKrMRDfX3eJ9TkQ7_14ifUoEC-9f5l1LRAXSVxhbQBiIR6OPytebWcT-LDr7H1GJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxMDSyMzPQPT-AIDAKMbT3M"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-iGZus_g72i47jN1hqE7iag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
js
www.googletagmanager.com/gtag/ 		329 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-C34PKPGCGY
Requested by
Host: blowinthewind.com
URL: https://blowinthewind.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
697083d30d643c79460439981de4c37eba24045c71eca27e973a50f76fefa921
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blowinthewind.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 30 Sep 2024 12:07:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 12:07:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109528
x-xss-protection
0
server
Google Tag Manager
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		151 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1697647680804716
Requested by
Host: blowinthewind.com
URL: https://blowinthewind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
086910a7675ba0fea333005645f0e1f20d1683862e8e0d99a4c33d2a195f1c75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blowinthewind.com/

Response headers

content-encoding
br
etag
11040167537002556623
x-content-type-options
nosniff
expires
Mon, 30 Sep 2024 12:07:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 30 Sep 2024 12:07:24 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
52469
x-xss-protection
0
server
cafe
site.css
www.blowinthewind.com/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blowinthewind.com/site.css
Requested by
Host: blowinthewind.com
URL: https://blowinthewind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:29a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a9fd16b853a04c07b48b0c321606d7de74e7e270032ea7971a35bf0f340d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blowinthewind.com/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"66fa7ebc-348e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yajCSpaf38E3j70Ah4qllp8RGx9EmtUMhfziuRvXkXdXK9xay%2BtB5PRn0UEaldP6HEukAVyn1%2BI%2FWTqUKnQWE4PVvcpRxVIi7EvcFlH%2BMV2YPAkW6shcAGZLmMSxVpQF7PxPoEJwiZq0A%2FijqxHjlPySwhQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb417a8ea6a4244-EWR
expires
Tue, 01 Oct 2024 00:07:24 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 30 Sep 2024 12:07:24 GMT
content-type
text/css
last-modified
Mon, 30 Sep 2024 10:34:36 GMT
vary
Accept-Encoding
server
cloudflare
font-awesome.min.css
www.blowinthewind.com/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blowinthewind.com/css/font-awesome.min.css
Requested by
Host: blowinthewind.com
URL: https://blowinthewind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:29a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84b0fb0efcff1c6685a952a2ce350cac267e2950859f0fe394c0d76bc0a3e47f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blowinthewind.com/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"66fa1fd1-7929"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nr85F4TZ06zvDsBf16uCZ4EqDMt%2FDc2g2Vp%2BWH8un7i3vd%2Bi5CDJnp4CsMrqfwUL9x9mT0%2FQp9CZOdfAhQqPhMDYkXFleN75n4kFZRFMvUshyDEK2uwlRykwdBjr7U5xgGKfN1e4VGcgx4uNROHHUlCeK9g%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb417a8fa6d4244-EWR
expires
Tue, 01 Oct 2024 00:07:24 GMT
date
Mon, 30 Sep 2024 12:07:24 GMT
content-type
text/css
last-modified
Mon, 30 Sep 2024 03:49:37 GMT
vary
Accept-Encoding
server
cloudflare
627cbbb7a283e26900.png
www.blowinthewind.com/processed_images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blowinthewind.com/processed_images/627cbbb7a283e26900.png
Requested by
Host: blowinthewind.com
URL: https://blowinthewind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:29a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5177aaf1f4054939ca96f48b3ea7cc403511b4c24bf996a1530266a4ce3c677

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blowinthewind.com/

Response headers

cf-cache-status
MISS
etag
"66fa7ebf-1a5b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IlcpDqfUuU7LGHsvhVYOnNwkkMtZgjk5QLF0Ei7mMS5bFPrKoVflN4bcjNvmUQgPI6BSsFVbdMJ56OUaa3R2J7FAt7iX%2FUs9n8v9Rc7qeRtTQWMhApsPANnTVXvj%2BtR6cQADb399gH1lWK835bi9YwN6EZY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Wed, 30 Oct 2024 12:07:24 GMT
date
Mon, 30 Sep 2024 12:07:24 GMT
content-type
image/png
last-modified
Mon, 30 Sep 2024 10:34:39 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cb417a8fa704244-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
6747
server
cloudflare
banner.jpg
blowinthewind.com/ 		220 KB
221 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blowinthewind.com/banner.jpg
Requested by
Host: blowinthewind.com
URL: https://blowinthewind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:29a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad0aaa1c654fbd2a453236dbf7cf3e3c3ae60156cdda3fd0a16a685d4a639713

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blowinthewind.com/

Response headers

cf-cache-status
MISS
etag
"66fa1fd1-371b0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AnaDYo8npT2%2BrKrk4DVzRgZ5zDQrDStYC3DdQgdDBgGUOPN%2BksglXDaM%2B42wVL8Ou3TykfGz%2FdQXFHCq587ZnRh%2BA3T0sqaIWk9eAnVxJMEuJu57Fl0%2FF0ykfJ4lWV4Oj6k6WtGKkwmPIz8nenmmAA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Wed, 30 Oct 2024 12:07:24 GMT
date
Mon, 30 Sep 2024 12:07:24 GMT
content-type
image/jpeg
last-modified
Mon, 30 Sep 2024 03:49:37 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cb417a88a104244-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
225712
server
cloudflare
logo_footer.png
blowinthewind.com/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blowinthewind.com/logo_footer.png
Requested by
Host: blowinthewind.com
URL: https://blowinthewind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:29a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc3fbec495efa1b4c1ed2d87116f7af03a8f6914097b7686d4a5bdf417dde625

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blowinthewind.com/

Response headers

cf-cache-status
MISS
etag
"66fa7d8b-1cdf"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wpTeriYW%2Bp6H521Vl%2FwrM%2F7POPt5rgkdXbb%2FOrl2hXgdd8rXG6rL5cX9xhDSo2U6Z8XaBiEjqhDE3kbnUdYP%2BahyfskH%2FeQuYeGTp6lXCAn77EhBrLR%2FqK6XKYRLMJ6pqF%2FYTpHDTQZNceZrWm2lgw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Wed, 30 Oct 2024 12:07:24 GMT
date
Mon, 30 Sep 2024 12:07:24 GMT
content-type
image/png
last-modified
Mon, 30 Sep 2024 10:29:31 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cb417a8ea644244-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
7391
server
cloudflare
woman.js
www.blowinthewind.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blowinthewind.com/woman.js
Requested by
Host: blowinthewind.com
URL: https://blowinthewind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:29a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22c8110fe4da2a356c3e2c3d1d4c957a70fa484c1044413b59814aeea2561d4a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blowinthewind.com/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"66fa1fd1-d92"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sKxz%2B7gGfNZagwy%2BIrBs6yx5PxZ5JTYMJfgrcqOae7iemZal%2FUlMTs76ZAC%2FYbTVVzBquvsFjgUaG%2F6Vc9OFXOzYONCGselWYFMrPp3ebA5CdHCdjVr7AUT57elRr4K4VkamIJZvagpPdlvYTOTorFI8eNA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb417a8fa6e4244-EWR
expires
Tue, 01 Oct 2024 00:07:24 GMT
date
Mon, 30 Sep 2024 12:07:24 GMT
content-type
application/javascript
last-modified
Mon, 30 Sep 2024 03:49:37 GMT
vary
Accept-Encoding
server
cloudflare
adlistener.js
www.blowinthewind.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blowinthewind.com/js/adlistener.js
Requested by
Host: blowinthewind.com
URL: https://blowinthewind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:29a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85012857584f0c58a9f18c758ba46d47846d090a526aabbc77c7f1cb51c108e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blowinthewind.com/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"66fa1fd1-77d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uIWBIA6YAMAr1nxJbZOBvbj61B55fRUFIu7pcC0SHjr8Lm2rR5%2BmW%2FO0%2BuMKB5eEOkeCS%2FLWPpro0wBFPYB59m43d2Aul71vzym8sTMPMXNYmnMqhIF3AGaComyRMJANqYZYdd5Uyck9lTJRLg5mCgufK0c%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb417a8ea6b4244-EWR
expires
Tue, 01 Oct 2024 00:07:24 GMT
date
Mon, 30 Sep 2024 12:07:24 GMT
content-type
application/javascript
last-modified
Mon, 30 Sep 2024 03:49:37 GMT
vary
Accept-Encoding
server
cloudflare
pub-1697647680804716
fundingchoicesmessages.google.com/b/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/b/pub-1697647680804716
Requested by
Host: blowinthewind.com
URL: https://blowinthewind.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c22ece9b9dbc4ea5563058fa978371b66558ac2473e417133d79796fa834ca95
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vWb6XPe-t61EcN18CwEG_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blowinthewind.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 12:07:24 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII1pBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B-IlERdZDyReZDVUuMRqD8SORZdYPYFYtecSqzEQ3193ifU5EO_9eIn1KBAvvX-ZdS0QF0lcYW0AYiEejj8rXm1nE_gxvf8do5JGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGJgaWRmZ6BaXyBAQAi-kog"
content-security-policy
script-src 'report-sample' 'nonce-vWb6XPe-t61EcN18CwEG_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
gtm.js
www.googletagmanager.com/ 		186 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TKVTQB29
Requested by
Host: blowinthewind.com
URL: https://blowinthewind.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b2b8daa0c471d4e88653f7bc333c987a236d2b2f5891fefd5879af0a42a12162
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blowinthewind.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 30 Sep 2024 12:07:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 12:07:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
68723
x-xss-protection
0
server
Google Tag Manager
AGSKWxU5CFxGufegO-4nTHUEBmZKuJTV2gRdYkOnP6bUQZ7jkQG9SD_6nOIvPFM-fe_2b0w52SBdxS-KaJsXE1IwlzNOWQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU5CFxGufegO-4nTHUEBmZKuJTV2gRdYkOnP6bUQZ7jkQG9SD_6nOIvPFM-fe_2b0w52SBdxS-KaJsXE1IwlzNOWQ==
Requested by
Host: blowinthewind.com
URL: https://blowinthewind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c07::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eSEAWVihnvehQTayviy3dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blowinthewind.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 12:07:24 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmLw1ZBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiX3r_MuhaIhXg4_qx4tZ1N4MTlTZOYlVyS8gvjk_PzSlLzSnQTU4p1QeyizKTSkvwiFHZqGUhFTn56emZeeryRgZGJgaWRmZ6BeXyBAQCqfjN0"
content-security-policy
script-src 'report-sample' 'nonce-eSEAWVihnvehQTayviy3dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://blowinthewind.com
content-length
0
x-xss-protection
0
server
ESF
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409230101/ 		90 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409230101/slotcar_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1697647680804716
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c98ca5bde6f0d74e5bb260da190b429c51a056b3e9a2fa671a90e956db12ac8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blowinthewind.com/

Response headers

content-encoding
br
etag
2882380270028207977
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 30 Sep 2024 12:07:24 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-length
32079
x-xss-protection
0
server
cafe
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409230101/ 		409 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409230101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1697647680804716
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c76faddd13e0d946b9b0a6c93657fdd4d21518b30f22fbb1a25cf304d8b14971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blowinthewind.com/

Response headers

content-encoding
br
etag
3801393234934599253
x-content-type-options
nosniff
expires
Mon, 30 Sep 2024 12:07:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 30 Sep 2024 12:07:24 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
140482
x-xss-protection
0
server
cafe
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-C34PKPGCGY&gtm=45je49p0v9122667613za200&_p=1727698044287&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101747727&cid=1902076444.1727698045&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1727698044&sct=1&seg=0&dl=https%3A%2F%2Fblowinthewind.com%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=907
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C34PKPGCGY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blowinthewind.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://blowinthewind.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 12:07:24 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
555 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-C34PKPGCGY&cid=1902076444.1727698045&gtm=45je49p0v9122667613za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101747727
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C34PKPGCGY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blowinthewind.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://blowinthewind.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 12:07:24 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 4BD9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-C34PKPGCGY&gacid=1902076444.1727698045&gtm=45je49p0v9122667613za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101747727&z=492029079
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C34PKPGCGY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::9d Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blowinthewind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Sep 2024 12:07:24 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
fontawesome-webfont.woff2
www.blowinthewind.com/font/ 		0
0
34097bf30a1a41f500.jpg
www.blowinthewind.com/processed_images/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blowinthewind.com/processed_images/34097bf30a1a41f500.jpg
Requested by
Host: blowinthewind.com
URL: https://blowinthewind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:29a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d98b2c91cfc00c1d5211240af0a31640b5c423dbce79f35740a18cfd38f9485

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blowinthewind.com/

Response headers

cf-cache-status
MISS
etag
"66fa207b-6111"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f4%2F32Ptby3HVCEma1UCrDPxXv14Oo11oMh6dMUK5oKQgLh%2BorKtAa3HSmq51RLT3NdoyQD0Nipirm9WiGs6N7eGMmaCBSMGfW7%2BFlXxRmiMb7eM%2Bq2lm2r%2F7KVhQNNtqxq6YdAwT3OrmxIbXK69R1eVCLBU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Wed, 30 Oct 2024 12:07:25 GMT
date
Mon, 30 Sep 2024 12:07:26 GMT
content-type
image/jpeg
last-modified
Mon, 30 Sep 2024 03:52:27 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cb417ac3d814244-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
24849
server
cloudflare
85b91b76e4610e0c00.jpg
www.blowinthewind.com/processed_images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blowinthewind.com/processed_images/85b91b76e4610e0c00.jpg
Requested by
Host: blowinthewind.com
URL: https://blowinthewind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:29a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52817ae7893ae483775eb466ab4d2c52394ce3c489b4fe8fcbd80d8d1b9ef935

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blowinthewind.com/

Response headers

cf-cache-status
MISS
etag
"66fa2075-8503"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7yTX28e5fYNTwEy4DHclLPPWES%2B26rXaaCazIfRJ1nT1utcTZ61igh72miDvujqzUvzDY6BGeATRuFNuGgA6%2BVZ3u1OXmEweNiyLX0HyF%2BuQjmeU67zRZ3SA4i5PxdxDx6FlpDfjMroz%2F3ij6F7FrLPVfek%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Wed, 30 Oct 2024 12:07:25 GMT
date
Mon, 30 Sep 2024 12:07:26 GMT
content-type
image/jpeg
last-modified
Mon, 30 Sep 2024 03:52:21 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cb417ac3d864244-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
34051
server
cloudflare
fab24e4d066e3bc600.jpg
www.blowinthewind.com/processed_images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blowinthewind.com/processed_images/fab24e4d066e3bc600.jpg
Requested by
Host: blowinthewind.com
URL: https://blowinthewind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:29a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c33753453b35a1d78fea2e7f7dc3a452eeaffbbe5295c80d775b5bd57eeffdf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blowinthewind.com/

Response headers

cf-cache-status
MISS
etag
"66fa206d-3afe"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gx%2FEEFYQWGv%2BbKYNsUmvolCY%2BVa%2FynAGWUv3GbxVu1ZQObyB61nS0frZY2p4s%2BIYsYvp9PoRIv4ZIYXrJ6pHIVlVNmOFGYsOlBwK68zXXrlIcv5xBukS5v5X7XYRi1oWeVp4hjGuIvVHRAJHZExIUaoF3zU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Wed, 30 Oct 2024 12:07:25 GMT
date
Mon, 30 Sep 2024 12:07:26 GMT
content-type
image/jpeg
last-modified
Mon, 30 Sep 2024 03:52:13 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cb417ac3d8a4244-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
15102
server
cloudflare
0115c151d7fc8fc000.jpg
www.blowinthewind.com/processed_images/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blowinthewind.com/processed_images/0115c151d7fc8fc000.jpg
Requested by
Host: blowinthewind.com
URL: https://blowinthewind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:29a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b50934c489f6dd29814fb6b53e350643bce9baafdb2e1b0941c056af369a3169

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blowinthewind.com/

Response headers

cf-cache-status
MISS
etag
"66fa2076-71b7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bh9YTv10Fv%2BZXZZyHE9w5PfilC6We2sjhJD9Qj9KRB8RfyIjDnJHlp%2BHCuSXN53GN%2FzAlAzqMQBHKFq54enyiJEkWqkqC9URQCulfjD1Eq02IiysnzRpj86JGHUSB%2B26r%2BZ8jQxLXrOFDHeBbXfZzlJ5CG4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Wed, 30 Oct 2024 12:07:25 GMT
date
Mon, 30 Sep 2024 12:07:26 GMT
content-type
image/jpeg
last-modified
Mon, 30 Sep 2024 03:52:22 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cb417ac3d8b4244-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
29111
server
cloudflare
aaccd348f63c43fe00.jpg
www.blowinthewind.com/processed_images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blowinthewind.com/processed_images/aaccd348f63c43fe00.jpg
Requested by
Host: blowinthewind.com
URL: https://blowinthewind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:29a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35dbcac1b9837afc9de1af579c8c9c5221937f79901ddf1276c12198c2350790

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blowinthewind.com/

Response headers

cf-cache-status
MISS
etag
"66fa206f-527f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xsLisb46cmZXHMUSTJSn2f3aJSMA8OVC6aBIClmqXgOI0Ig72qDpy5Ynuu5e3p4WpmHaUq5ibiQ4RYoMDfLFS8YzxaBnxk%2BvrgK3Ma4FdKYYYDUzwEqHm04iullD42fwspXTahfCEDHoeo8fwpxvFzgyqZw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Wed, 30 Oct 2024 12:07:25 GMT
date
Mon, 30 Sep 2024 12:07:27 GMT
content-type
image/jpeg
last-modified
Mon, 30 Sep 2024 03:52:15 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cb417ac3d8d4244-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
21119
server
cloudflare
da6bc0972fb55f5000.jpg
www.blowinthewind.com/processed_images/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blowinthewind.com/processed_images/da6bc0972fb55f5000.jpg
Requested by
Host: blowinthewind.com
URL: https://blowinthewind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:29a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5a3cc416ed4b627f99b342fdd7cd3fb65dc48e6e2e3bfc41918db2923f1cd5b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blowinthewind.com/

Response headers

cf-cache-status
MISS
etag
"66fa2074-6b36"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m%2BmetEzoCHPhJ%2BJMIMtWXpG0vlz32DeWa4mKz94AJwVp9U7sAwGrwOsj1%2FyqkHw%2FcY3nLxIlA0ffDTXJGXKaQfBvXNLl70Z5NJ2aoFtleIKoZxiPYH2YiJj%2FlKRVEgs%2Bl3d%2FEf1ovgIktuH7m2CJZZ9j2u0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Wed, 30 Oct 2024 12:07:25 GMT
date
Mon, 30 Sep 2024 12:07:27 GMT
content-type
image/jpeg
last-modified
Mon, 30 Sep 2024 03:52:20 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cb417ac3d904244-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
27446
server
cloudflare
dbef4af0e659490000.jpg
www.blowinthewind.com/processed_images/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blowinthewind.com/processed_images/dbef4af0e659490000.jpg
Requested by
Host: blowinthewind.com
URL: https://blowinthewind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:29a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6066b7797bd7d3640bc9484fa9bca534b3b25715a9fedb088161ece63af5de93

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blowinthewind.com/

Response headers

cf-cache-status
MISS
etag
"66fa207c-7909"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C3rca%2FAhUW4CbAgpifoXMb3rRNUKVdCPL6VVNagYNmCrX5D5cRmxsaD7Rnicx4w9hD57tOsPVy6VZU3cBADb7VZtceWCWdT2ghFafF6VE4JbAUTdPNNKV0S8B3u0fvx4gukfYE8yhmIruyy7kxIoYm9rkXQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Wed, 30 Oct 2024 12:07:25 GMT
date
Mon, 30 Sep 2024 12:07:27 GMT
content-type
image/jpeg
last-modified
Mon, 30 Sep 2024 03:52:28 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cb417ac3d924244-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
30985
server
cloudflare
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1697647680804716
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://blowinthewind.com/

Response headers
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240925/r20190131/ Frame 96D1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240925/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409230101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c1d::9a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blowinthewind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
2411
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Sep 2024 11:27:14 GMT
etag
13108003645644964576
expires
Mon, 14 Oct 2024 11:27:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 009E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1697647680804716&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1727692477&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fblowinthewind.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiapm=0.46927&aiapmi=0.48129&aiombap=1&aipecl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727698044576&bpp=7&bdt=353&idt=314&shv=r20240925&mjsv=m202409230101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=8101157633529&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95339782%2C31087428%2C31087430%2C31087435%2C95338229%2C95342016%2C95343328&oid=2&pvsid=4008799761622204&tmod=499044243&uas=0&nvt=1&fsapi=1&fc=1920&brdim=350%2C350%2C350%2C350%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=348
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409230101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c1d::9a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blowinthewind.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Sep 2024 12:07:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
fontawesome-webfont.woff
www.blowinthewind.com/font/ 		0
0
fontawesome-webfont.ttf
www.blowinthewind.com/font/ 		0
0
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240925&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409230101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac994c131888393ecedb7622b50f6a63a17cf97262afdfa852208c68ef3d658b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blowinthewind.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12890
date
Mon, 30 Sep 2024 12:07:30 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
favicon.ico
blowinthewind.com/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://blowinthewind.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:29a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03124669d8264238b2b0e0402bfb5e9f994507a4e428ec8b7022fca7073675

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blowinthewind.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"66fa1fd1-f91"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ltXUBRbigpG9at48DoS9tZzqoqMAG3NRd7iqA7F0WzFmk31PWZnJH3ugHK%2BfJWigc1gdq3VdYgkmLvopFMnaMaY8iywMm%2FVA8ljWGKjXgvylmmWazuldkrKwpJvu%2B2m%2Fgsums5%2BYk0OXSDgfscM2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb417cd5cf64244-EWR
alt-svc
h3=":443"; ma=86400
date
Mon, 30 Sep 2024 12:07:30 GMT
content-type
image/x-icon
last-modified
Mon, 30 Sep 2024 03:49:37 GMT
vary
Accept-Encoding
server
cloudflare
sodar2.js
tpc.googlesyndication.com/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409230101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0b::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blowinthewind.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Mon, 30 Sep 2024 12:07:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 12:07:30 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame 545A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0b::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blowinthewind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
469017
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Sep 2024 01:50:33 GMT
expires
Thu, 25 Sep 2025 01:50:33 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D65F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c01::68 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-g8Q0JUdST69eHa4P05mDVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blowinthewind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-g8Q0JUdST69eHa4P05mDVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Sep 2024 12:07:30 GMT
expires
Mon, 30 Sep 2024 12:07:30 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.blowinthewind.com
URL
https://www.blowinthewind.com/font/fontawesome-webfont.woff2
Domain
www.blowinthewind.com
URL
https://www.blowinthewind.com/font/fontawesome-webfont.woff
Domain
www.blowinthewind.com
URL
https://www.blowinthewind.com/font/fontawesome-webfont.ttf
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20240925&jk=4008799761622204&bg=!hIelh8jNAAbzZSz302U7ADQBe5WfOKpcWA7KO6Ak2HR1KY9vQyQKsD__KDGeuUC_9ku-EUsald5xc_LXTxNQmGQM0DyEAgAAAF9SAAAAA2gBB34ANta5JW9ut7KTH30eVBvWWNxG8iohRJD_NByMH097wA0TQFOB12GuhGQBSAz04OLRc7RvHB2bO5kCqktHLfSgidd0oRd6myAJoU12LSWxrO4ZzzPi2mFsf8MtwU9KPsGcgJHj_e2FtPDWq8ODCTcdedan4ltNghTpsLzZptkHqQr7ZzNCcd6_rgri4mKhrpY-FLfzD1KkDlFbtdggjg4Q1snIH5Yh1qFU69L27A93GlrWGe3xj_0sI0uiB1u6D6KcxSFEUbVc2wBKV2eYaStSUqB0n00bEw-GArV-3qtD0CdiRz0U9oMTbncQkMqUpYakJn4fOe8LrF1iICdYOX_kEw1NmQrDSk5IazeRbozlAPexzL0X-khLooan3NzZEYPm2xC18-e8ckWtc87-OHOAjwY4Av3n2F2D5M0iYG3-8olQO6Lvt6FHrZwtpbWj_36UmxRDFkH7aJWqXahodCMwDwgeR2-bVaXt5-OiRV1U8LI_gcQcwhkkmGp0kGkmAhwNidNMpe53dLNx1LG6C5kjKDjP67fHLO4xcKjy7pBJqrT8wVxy06vOji0_A3Gn-TSWt7opgG_4N5yxLjaVcXi86ppNmaHdSmTevpyeaRRpr0gC9U0Cs9F7nwfkf-6AFeY-lP7QjalelW-fH3rJHzOcuArRwpTZpNyPGCGqOUaG7sF4P5e_K6JXuOj3EiGeVS0rRWFM5LGyCAF8S1RVGAscNgSAJdoR7Vj3UFaHrdlMo7gj3ikTztnaPAHQ0j6DK_I1LbczIYkkh9DF5JO69_IO1XmMJN2OD-l0ZHATgEJ5G2itbrjoO0QNy2dGSkQt4JsXsTZZK_4Risf6T0rj5NonAk8abgTYanE75Srfg7vzEYvOchEnsFLVXV0wBE-Zw21vDBN2GF4SLJXUfceZ-YYVMFv0Ex1qa5XXOiDWT6P-xqDHzeLe9hyrcqgWIKuPBe2dRKQneDh_RA0zQxQ2mGt75K3RipI

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| pg function| __h82AlnkH6D91__ object| dataLayer function| gtag function| __an6na521li18__ string| bG9hZGVyX2pz string| Y2FjaGVkX2pz object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady function| __p4qa8r1lb17__ string| cHViLTE2OTc2NDc2ODA4MDQ3MTY= object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_llp object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| google_tag_manager string| google_user_agent_client_hint object| googletag function| onYouTubeIframeAPIReady object| gaGlobal function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator function| init function| formSubmit function| startAdListen object| ad_listen_init object| targetDivs function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms

3 Cookies

Domain/Path Name / Value
.blowinthewind.com/ Name: _ga_C34PKPGCGY
Value: GS1.1.1727698044.1.0.1727698044.60.0.0
.blowinthewind.com/ Name: _ga
Value: GA1.1.1902076444.1727698045
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

6 Console Messages

Source Level URL
Text
javascript error URL: https://blowinthewind.com/
Message:
Access to font at 'https://www.blowinthewind.com/font/fontawesome-webfont.woff2' from origin 'https://blowinthewind.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.blowinthewind.com/font/fontawesome-webfont.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://blowinthewind.com/
Message:
Access to font at 'https://www.blowinthewind.com/font/fontawesome-webfont.woff' from origin 'https://blowinthewind.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.blowinthewind.com/font/fontawesome-webfont.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://blowinthewind.com/
Message:
Access to font at 'https://www.blowinthewind.com/font/fontawesome-webfont.ttf' from origin 'https://blowinthewind.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.blowinthewind.com/font/fontawesome-webfont.ttf
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
blowinthewind.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
stats.g.doubleclick.net
td.doubleclick.net
tpc.googlesyndication.com
www.blowinthewind.com
www.google.com
www.googletagmanager.com
pagead2.googlesyndication.com
www.blowinthewind.com
2001:4860:4802:34::181
2606:4700:3035::6815:29a
2607:f8b0:4004:c08::9a
2607:f8b0:4004:c0b::9b
2607:f8b0:400d:c01::68
2607:f8b0:400d:c04::61
2607:f8b0:400d:c07::71
2607:f8b0:400d:c0b::84
2607:f8b0:400d:c0d::9d
2607:f8b0:400d:c1d::9a
086910a7675ba0fea333005645f0e1f20d1683862e8e0d99a4c33d2a195f1c75
0d98b2c91cfc00c1d5211240af0a31640b5c423dbce79f35740a18cfd38f9485
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
22c8110fe4da2a356c3e2c3d1d4c957a70fa484c1044413b59814aeea2561d4a
310db8b3316c5323060c928a1515ffedbbd1ef9a57671578534bda01fa2fffb6
35dbcac1b9837afc9de1af579c8c9c5221937f79901ddf1276c12198c2350790
3830ac8ac11e9c5f6af63f051f7d017ada452a97a70d2b14123e5496e326a95f
470a9fd16b853a04c07b48b0c321606d7de74e7e270032ea7971a35bf0f340d8
52817ae7893ae483775eb466ab4d2c52394ce3c489b4fe8fcbd80d8d1b9ef935
6066b7797bd7d3640bc9484fa9bca534b3b25715a9fedb088161ece63af5de93
697083d30d643c79460439981de4c37eba24045c71eca27e973a50f76fefa921
6c33753453b35a1d78fea2e7f7dc3a452eeaffbbe5295c80d775b5bd57eeffdf
84b0fb0efcff1c6685a952a2ce350cac267e2950859f0fe394c0d76bc0a3e47f
85012857584f0c58a9f18c758ba46d47846d090a526aabbc77c7f1cb51c108e4
a5177aaf1f4054939ca96f48b3ea7cc403511b4c24bf996a1530266a4ce3c677
a5a3cc416ed4b627f99b342fdd7cd3fb65dc48e6e2e3bfc41918db2923f1cd5b
aa03124669d8264238b2b0e0402bfb5e9f994507a4e428ec8b7022fca7073675
ac994c131888393ecedb7622b50f6a63a17cf97262afdfa852208c68ef3d658b
ad0aaa1c654fbd2a453236dbf7cf3e3c3ae60156cdda3fd0a16a685d4a639713
b2b8daa0c471d4e88653f7bc333c987a236d2b2f5891fefd5879af0a42a12162
b50934c489f6dd29814fb6b53e350643bce9baafdb2e1b0941c056af369a3169
c22ece9b9dbc4ea5563058fa978371b66558ac2473e417133d79796fa834ca95
c76faddd13e0d946b9b0a6c93657fdd4d21518b30f22fbb1a25cf304d8b14971
c98ca5bde6f0d74e5bb260da190b429c51a056b3e9a2fa671a90e956db12ac8a
cc3fbec495efa1b4c1ed2d87116f7af03a8f6914097b7686d4a5bdf417dde625
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99