URL: http://sandefur.us/
Submission: On May 23 via manual from US

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 69 HTTP transactions. The main IP is 104.27.175.219, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is sandefur.us.
This is the only time sandefur.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 104.27.175.219 13335 (CLOUDFLAR...)
24 104.27.174.219 13335 (CLOUDFLAR...)
1 172.217.22.106 15169 (GOOGLE)
10 216.58.208.34 15169 (GOOGLE)
4 172.217.22.99 15169 (GOOGLE)
2 46.105.201.240 16276 (OVH)
2 216.58.206.2 15169 (GOOGLE)
1 208.43.241.178 36351 (SOFTLAYER)
1 69.4.231.31 36351 (SOFTLAYER)
1 107.182.233.217 29854 (WESTHOST)
69 11
Domain Requested by
47 sandefur.us sandefur.us
6 pagead2.googlesyndication.com sandefur.us
pagead2.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 fonts.gstatic.com sandefur.us
2 s10.histats.com sandefur.us
s10.histats.com
1 t.dtscout.com e.dtscout.com
1 e.dtscout.com s4.histats.com
1 s4.histats.com s10.histats.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 fonts.googleapis.com sandefur.us
69 11

This site contains links to these domains. Also see Links.

Domain
www.histats.com
mythemeshop.com
Subject Issuer Validity Valid
*.g.doubleclick.net
Google Internet Authority G3
2018-04-17 -
2018-07-10
3 months crt.sh

This page contains 9 frames:

Primary Page: http://sandefur.us/
Frame ID: 0D59B3A7C60C26F7734E2C18813F83C4
Requests: 62 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20180521/r20180518/zrt_lookup.html
Frame ID: 4479B868210F18ED8FEEE37DA2364FA9
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180521/r20180518/show_ads_impl.js
Frame ID: E7FAFBC95B76CFCA1D148563F14DE0BC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5831208074616821&output=html&adk=1812271804&adf=3025194257&lmt=1527101444&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C26%3A32768%2C30%3A1081344&guci=1.2.0.0.2.2&format=0x0&url=http%3A%2F%2Fsandefur.us%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1527101444684&bpp=10&bdt=269&fdt=13&idt=128&shv=r20180521&cbv=r20180518&saldr=aa&abxe=1&correlator=408063396858&frm=20&ga_vid=516979726.1527101445&ga_sid=1527101445&ga_hid=1994444707&ga_fc=0&pv=2&iag=0&icsg=201296572&dssz=20&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21061122&oid=3&rx=0&eae=2&fc=784&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cnr%7C&abl=CS&ppjl=u&fu=16&bc=7&ifi=0&dtd=145
Frame ID: ED0C8A148402CF3EE01634EB851E32AE
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180521/r20180518/show_ads_impl.js
Frame ID: 1D173738A3A6D3F6CA97AE109248C3FE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5831208074616821&output=html&h=600&slotname=1965826557&adk=4190206193&adf=3839979314&w=300&fwrn=4&fwrnh=100&lmt=1527101444&rafmt=1&guci=1.2.0.0.2.2&format=300x600&url=http%3A%2F%2Fsandefur.us%2F&flash=0&fwr=0&rh=0&rw=299.828&resp_fmts=4&wgl=1&adsid=NT&dt=1527101444697&bpp=22&bdt=283&fdt=142&idt=144&shv=r20180521&cbv=r20180518&saldr=aa&abxe=1&prev_fmts=0x0&correlator=408063396858&frm=20&ga_vid=516979726.1527101445&ga_sid=1527101445&ga_hid=1994444707&ga_fc=0&pv=1&iag=0&icsg=738167484&dssz=21&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=334&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21061122&oid=3&rx=0&eae=0&fc=784&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&xpc=Ra6bHmF0Sp&p=http%3A//sandefur.us&dtd=151
Frame ID: 6DC4250461B87975CDC3660AC300F0BF
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180521/r20180518/show_ads_impl.js
Frame ID: 7EC578112E01D5071AFA4209D1E10503
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5831208074616821&output=html&h=600&adk=993631037&adf=4039692676&w=300&fwrn=4&fwrnh=100&lmt=1527101444&rafmt=1&to=qs&pwprc=2038695137&guci=1.2.0.0.2.2&format=300x600&url=http%3A%2F%2Fsandefur.us%2F&flash=0&fwr=0&rh=0&rw=299.828&resp_fmts=4&wgl=1&adsid=NT&dt=1527101444935&bpp=3&bdt=520&fdt=4&idt=5&shv=r20180521&cbv=r20180518&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&correlator=408063396858&frm=20&ga_vid=516979726.1527101445&ga_sid=1527101445&ga_hid=1994444707&ga_fc=0&pv=1&iag=0&icsg=738167484&dssz=21&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=1379&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21061122&oid=3&rx=0&eae=0&fc=784&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=2&xpc=gIXwTZdfTl&p=http%3A//sandefur.us&dtd=10
Frame ID: 15E41C88B0FDC2A3CEC96529F28506BB
Requests: 1 HTTP requests in this frame

Frame: http://t.dtscout.com/idg/
Frame ID: 0D23BE78B769789361E5E9405A200D4B
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
  • meta generator /WordPress( [\d.]+)?/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
  • meta generator /WordPress( [\d.]+)?/i

Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast/i

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i

Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • env /^List$/i

Overall confidence: 100%
Detected patterns
  • env /^twemoji$/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

69
Requests

6 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

11
IPs

2
Countries

9229 kB
Transfer

10144 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

69 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
sandefur.us/
57 KB
11 KB
Document
General
Full URL
http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.175.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f20d4a0e7f581fd0d5fec3ae7bb0d43d900f6761de2a6afb840aac24b74f1295
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
sandefur.us
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
0D59B3A7C60C26F7734E2C18813F83C4

Response headers

Date
Wed, 23 May 2018 18:50:44 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d4a11d0db816e62f54f1b1e5f4ab6d8dd1527101443; expires=Thu, 23-May-19 18:50:43 GMT; path=/; domain=.sandefur.us; HttpOnly
Vary
Accept-Encoding
Link
<http://sandefur.us/wp-json/>; rel="https://api.w.org/"
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Server
cloudflare
CF-RAY
41f9b5b2e1cb97e6-FRA
Content-Encoding
gzip
styles.css
sandefur.us/wp-content/plugins/contact-form-7/includes/css/
2 KB
1 KB
Stylesheet
General
Full URL
http://sandefur.us/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.1
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.175.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e36067ffbde51faec89f96ebe1fd08513be4a97d109cc8130dcdc9cf3f4590d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://sandefur.us/
Cookie
__cfduid=d4a11d0db816e62f54f1b1e5f4ab6d8dd1527101443
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:44 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Thu, 08 Mar 2018 02:25:05 GMT
Server
cloudflare
ETag
W/"5aa09f01-693"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
41f9b5bba6e097e6-FRA
Expires
Fri, 22 Jun 2018 18:50:44 GMT
style.css
sandefur.us/wp-content/themes/schema-lite/
49 KB
12 KB
Stylesheet
General
Full URL
http://sandefur.us/wp-content/themes/schema-lite/style.css?ver=4.9.5
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.174.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a15f7b1376076cb187acc74038ed90276d29c47908059471b225bf9175d6ff3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://sandefur.us/
Cookie
__cfduid=d4a11d0db816e62f54f1b1e5f4ab6d8dd1527101443
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:44 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 21 Feb 2018 10:41:42 GMT
Server
cloudflare
ETag
W/"5a8d4ce6-c57f"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
41f9b5bba3199720-FRA
Expires
Fri, 22 Jun 2018 18:50:44 GMT
css
fonts.googleapis.com/
1 KB
443 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab%3A300%2C400%7CRaleway%3A400%2C500%2C700&subset=latin-ext
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
SPDY
Server
172.217.22.106 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f106.1e100.net
Software
ESF /
Resource Hash
51a7ea31dd4530bbf4d4e4317b0b61ce85603ab4255644ab69b1a021a99854d4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Wed, 23 May 2018 18:50:44 GMT
content-encoding
gzip
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection
1; mode=block
expires
Wed, 23 May 2018 18:50:44 GMT
jquery.js
sandefur.us/wp-includes/js/jquery/
95 KB
34 KB
Script
General
Full URL
http://sandefur.us/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.174.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
http://sandefur.us/
Cookie
__cfduid=d4a11d0db816e62f54f1b1e5f4ab6d8dd1527101443
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:44 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Mon, 23 May 2016 09:00:29 GMT
Server
cloudflare
ETag
W/"5742c6ad-17ba0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
41f9b5bba4619712-FRA
Expires
Fri, 22 Jun 2018 18:50:44 GMT
jquery-migrate.min.js
sandefur.us/wp-includes/js/jquery/
10 KB
4 KB
Script
General
Full URL
http://sandefur.us/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.174.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
http://sandefur.us/
Cookie
__cfduid=d4a11d0db816e62f54f1b1e5f4ab6d8dd1527101443
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:44 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 20 May 2016 06:11:28 GMT
Server
cloudflare
ETag
W/"573eaa90-2748"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
41f9b5bba66297c8-FRA
Expires
Fri, 22 Jun 2018 18:50:44 GMT
customscripts.js
sandefur.us/wp-content/themes/schema-lite/js/
3 KB
1 KB
Script
General
Full URL
http://sandefur.us/wp-content/themes/schema-lite/js/customscripts.js?ver=4.9.5
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.175.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6856379ccc3fe72eac3b66760cad72f22a62b1ae190f6347303b088572fd6b51

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
http://sandefur.us/
Cookie
__cfduid=d4a11d0db816e62f54f1b1e5f4ab6d8dd1527101443
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:44 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 21 Feb 2018 10:41:42 GMT
Server
cloudflare
ETag
W/"5a8d4ce6-cb0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
41f9b5bba3ac26ea-FRA
Expires
Fri, 22 Jun 2018 18:50:44 GMT
list.min.js
sandefur.us/wp-content/themes/schema-lite/js/
18 KB
6 KB
Script
General
Full URL
http://sandefur.us/wp-content/themes/schema-lite/js/list.min.js?ver=4.9.5
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.175.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
62a388a7833280dc7dfe5716af9969711f3c2a2fcc34c5af249907d1e2be7c73

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
http://sandefur.us/
Cookie
__cfduid=d4a11d0db816e62f54f1b1e5f4ab6d8dd1527101443
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:44 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 21 Feb 2018 10:41:42 GMT
Server
cloudflare
ETag
W/"5a8d4ce6-46b5"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
41f9b5bba6e797e6-FRA
Expires
Fri, 22 Jun 2018 18:50:44 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
73 KB
27 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
cafe /
Resource Hash
5067363d2f239dad07de1275b5636c0b33b595f586284fd55cd9b976be9cf4db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Wed, 23 May 2018 18:50:44 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
3608516497836850263
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
27479
X-XSS-Protection
1; mode=block
Expires
Wed, 23 May 2018 18:50:44 GMT
1519538700-Chocolate20and20Honey20Brown20Bob.jpg
sandefur.us/wp-content/uploads/2018/02/
265 KB
265 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519538700-Chocolate20and20Honey20Brown20Bob.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.175.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
58ba26992db7168e4bb2e589b1eace645e912b712d7fdc9037349ce91b234dae

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
__cfduid=d4a11d0db816e62f54f1b1e5f4ab6d8dd1527101443
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:45 GMT
CF-Cache-Status
MISS
Last-Modified
Sun, 25 Feb 2018 06:05:02 GMT
Server
cloudflare
ETag
"5a92520e-4235d"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5bc33cd26ea-FRA
Content-Length
271197
Expires
Fri, 22 Jun 2018 18:50:44 GMT
1519538691-Textured20Brown20Ombre20Hair.jpg
sandefur.us/wp-content/uploads/2018/02/
186 KB
186 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519538691-Textured20Brown20Ombre20Hair.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.174.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
88dddd50fe157cc0832d8d0a36b52d1ea07fd02b2b72371a6eba83574584b023

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
__cfduid=d4a11d0db816e62f54f1b1e5f4ab6d8dd1527101443
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:44 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 25 Feb 2018 06:04:53 GMT
Server
cloudflare
ETag
"5a925205-2e60a"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5bc349d9712-FRA
Content-Length
189962
Expires
Fri, 22 Jun 2018 18:50:44 GMT
1519538654-5570bee747fb88d7663dca8837b7e1c7.jpg
sandefur.us/wp-content/uploads/2018/02/
221 KB
222 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519538654-5570bee747fb88d7663dca8837b7e1c7.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.174.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c1aa93b1bc8d604237713ea9c65e6de352ba01b4d053fea706eab07113a2aba

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
__cfduid=d4a11d0db816e62f54f1b1e5f4ab6d8dd1527101443
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:46 GMT
CF-Cache-Status
MISS
Last-Modified
Sun, 25 Feb 2018 06:04:14 GMT
Server
cloudflare
ETag
"5a9251de-375c4"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5bc33539720-FRA
Content-Length
226756
Expires
Fri, 22 Jun 2018 18:50:45 GMT
1519538672-organic-hair-dye.jpg
sandefur.us/wp-content/uploads/2018/02/
460 KB
460 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519538672-organic-hair-dye.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.174.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c26149cdd52705382cd15273feb70f7a33e7919010273e129bdee3301b742222

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
__cfduid=d4a11d0db816e62f54f1b1e5f4ab6d8dd1527101443
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:44 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 25 Feb 2018 06:04:34 GMT
Server
cloudflare
ETag
"5a9251f2-72f10"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5bc36af97c8-FRA
Content-Length
470800
Expires
Fri, 22 Jun 2018 18:50:44 GMT
1519538660-6b7d52e6-186d-41bc-b7c5-c4203f8ea2cf_2.c4879f0820d81f0d74af5cde73899daf.jpeg
sandefur.us/wp-content/uploads/2018/02/
783 KB
784 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519538660-6b7d52e6-186d-41bc-b7c5-c4203f8ea2cf_2.c4879f0820d81f0d74af5cde73899daf.jpeg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.175.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cc6d007075e70fa0e0a8944a0c195985fc7d0a35554ae3b23fc5dd1f84f75ff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
__cfduid=d4a11d0db816e62f54f1b1e5f4ab6d8dd1527101443
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:45 GMT
CF-Cache-Status
MISS
Last-Modified
Sun, 25 Feb 2018 06:04:27 GMT
Server
cloudflare
ETag
"5a9251eb-c3d1c"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5bc373597e6-FRA
Content-Length
802076
Expires
Fri, 22 Jun 2018 18:50:45 GMT
1519539800-Short-soft-wavy-bob-haircut-for-girls.jpg
sandefur.us/wp-content/uploads/2018/02/
187 KB
188 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519539800-Short-soft-wavy-bob-haircut-for-girls.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.175.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9cd9bd5161687518818a383f1269d7a3214a28b91c1baf0eebafeee7c04f3a6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
__cfduid=d4a11d0db816e62f54f1b1e5f4ab6d8dd1527101443
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:44 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 25 Feb 2018 06:23:20 GMT
Server
cloudflare
ETag
"5a925658-2ecd3"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5bc373b97e6-FRA
Content-Length
191699
Expires
Fri, 22 Jun 2018 18:50:44 GMT
Cookie set 1519539753-long-new-hair-cut-pinterest-s-cuts-long-naturally-curly-angled-bob-new-hair-cut-pinterest-s-and-cuts-redhead-short-red.jpg
sandefur.us/wp-content/uploads/2018/02/
239 KB
239 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519539753-long-new-hair-cut-pinterest-s-cuts-long-naturally-curly-angled-bob-new-hair-cut-pinterest-s-and-cuts-redhead-short-red.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.175.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e44f67b180472b497c8de7d22638ee88cf3af042e33c1add1589104a6f5a4a96

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:46 GMT
CF-Cache-Status
MISS
Last-Modified
Sun, 25 Feb 2018 06:22:34 GMT
Server
cloudflare
ETag
"5a92562a-3bacc"
Vary
Accept-Encoding
Content-Type
image/jpeg
Set-Cookie
__cfduid=d30dd47c61021b063b4552e2f78be5d7c1527101444; expires=Thu, 23-May-19 18:50:44 GMT; path=/; domain=.sandefur.us; HttpOnly
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5bcb77b97e6-FRA
Content-Length
244428
Expires
Fri, 22 Jun 2018 18:50:45 GMT
Cookie set 1519539737-maxresdefault.jpg
sandefur.us/wp-content/uploads/2018/02/
233 KB
234 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519539737-maxresdefault.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.174.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
222412977d7bc9120b1e08965ba9c3185bc7521521025cee69d240320262785e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:46 GMT
CF-Cache-Status
MISS
Last-Modified
Sun, 25 Feb 2018 06:22:17 GMT
Server
cloudflare
ETag
"5a925619-3a479"
Vary
Accept-Encoding
Content-Type
image/jpeg
Set-Cookie
__cfduid=d87fb84fbf74581a100232be85daca1601527101444; expires=Thu, 23-May-19 18:50:44 GMT; path=/; domain=.sandefur.us; HttpOnly
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5bd073197c8-FRA
Content-Length
238713
Expires
Fri, 22 Jun 2018 18:50:45 GMT
Cookie set 1519539742-lob-short-natural-curls-with-hair-shoulder-length-curly-angled-bob-balayage-highlight-on-lob-short-natural-curls-with-hairstyles-medium-hairstyles.jpg
sandefur.us/wp-content/uploads/2018/02/
331 KB
331 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519539742-lob-short-natural-curls-with-hair-shoulder-length-curly-angled-bob-balayage-highlight-on-lob-short-natural-curls-with-hairstyles-medium-hairstyles.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.175.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8879a36c269ad5a0b58f817ee19bce0175fcd4e8b17b105e1d1ce5cab4862c5b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
HstCfa4016989=1527101444774; HstCla4016989=1527101444774; HstCmu4016989=1527101444774; HstPn4016989=1; HstPt4016989=1; HstCnv4016989=1; HstCns4016989=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:45 GMT
CF-Cache-Status
MISS
Last-Modified
Sun, 25 Feb 2018 06:22:23 GMT
Server
cloudflare
ETag
"5a92561f-52a0e"
Vary
Accept-Encoding
Content-Type
image/jpeg
Set-Cookie
__cfduid=d5fc23b2718b5a9195eb405d7a98f8ffc1527101445; expires=Thu, 23-May-19 18:50:45 GMT; path=/; domain=.sandefur.us; HttpOnly
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5c0f53626ea-FRA
Content-Length
338446
Expires
Fri, 22 Jun 2018 18:50:45 GMT
1519539730-b2612340d47991480cef8543b6fd6f5a.jpg
sandefur.us/wp-content/uploads/2018/02/
173 KB
174 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519539730-b2612340d47991480cef8543b6fd6f5a.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.175.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e1d679ce92eb61b08a32b42113b6edd56e67600237be25fa49b667cb67bce2e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
HstCfa4016989=1527101444774; HstCla4016989=1527101444774; HstCmu4016989=1527101444774; HstPn4016989=1; HstPt4016989=1; HstCnv4016989=1; HstCns4016989=1; __cfduid=d30dd47c61021b063b4552e2f78be5d7c1527101444
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:46 GMT
CF-Cache-Status
MISS
Last-Modified
Sun, 25 Feb 2018 06:22:10 GMT
Server
cloudflare
ETag
"5a925612-2b54f"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5c9f7b126ea-FRA
Content-Length
177487
Expires
Fri, 22 Jun 2018 18:50:46 GMT
1519552363-77ea9d542ec26ed8b24700ebc2ada593-short-wavy-hairstyles-hairstyles-.jpg
sandefur.us/wp-content/uploads/2018/02/
143 KB
143 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519552363-77ea9d542ec26ed8b24700ebc2ada593-short-wavy-hairstyles-hairstyles-.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.174.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eff2b4e9a1ce0665660281b8705e2ba1eb0516f8a0567b2e2902305ae2a90c0c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
HstCfa4016989=1527101444774; HstCla4016989=1527101444774; HstCmu4016989=1527101444774; HstPn4016989=1; HstPt4016989=1; HstCnv4016989=1; HstCns4016989=1; __cfduid=d30dd47c61021b063b4552e2f78be5d7c1527101444
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:47 GMT
CF-Cache-Status
MISS
Last-Modified
Sun, 25 Feb 2018 09:52:43 GMT
Server
cloudflare
ETag
"5a92876b-23bae"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5ca10da9720-FRA
Content-Length
146350
Expires
Fri, 22 Jun 2018 18:50:46 GMT
1519552319-best-25-curly-bob-bangs-ideas-only-on-pinterest-curly-bangs-in-milla-jovovich-short-hairstyle-sexy-curled-out-bob-cut.jpg
sandefur.us/wp-content/uploads/2018/02/
234 KB
234 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519552319-best-25-curly-bob-bangs-ideas-only-on-pinterest-curly-bangs-in-milla-jovovich-short-hairstyle-sexy-curled-out-bob-cut.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.174.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ca40cf3c3781547120d4a0e2da04ef4b227877ab3322eed8dc64aa47c55e8ed

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
HstCfa4016989=1527101444774; HstCla4016989=1527101444774; HstCmu4016989=1527101444774; HstPn4016989=1; HstPt4016989=1; HstCnv4016989=1; HstCns4016989=1; __cfduid=d30dd47c61021b063b4552e2f78be5d7c1527101444
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:47 GMT
CF-Cache-Status
MISS
Last-Modified
Sun, 25 Feb 2018 09:52:00 GMT
Server
cloudflare
ETag
"5a928740-3a777"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5ca25cc97c8-FRA
Content-Length
239479
Expires
Fri, 22 Jun 2018 18:50:46 GMT
1519552344-690909347c96096141ef27dbc3d01f36-curly-hair-bangs-curly-girl.jpg
sandefur.us/wp-content/uploads/2018/02/
185 KB
186 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519552344-690909347c96096141ef27dbc3d01f36-curly-hair-bangs-curly-girl.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.175.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
32dd60827f49bffd383454bcb7499bd979e5a74f9557a6722da4919cee7e9137

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
HstCfa4016989=1527101444774; HstCla4016989=1527101444774; HstCmu4016989=1527101444774; HstPn4016989=1; HstPt4016989=1; HstCnv4016989=1; HstCns4016989=1; __cfduid=d30dd47c61021b063b4552e2f78be5d7c1527101444
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:47 GMT
CF-Cache-Status
MISS
Last-Modified
Sun, 25 Feb 2018 09:52:24 GMT
Server
cloudflare
ETag
"5a928758-2e5fc"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5ca273e97e6-FRA
Content-Length
189948
Expires
Fri, 22 Jun 2018 18:50:47 GMT
1519552329-tc-short-curled-hair.jpg
sandefur.us/wp-content/uploads/2018/02/
222 KB
222 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519552329-tc-short-curled-hair.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.175.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc4df998ab3d7c6c311d0ed2936e45242bf86ce24668d8270c6d3c694672c1c7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
HstCfa4016989=1527101444774; HstCla4016989=1527101444774; HstCmu4016989=1527101444774; HstPn4016989=1; HstPt4016989=1; HstCnv4016989=1; HstCns4016989=1; __cfduid=d30dd47c61021b063b4552e2f78be5d7c1527101444
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:46 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 25 Feb 2018 09:52:10 GMT
Server
cloudflare
ETag
"5a92874a-376d4"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5ca474997e6-FRA
Content-Length
227028
Expires
Fri, 22 Jun 2018 18:50:46 GMT
1519552346-short-curly-bob-1000-images-about-curly-bobs-on-pinterest-curly-bob-hairstyles.jpg
sandefur.us/wp-content/uploads/2018/02/
169 KB
169 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519552346-short-curly-bob-1000-images-about-curly-bobs-on-pinterest-curly-bob-hairstyles.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.175.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
503da2508f12960a321d59b4ef474a7419750c4175bc149f2e544d52040aaea7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
HstCfa4016989=1527101444774; HstCla4016989=1527101444774; HstCmu4016989=1527101444774; HstPn4016989=1; HstPt4016989=1; HstCnv4016989=1; HstCns4016989=1; __cfduid=d30dd47c61021b063b4552e2f78be5d7c1527101444
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:47 GMT
CF-Cache-Status
MISS
Last-Modified
Sun, 25 Feb 2018 09:52:28 GMT
Server
cloudflare
ETag
"5a92875c-2a325"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5ca977597e6-FRA
Content-Length
172837
Expires
Fri, 22 Jun 2018 18:50:47 GMT
1519555827-cute-haircuts-for-long-hair-with-side-bangs-and-layers-cute-layered-haircut-for-medium-length-hair-latest-medium.jpg
sandefur.us/wp-content/uploads/2018/02/
223 KB
224 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519555827-cute-haircuts-for-long-hair-with-side-bangs-and-layers-cute-layered-haircut-for-medium-length-hair-latest-medium.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.175.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb0c41adcf2f8edb16d0bb5fb7602d5646be318c6ccc041b432fe40a7f2b8751

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
HstCfa4016989=1527101444774; HstCla4016989=1527101444774; HstCmu4016989=1527101444774; HstPn4016989=1; HstPt4016989=1; HstCnv4016989=1; HstCns4016989=1; __cfduid=d30dd47c61021b063b4552e2f78be5d7c1527101444
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:46 GMT
CF-Cache-Status
MISS
Last-Modified
Sun, 25 Feb 2018 10:50:28 GMT
Server
cloudflare
ETag
"5a9294f4-37d2a"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5cb500d26ea-FRA
Content-Length
228650
Expires
Fri, 22 Jun 2018 18:50:46 GMT
1519555773-233403074305bc26c62a63e079440ddb.jpg
sandefur.us/wp-content/uploads/2018/02/
348 KB
348 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519555773-233403074305bc26c62a63e079440ddb.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.175.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd6a814cfd28de5543630dc3da4423218285fd2d7692a50b228e21461b47b459

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
HstCfa4016989=1527101444774; HstCla4016989=1527101444774; HstCmu4016989=1527101444774; HstPn4016989=1; HstPt4016989=1; HstCnv4016989=1; HstCns4016989=1; __cfduid=d30dd47c61021b063b4552e2f78be5d7c1527101444
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:47 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 25 Feb 2018 10:49:33 GMT
Server
cloudflare
ETag
"5a9294bd-56f44"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5cbf03a26ea-FRA
Content-Length
356164
Expires
Fri, 22 Jun 2018 18:50:47 GMT
1519555767-helena-christensen-shoulder-length-56a084a25f9b58eba4b13728.jpg
sandefur.us/wp-content/uploads/2018/02/
1 MB
1 MB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519555767-helena-christensen-shoulder-length-56a084a25f9b58eba4b13728.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.175.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e603eeec9854a345011c25b2b02b4c1c4a2f2896c9de98bfaee5d08dd6b11988

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
HstCfa4016989=1527101444774; HstCla4016989=1527101444774; HstCmu4016989=1527101444774; HstPn4016989=1; HstPt4016989=1; HstCnv4016989=1; HstCns4016989=1; __cfduid=d30dd47c61021b063b4552e2f78be5d7c1527101444
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:47 GMT
CF-Cache-Status
MISS
Last-Modified
Sun, 25 Feb 2018 10:49:28 GMT
Server
cloudflare
ETag
"5a9294b8-12f0a0"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5cc104126ea-FRA
Content-Length
1241248
Expires
Fri, 22 Jun 2018 18:50:47 GMT
1519555730-2037497.jpg
sandefur.us/wp-content/uploads/2018/02/
112 KB
112 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519555730-2037497.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.175.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4250a0879071ca733c048d4c5dcd9829a7a45cd950dc61ef40877101ac46ec31

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
HstCfa4016989=1527101444774; HstCla4016989=1527101444774; HstCmu4016989=1527101444774; HstPn4016989=1; HstPt4016989=1; HstCnv4016989=1; HstCns4016989=1; __cfduid=d30dd47c61021b063b4552e2f78be5d7c1527101444
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:47 GMT
CF-Cache-Status
MISS
Last-Modified
Sun, 25 Feb 2018 10:48:52 GMT
Server
cloudflare
ETag
"5a929494-1bf88"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5cd912e97e6-FRA
Content-Length
114568
Expires
Fri, 22 Jun 2018 18:50:47 GMT
Cookie set 1519555727-16193c0ce8a7b356f1a26faec149acf8.jpg
sandefur.us/wp-content/uploads/2018/02/
173 KB
174 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519555727-16193c0ce8a7b356f1a26faec149acf8.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.175.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a6bf7a09c7b6eb357e04e5582a1f44e5df53e33626ea3457c253f6bc310118e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:47 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 25 Feb 2018 10:48:48 GMT
Server
cloudflare
ETag
"5a929490-2b48b"
Vary
Accept-Encoding
Content-Type
image/jpeg
Set-Cookie
__cfduid=de1d65b4b7037e540bffe5f0c1bd5190a1527101447; expires=Thu, 23-May-19 18:50:47 GMT; path=/; domain=.sandefur.us; HttpOnly
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5ce81b797e6-FRA
Content-Length
177291
Expires
Fri, 22 Jun 2018 18:50:47 GMT
Cookie set 1519545698-Karl-Urban-brushed-up-textured-spiky-square-by-Tinseltown.jpg
sandefur.us/wp-content/uploads/2018/02/
564 B
564 B
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519545698-Karl-Urban-brushed-up-textured-spiky-square-by-Tinseltown.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.174.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:47 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html
Set-Cookie
__cfduid=d69a634815988d9cf9784675e6fdd9e111527101447; expires=Thu, 23-May-19 18:50:47 GMT; path=/; domain=.sandefur.us; HttpOnly
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
41f9b5ce82a99720-FRA
Expires
Wed, 23 May 2018 22:50:47 GMT
Cookie set 1519545681-mens-hairstyle-medium-thick-hair-medium-hairstyles-men-thick-hair-mens-hairstyles-and-haircuts-ideas.jpg
sandefur.us/wp-content/uploads/2018/02/
134 KB
134 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519545681-mens-hairstyle-medium-thick-hair-medium-hairstyles-men-thick-hair-mens-hairstyles-and-haircuts-ideas.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.174.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
24ddfeb38efb50aa4c95eb7e71aec80777d7efdc3367b5ff7eeb62f8a570b78f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:47 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 25 Feb 2018 08:01:25 GMT
Server
cloudflare
ETag
"5a926d55-2174b"
Vary
Accept-Encoding
Content-Type
image/jpeg
Set-Cookie
__cfduid=d9438289dbb34cac15120eaaf8da3ce341527101447; expires=Thu, 23-May-19 18:50:47 GMT; path=/; domain=.sandefur.us; HttpOnly
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5ceb7f597c8-FRA
Content-Length
137035
Expires
Fri, 22 Jun 2018 18:50:47 GMT
1519545688-hairstyle-men-small-hair-round-face-hairstyles-for-men-with-thick-hair-and-oval-faces-latest-oval.jpg
sandefur.us/wp-content/uploads/2018/02/
173 KB
174 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519545688-hairstyle-men-small-hair-round-face-hairstyles-for-men-with-thick-hair-and-oval-faces-latest-oval.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.174.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
557fa0d14f76afb2a3815c4b43aeef0718eff66f08fba5943447ab3cb0586437

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
__cfduid=d9438289dbb34cac15120eaaf8da3ce341527101447
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:48 GMT
CF-Cache-Status
MISS
Last-Modified
Sun, 25 Feb 2018 08:01:30 GMT
Server
cloudflare
ETag
"5a926d5a-2b55e"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5cef01797c8-FRA
Content-Length
177502
Expires
Fri, 22 Jun 2018 18:50:47 GMT
1519545627-5-Short-Haircuts-For-Thick-Hair-And-Round-Faces-Men-5.jpg
sandefur.us/wp-content/uploads/2018/02/
143 KB
144 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519545627-5-Short-Haircuts-For-Thick-Hair-And-Round-Faces-Men-5.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.175.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
42ef0c00bb301dc84029585930cdb20116ba420225f4b9f4103cfe541cac4a32

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
__cfduid=d9438289dbb34cac15120eaaf8da3ce341527101447
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:48 GMT
CF-Cache-Status
MISS
Last-Modified
Sun, 25 Feb 2018 08:00:27 GMT
Server
cloudflare
ETag
"5a926d1b-23d32"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5cf021197e6-FRA
Content-Length
146738
Expires
Fri, 22 Jun 2018 18:50:48 GMT
1519545647-men-hairstyles-round-face-thick-hair-favorable.jpg
sandefur.us/wp-content/uploads/2018/02/
105 KB
106 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519545647-men-hairstyles-round-face-thick-hair-favorable.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.174.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad4cea80db5288df56586ff39df9aa1a0c49a0f1e7511851c5ac755033385ec

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
__cfduid=d69a634815988d9cf9784675e6fdd9e111527101447
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:48 GMT
CF-Cache-Status
MISS
Last-Modified
Sun, 25 Feb 2018 08:00:47 GMT
Server
cloudflare
ETag
"5a926d2f-1a5f3"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5d143a49720-FRA
Content-Length
108019
Expires
Fri, 22 Jun 2018 18:50:48 GMT
1519545038-4fefb6f3e530695769c9073e957c9604-redken-hair-color-best-hair-colour.jpg
sandefur.us/wp-content/uploads/2018/02/
348 KB
348 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519545038-4fefb6f3e530695769c9073e957c9604-redken-hair-color-best-hair-colour.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.175.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
023fdb07104a4b6b421cbe3c10fa36e5c0acdfbe09fc2ac5deb7a6b77f0534f6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
__cfduid=d69a634815988d9cf9784675e6fdd9e111527101447
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:48 GMT
CF-Cache-Status
MISS
Last-Modified
Sun, 25 Feb 2018 07:50:38 GMT
Server
cloudflare
ETag
"5a926ace-56eaa"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5d161ae26ea-FRA
Content-Length
356010
Expires
Fri, 22 Jun 2018 18:50:48 GMT
1519544983-1471889033_burgundy-hair-colors.jpg
sandefur.us/wp-content/uploads/2018/02/
229 KB
229 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519544983-1471889033_burgundy-hair-colors.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.174.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5bbde9d7e0183ded3401b92a614f42559d17d7bf399273ad38d0806aebdf14

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
__cfduid=d84d12ddca06d6f2a69ee1ee421edc5c41527101444
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:48 GMT
CF-Cache-Status
MISS
Last-Modified
Sun, 25 Feb 2018 07:49:43 GMT
Server
cloudflare
ETag
"5a926a97-39268"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5d1c6b99792-FRA
Content-Length
234088
Expires
Fri, 22 Jun 2018 18:50:48 GMT
1519544994-18-long-straight-dark-burgundy-hair.jpg
sandefur.us/wp-content/uploads/2018/02/
260 KB
261 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519544994-18-long-straight-dark-burgundy-hair.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.174.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fed888fb36fd28a0f2d0eb922e957d5c7af268c513916392275abc254924970b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
__cfduid=d84d12ddca06d6f2a69ee1ee421edc5c41527101444
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:48 GMT
CF-Cache-Status
MISS
Last-Modified
Sun, 25 Feb 2018 07:49:54 GMT
Server
cloudflare
ETag
"5a926aa2-410a0"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5d374889720-FRA
Content-Length
266400
Expires
Fri, 22 Jun 2018 18:50:48 GMT
1519544963-ae5a89e4bdb13eef4fcbaed38ff09c8c.jpg
sandefur.us/wp-content/uploads/2018/02/
290 KB
291 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519544963-ae5a89e4bdb13eef4fcbaed38ff09c8c.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.175.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cef96ddf59f7c81b34af99ba0a3e91abb75015f9885daf85063e5d1e1d714b3b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
__cfduid=d84d12ddca06d6f2a69ee1ee421edc5c41527101444
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:48 GMT
CF-Cache-Status
MISS
Last-Modified
Sun, 25 Feb 2018 07:49:24 GMT
Server
cloudflare
ETag
"5a926a84-48884"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5d384be97e6-FRA
Content-Length
297092
Expires
Fri, 22 Jun 2018 18:50:48 GMT
1519544991-14-very-dark-burgundy-brown-hair.jpg
sandefur.us/wp-content/uploads/2018/02/
277 KB
278 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519544991-14-very-dark-burgundy-brown-hair.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.174.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9cac3b0efee89bb883731b92c9e1c33e27927c7f0e8a968b0f0c88cc93cc123

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
__cfduid=d84d12ddca06d6f2a69ee1ee421edc5c41527101444
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:48 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 25 Feb 2018 07:49:51 GMT
Server
cloudflare
ETag
"5a926a9f-455c7"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5d3825d97c8-FRA
Content-Length
284103
Expires
Fri, 22 Jun 2018 18:50:48 GMT
1519544369-short-curly-hairstyles-stacked-best-25-curly-bob-hairstyles-ideas-on-pinterest-hair-styles.jpg
sandefur.us/wp-content/uploads/2018/02/
204 KB
205 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519544369-short-curly-hairstyles-stacked-best-25-curly-bob-hairstyles-ideas-on-pinterest-hair-styles.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.175.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
048cd8fa59de57a1a02402814fdb6dafb51075c6fb1d248a6cd2112a68f59a68

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
__cfduid=d84d12ddca06d6f2a69ee1ee421edc5c41527101444
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:48 GMT
CF-Cache-Status
MISS
Last-Modified
Sun, 25 Feb 2018 07:39:31 GMT
Server
cloudflare
ETag
"5a926833-33094"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5d3a4d097e6-FRA
Content-Length
209044
Expires
Fri, 22 Jun 2018 18:50:48 GMT
1519544340-fresh-short-curly-stacked-bob-hairstyles-idea-under-2018-hairstyles-haircuts-and-hair-colors.jpg
sandefur.us/wp-content/uploads/2018/02/
564 B
564 B
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519544340-fresh-short-curly-stacked-bob-hairstyles-idea-under-2018-hairstyles-haircuts-and-hair-colors.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.174.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
__cfduid=d84d12ddca06d6f2a69ee1ee421edc5c41527101444
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:48 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
41f9b5d3a7c19792-FRA
Expires
Wed, 23 May 2018 22:50:48 GMT
1519544332-long-stacked-bob-1.jpg
sandefur.us/wp-content/uploads/2018/02/
228 KB
228 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519544332-long-stacked-bob-1.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.174.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b8cc3d532e13d2ac141c58547dce9669852351a02efc1daa016638535357e92

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
__cfduid=d84d12ddca06d6f2a69ee1ee421edc5c41527101444
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:48 GMT
CF-Cache-Status
MISS
Last-Modified
Sun, 25 Feb 2018 07:38:53 GMT
Server
cloudflare
ETag
"5a92680d-3901a"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5d3b28697c8-FRA
Content-Length
233498
Expires
Fri, 22 Jun 2018 18:50:48 GMT
1519544336-short-curly-stacked-bob-hairstyles-stacked-a-line-bob-haircut-hair-a-line-stacked-bob.jpg
sandefur.us/wp-content/uploads/2018/02/
191 KB
191 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519544336-short-curly-stacked-bob-hairstyles-stacked-a-line-bob-haircut-hair-a-line-stacked-bob.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.174.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1e6196e50a2cf403280b573b726f8532d7d4a97a3b0d3b06ba80df4a408dcb0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
__cfduid=d84d12ddca06d6f2a69ee1ee421edc5c41527101444
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:48 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 25 Feb 2018 07:38:57 GMT
Server
cloudflare
ETag
"5a926811-2fbd3"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5d417e99792-FRA
Content-Length
195539
Expires
Fri, 22 Jun 2018 18:50:48 GMT
1519544322-stacked-curly-bob-haircut-cute-short-haircuts-hairstyles.jpg
sandefur.us/wp-content/uploads/2018/02/
147 KB
147 KB
Image
General
Full URL
http://sandefur.us/wp-content/uploads/2018/02/1519544322-stacked-curly-bob-haircut-cute-short-haircuts-hairstyles.jpg
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.175.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
35003c3c4cd6c1bf83dbd568a44ac386cea80b135d6786840375d88cccd2c8be

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Cookie
__cfduid=d84d12ddca06d6f2a69ee1ee421edc5c41527101444
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:48 GMT
CF-Cache-Status
MISS
Last-Modified
Sun, 25 Feb 2018 07:38:42 GMT
Server
cloudflare
ETag
"5a926802-24c05"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
41f9b5d4126626ea-FRA
Content-Length
150533
Expires
Fri, 22 Jun 2018 18:50:48 GMT
scripts.js
sandefur.us/wp-content/plugins/contact-form-7/includes/js/
14 KB
4 KB
Script
General
Full URL
http://sandefur.us/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.1
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.174.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
14b636e164af93d410a674e6479e7fa7f4a55fd7d11b1c608005bff6d413d02c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
http://sandefur.us/
Cookie
__cfduid=d4a11d0db816e62f54f1b1e5f4ab6d8dd1527101443
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:44 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Thu, 08 Mar 2018 02:25:05 GMT
Server
cloudflare
ETag
W/"5aa09f01-38d7"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
41f9b5bbd4719712-FRA
Expires
Fri, 22 Jun 2018 18:50:44 GMT
wp-embed.min.js
sandefur.us/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
http://sandefur.us/wp-includes/js/wp-embed.min.js?ver=4.9.5
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.174.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
http://sandefur.us/
Cookie
__cfduid=d4a11d0db816e62f54f1b1e5f4ab6d8dd1527101443
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:44 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2016 13:38:33 GMT
Server
cloudflare
ETag
W/"58359bd9-576"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
41f9b5bbf4859712-FRA
Expires
Fri, 22 Jun 2018 18:50:44 GMT
wp-emoji-release.min.js
sandefur.us/wp-includes/js/
11 KB
5 KB
Script
General
Full URL
http://sandefur.us/wp-includes/js/wp-emoji-release.min.js?ver=4.9.5
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.174.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d8e94fed6cc8ea56ee5ec6174efb68cb7197d2e729149cb43e85505bf175779

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
http://sandefur.us/
Cookie
__cfduid=d84d12ddca06d6f2a69ee1ee421edc5c41527101444
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:48 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jan 2018 11:51:41 GMT
Server
cloudflare
ETag
W/"5a6721cd-2dc9"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
41f9b5d427fd9792-FRA
Expires
Fri, 22 Jun 2018 18:50:48 GMT
Cookie set /
sandefur.us/
3 KB
3 KB
Image
General
Full URL
http://sandefur.us/
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.174.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://sandefur.us/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cloudflare
Link
<http://sandefur.us/wp-json/>; rel="https://api.w.org/"
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Set-Cookie
__cfduid=d84d12ddca06d6f2a69ee1ee421edc5c41527101444; expires=Thu, 23-May-19 18:50:44 GMT; path=/; domain=.sandefur.us; HttpOnly
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
41f9b5bd15099712-FRA
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
1Ptug8zYS_SKggPNyCMISg.ttf
fonts.gstatic.com/s/raleway/v12/
96 KB
42 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v12/1Ptug8zYS_SKggPNyCMISg.ttf
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
SPDY
Server
172.217.22.99 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f99.1e100.net
Software
sffe /
Resource Hash
8b2417f1185473a1b8744f66862b8174360b3ac8c329d674eaa60b8cc5b14185
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto+Slab%3A300%2C400%7CRaleway%3A400%2C500%2C700&subset=latin-ext
Origin
http://sandefur.us

Response headers

date
Mon, 12 Feb 2018 14:20:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8656238
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
43127
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 18:23:21 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Feb 2019 14:20:06 GMT
BngMUXZYTXPIvIBgJJSb6ufD5qA.ttf
fonts.gstatic.com/s/robotoslab/v7/
59 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotoslab/v7/BngMUXZYTXPIvIBgJJSb6ufD5qA.ttf
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
SPDY
Server
172.217.22.99 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f99.1e100.net
Software
sffe /
Resource Hash
01d82e8f166d6b031cf9665c27ef1b86b8501abc78b45070cc582dc58a2be5cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto+Slab%3A300%2C400%7CRaleway%3A400%2C500%2C700&subset=latin-ext
Origin
http://sandefur.us

Response headers

date
Wed, 09 May 2018 07:27:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1250594
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
32889
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 18:28:31 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 May 2019 07:27:30 GMT
1Ptrg8zYS_SKggPNwJYtWqhPBQ.ttf
fonts.gstatic.com/s/raleway/v12/
97 KB
43 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v12/1Ptrg8zYS_SKggPNwJYtWqhPBQ.ttf
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
SPDY
Server
172.217.22.99 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f99.1e100.net
Software
sffe /
Resource Hash
3fc2e37408924d584494f6bc93da84e076d9e095ae3760d486f4f43653b30f1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto+Slab%3A300%2C400%7CRaleway%3A400%2C500%2C700&subset=latin-ext
Origin
http://sandefur.us

Response headers

date
Thu, 08 Feb 2018 17:57:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8988798
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
43689
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 18:23:57 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Feb 2019 17:57:26 GMT
BngRUXZYTXPIvIBgJJSb6u9mxLCIwRg.ttf
fonts.gstatic.com/s/robotoslab/v7/
63 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotoslab/v7/BngRUXZYTXPIvIBgJJSb6u9mxLCIwRg.ttf
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
SPDY
Server
172.217.22.99 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f99.1e100.net
Software
sffe /
Resource Hash
4e1acae0c6a9280cbf2fd0d01a7365cd3f02d30bcafd73c04ab5d4ef1707cf49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto+Slab%3A300%2C400%7CRaleway%3A400%2C500%2C700&subset=latin-ext
Origin
http://sandefur.us

Response headers

date
Thu, 08 Feb 2018 22:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8970764
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
34036
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 18:27:05 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Feb 2019 22:58:00 GMT
schema-lite.woff2
sandefur.us/wp-content/themes/schema-lite/fonts/
9 KB
9 KB
Font
General
Full URL
http://sandefur.us/wp-content/themes/schema-lite/fonts/schema-lite.woff2
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
104.27.174.219 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8f717f080977be01e40587283625fb40486a915ff0c21678b7619cbd81e07a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
http://sandefur.us
Accept-Encoding
gzip, deflate
Host
sandefur.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
http://sandefur.us/wp-content/themes/schema-lite/style.css?ver=4.9.5
Cookie
__cfduid=d4a11d0db816e62f54f1b1e5f4ab6d8dd1527101443
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
http://sandefur.us/wp-content/themes/schema-lite/style.css?ver=4.9.5
Origin
http://sandefur.us

Response headers

Date
Wed, 23 May 2018 18:50:44 GMT
X-Content-Type-Options
nosniff
CF-Cache-Status
HIT
Connection
keep-alive
Content-Length
8892
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 21 Feb 2018 10:41:42 GMT
Server
cloudflare
X-Frame-Options
SAMEORIGIN
ETag
"5a8d4ce6-22bc"
Vary
Accept-Encoding
Content-Type
application/octet-stream
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
CF-RAY
41f9b5bc94ca9712-FRA
Expires
Wed, 23 May 2018 22:50:44 GMT
js15_as.js
s10.histats.com/
10 KB
4 KB
Script
General
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: sandefur.us
URL: http://sandefur.us/
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
cba2dd9d00ef6c95d4cb86a6c42e8f86d0935e0276348138f47e8f787107d560

Request headers

Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:45:21 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jun 2017 15:26:33 GMT
X-CDN-Pop-IP
137.74.120.32/27
ETag
"1262556565"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
4746
Content-Type
text/javascript
X-CDN-Pop
sbg
Accept-Ranges
bytes
Content-Length
4243
integrator.js
adservice.google.de/adsid/
111 B
172 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sandefur.us
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
e8a14f313c1ae3d9c0369c13cb9c46c29f2e00e0508eddf13727c3d7e6655351
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 23 May 2018 18:50:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
105
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/
111 B
172 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sandefur.us
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
e8a14f313c1ae3d9c0369c13cb9c46c29f2e00e0508eddf13727c3d7e6655351
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 23 May 2018 18:50:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
105
x-xss-protection
1; mode=block
ca-pub-5831208074616821.js
pagead2.googlesyndication.com/pub-config/r20160913/
133 B
235 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-5831208074616821.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
sffe /
Resource Hash
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Wed, 23 May 2018 16:29:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 May 2018 21:40:03 GMT
server
sffe
age
8474
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
125
x-xss-protection
1; mode=block
expires
Thu, 24 May 2018 04:29:30 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20180521/r20180518/ Frame 4479
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20180521/r20180518/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20180521/r20180518/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://sandefur.us/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
0D59B3A7C60C26F7734E2C18813F83C4
Referer
http://sandefur.us/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Mon, 21 May 2018 20:54:44 GMT
expires
Mon, 04 Jun 2018 20:54:44 GMT
content-type
text/html; charset=UTF-8
etag
8341461738443483577
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6979
x-xss-protection
1; mode=block
cache-control
public, max-age=1209600
age
165360
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180521/r20180518/ Frame E7FA
180 KB
67 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20180521/r20180518/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
cafe /
Resource Hash
94911a4e825a1b0e4134eef5a10a84091db1a17575ed076786fe997bf6107476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Wed, 23 May 2018 18:50:44 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
15473606980269892164
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
68421
X-XSS-Protection
1; mode=block
Expires
Wed, 23 May 2018 18:50:44 GMT
4016989.php
s4.histats.com/stats/
379 B
651 B
Script
General
Full URL
http://s4.histats.com/stats/4016989.php?4016989&@f16&@g1&@h1&@i1&@j1527101444774&@k0&@l1&@mSandefur%20-%20The%20Haircuts%20You%27ll%20See%20Everywhere%20in%202018&@n0&@o1000&@q0&@r0&@s26&@ten-US&@u1600&@vhttp%3A%2F%2Fsandefur.us%2F&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Server
208.43.241.178 Chantilly, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
b2.f1.2bd0.ip4.static.sl-reverse.com
Software
/
Resource Hash
960067581107e70e6de1aec1620de75d663060fac6fde3630ff13a2d6516120b

Request headers

Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:44 GMT
Connection
close
Content-Length
379
Content-Type
text/html;charset=UTF-8
ads
googleads.g.doubleclick.net/pagead/ Frame ED0C
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5831208074616821&output=html&adk=1812271804&adf=3025194257&lmt=1527101444&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C26%3A32768%2C30%3A1081344&guci=1.2.0.0.2.2&format=0x0&url=http%3A%2F%2Fsandefur.us%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1527101444684&bpp=10&bdt=269&fdt=13&idt=128&shv=r20180521&cbv=r20180518&saldr=aa&abxe=1&correlator=408063396858&frm=20&ga_vid=516979726.1527101445&ga_sid=1527101445&ga_hid=1994444707&ga_fc=0&pv=2&iag=0&icsg=201296572&dssz=20&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21061122&oid=3&rx=0&eae=2&fc=784&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cnr%7C&abl=CS&ppjl=u&fu=16&bc=7&ifi=0&dtd=145
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180521/r20180518/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5831208074616821&output=html&adk=1812271804&adf=3025194257&lmt=1527101444&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C26%3A32768%2C30%3A1081344&guci=1.2.0.0.2.2&format=0x0&url=http%3A%2F%2Fsandefur.us%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1527101444684&bpp=10&bdt=269&fdt=13&idt=128&shv=r20180521&cbv=r20180518&saldr=aa&abxe=1&correlator=408063396858&frm=20&ga_vid=516979726.1527101445&ga_sid=1527101445&ga_hid=1994444707&ga_fc=0&pv=2&iag=0&icsg=201296572&dssz=20&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21061122&oid=3&rx=0&eae=2&fc=784&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cnr%7C&abl=CS&ppjl=u&fu=16&bc=7&ifi=0&dtd=145
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://sandefur.us/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
0D59B3A7C60C26F7734E2C18813F83C4
Referer
http://sandefur.us/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 23 May 2018 18:50:44 GMT
server
cafe
cache-control
private
content-length
645
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Wed, 23-May-2018 19:05:44 GMT; path=/; domain=.doubleclick.net
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
expires
Wed, 23 May 2018 18:50:44 GMT
osd.js
pagead2.googlesyndication.com/pagead/js/r20180521/r20180518/
71 KB
26 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180521/r20180518/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180521/r20180518/show_ads_impl.js
Protocol
SPDY
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
cafe /
Resource Hash
106357d58e48c91d5b74238b6f266e0c9cc50d82af77237ff7c3dd10b06e70ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 21 May 2018 16:17:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181988
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
26522
x-xss-protection
1; mode=block
server
cafe
etag
4371217384211563518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Jun 2018 16:17:36 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180521/r20180518/ Frame 1D17
180 KB
0
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20180521/r20180518/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
cafe /
Resource Hash
94911a4e825a1b0e4134eef5a10a84091db1a17575ed076786fe997bf6107476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

Date
Wed, 23 May 2018 18:50:44 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
15473606980269892164
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
68421
X-XSS-Protection
1; mode=block
Expires
Wed, 23 May 2018 18:50:44 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 6DC4
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5831208074616821&output=html&h=600&slotname=1965826557&adk=4190206193&adf=3839979314&w=300&fwrn=4&fwrnh=100&lmt=1527101444&rafmt=1&guci=1.2.0.0.2.2&format=300x600&url=http%3A%2F%2Fsandefur.us%2F&flash=0&fwr=0&rh=0&rw=299.828&resp_fmts=4&wgl=1&adsid=NT&dt=1527101444697&bpp=22&bdt=283&fdt=142&idt=144&shv=r20180521&cbv=r20180518&saldr=aa&abxe=1&prev_fmts=0x0&correlator=408063396858&frm=20&ga_vid=516979726.1527101445&ga_sid=1527101445&ga_hid=1994444707&ga_fc=0&pv=1&iag=0&icsg=738167484&dssz=21&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=334&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21061122&oid=3&rx=0&eae=0&fc=784&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&xpc=Ra6bHmF0Sp&p=http%3A//sandefur.us&dtd=151
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180521/r20180518/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5831208074616821&output=html&h=600&slotname=1965826557&adk=4190206193&adf=3839979314&w=300&fwrn=4&fwrnh=100&lmt=1527101444&rafmt=1&guci=1.2.0.0.2.2&format=300x600&url=http%3A%2F%2Fsandefur.us%2F&flash=0&fwr=0&rh=0&rw=299.828&resp_fmts=4&wgl=1&adsid=NT&dt=1527101444697&bpp=22&bdt=283&fdt=142&idt=144&shv=r20180521&cbv=r20180518&saldr=aa&abxe=1&prev_fmts=0x0&correlator=408063396858&frm=20&ga_vid=516979726.1527101445&ga_sid=1527101445&ga_hid=1994444707&ga_fc=0&pv=1&iag=0&icsg=738167484&dssz=21&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=334&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21061122&oid=3&rx=0&eae=0&fc=784&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&xpc=Ra6bHmF0Sp&p=http%3A//sandefur.us&dtd=151
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://sandefur.us/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
0D59B3A7C60C26F7734E2C18813F83C4
Referer
http://sandefur.us/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 23 May 2018 18:50:45 GMT
server
cafe
cache-control
private
content-length
14965
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Wed, 23-May-2018 19:05:44 GMT; path=/; domain=.doubleclick.net
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
expires
Wed, 23 May 2018 18:50:45 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180521/r20180518/ Frame 7EC5
180 KB
0
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20180521/r20180518/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
cafe /
Resource Hash
94911a4e825a1b0e4134eef5a10a84091db1a17575ed076786fe997bf6107476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

Date
Wed, 23 May 2018 18:50:44 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
15473606980269892164
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
68421
X-XSS-Protection
1; mode=block
Expires
Wed, 23 May 2018 18:50:44 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 15E4
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5831208074616821&output=html&h=600&adk=993631037&adf=4039692676&w=300&fwrn=4&fwrnh=100&lmt=1527101444&rafmt=1&to=qs&pwprc=2038695137&guci=1.2.0.0.2.2&format=300x600&url=http%3A%2F%2Fsandefur.us%2F&flash=0&fwr=0&rh=0&rw=299.828&resp_fmts=4&wgl=1&adsid=NT&dt=1527101444935&bpp=3&bdt=520&fdt=4&idt=5&shv=r20180521&cbv=r20180518&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&correlator=408063396858&frm=20&ga_vid=516979726.1527101445&ga_sid=1527101445&ga_hid=1994444707&ga_fc=0&pv=1&iag=0&icsg=738167484&dssz=21&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=1379&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21061122&oid=3&rx=0&eae=0&fc=784&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=2&xpc=gIXwTZdfTl&p=http%3A//sandefur.us&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180521/r20180518/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5831208074616821&output=html&h=600&adk=993631037&adf=4039692676&w=300&fwrn=4&fwrnh=100&lmt=1527101444&rafmt=1&to=qs&pwprc=2038695137&guci=1.2.0.0.2.2&format=300x600&url=http%3A%2F%2Fsandefur.us%2F&flash=0&fwr=0&rh=0&rw=299.828&resp_fmts=4&wgl=1&adsid=NT&dt=1527101444935&bpp=3&bdt=520&fdt=4&idt=5&shv=r20180521&cbv=r20180518&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&correlator=408063396858&frm=20&ga_vid=516979726.1527101445&ga_sid=1527101445&ga_hid=1994444707&ga_fc=0&pv=1&iag=0&icsg=738167484&dssz=21&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=1379&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21061122&oid=3&rx=0&eae=0&fc=784&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=2&xpc=gIXwTZdfTl&p=http%3A//sandefur.us&dtd=10
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://sandefur.us/
accept-encoding
gzip, deflate
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
0D59B3A7C60C26F7734E2C18813F83C4
Referer
http://sandefur.us/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 23 May 2018 18:50:45 GMT
server
cafe
cache-control
private
content-length
387
x-xss-protection
1; mode=block
set-cookie
IDE=AHWqTUkMPE3TSII86x9OHBB54PM3FDMVdQzQ6txQOhAmtjP4OlVawg4xHZYoy9Ph; expires=Mon, 17-Jun-2019 18:50:44 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
expires
Wed, 23 May 2018 18:50:45 GMT
cc_26.js
s10.histats.com/counters/
22 KB
12 KB
Script
General
Full URL
http://s10.histats.com/counters/cc_26.js
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
4dd2612d460b0e5d58b0df5556ece416b10c5962270e95770a25ba823759e52c

Request headers

Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:43:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jun 2017 15:28:07 GMT
X-CDN-Pop-IP
137.74.120.0/27
ETag
"-81326701"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
4746
Content-Type
text/javascript
X-CDN-Pop
sbg
Accept-Ranges
bytes
Content-Length
11697
/
e.dtscout.com/e/
4 KB
5 KB
Script
General
Full URL
http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fsandefur.us%2F&j=
Requested by
Host: s4.histats.com
URL: http://s4.histats.com/stats/4016989.php?4016989&@f16&@g1&@h1&@i1&@j1527101444774&@k0&@l1&@mSandefur%20-%20The%20Haircuts%20You%27ll%20See%20Everywhere%20in%202018&@n0&@o1000&@q0&@r0&@s26&@ten-US&@u1600&@vhttp%3A%2F%2Fsandefur.us%2F&@w
Protocol
HTTP/1.1
Server
69.4.231.31 Providence, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
no-rdns.ord02.hostingservicesinc.net
Software
/
Resource Hash
b9469c50f1a92c4687f3d2c11d43d2f169e2276441f9cb73d3564d266fb9bf74

Request headers

Referer
http://sandefur.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 23 May 2018 18:50:45 GMT
X-Z
E
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
X-ip
148.251.45.254
Connection
close
Expires
Wed, 23 May 2018 18:50:44 GMT
truncated
/
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77605bf5837cbeb23efe8bae982003b185aab43275363502b38554ebcb3e3c51

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
/
t.dtscout.com/idg/ Frame 0D23
0
0
Document
General
Full URL
http://t.dtscout.com/idg/
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fsandefur.us%2F&j=
Protocol
HTTP/1.1
Server
107.182.233.217 Providence, United States, ASN29854 (WESTHOST - WestHost, Inc., US),
Reverse DNS
6bb6e9d9.setaptr.net
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Host
t.dtscout.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://sandefur.us/
Accept-Encoding
gzip, deflate
Cookie
m=1; b=1; ey=1; ah=1; st=1; df=1527101445; l=RQTnH1sFuAVVuTsDU+ouAg==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
0D59B3A7C60C26F7734E2C18813F83C4
Referer
http://sandefur.us/

Response headers

Server
nginx/1.10.3 (Ubuntu)
Date
Wed, 23 May 2018 18:50:45 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Expires
Wed, 23 May 2018 18:50:44 GMT
Cache-Control
no-cache
Content-Encoding
gzip

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings undefined| $ function| jQuery function| List object| adsbygoogle object| _Hasync object| wpcf7 object| wp object| jQuery112406167036016508247 object| google_js_reporting_queue object| google_ad_modifications boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state function| google_spfd object| google_sv_map object| google_t12n_vars object| google_jobrunner object| google_iframe_oncopy number| google_unique_id function| chfh function| chfh2 string| _HST_cntval object| Histats object| google_persistent_state_async object| google_pub_config object| __google_ad_urls number| google_global_correlator object| gaGlobal object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure object| _HistatsCounterGraphics_26_setValues boolean| _value_RETURN_BUILDER function| _HistatsCounterGraphics_26 function| histats_canvascounters_base.js object| a object| cv object| twemoji function| google_osd_amcb

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: http://sandefur.us/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
e.dtscout.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
s10.histats.com
s4.histats.com
sandefur.us
t.dtscout.com
104.27.174.219
104.27.175.219
107.182.233.217
172.217.22.106
172.217.22.99
208.43.241.178
216.58.206.2
216.58.208.34
46.105.201.240
69.4.231.31
01d82e8f166d6b031cf9665c27ef1b86b8501abc78b45070cc582dc58a2be5cd
023fdb07104a4b6b421cbe3c10fa36e5c0acdfbe09fc2ac5deb7a6b77f0534f6
048cd8fa59de57a1a02402814fdb6dafb51075c6fb1d248a6cd2112a68f59a68
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2
0b8cc3d532e13d2ac141c58547dce9669852351a02efc1daa016638535357e92
0c1aa93b1bc8d604237713ea9c65e6de352ba01b4d053fea706eab07113a2aba
106357d58e48c91d5b74238b6f266e0c9cc50d82af77237ff7c3dd10b06e70ef
14b636e164af93d410a674e6479e7fa7f4a55fd7d11b1c608005bff6d413d02c
1cc6d007075e70fa0e0a8944a0c195985fc7d0a35554ae3b23fc5dd1f84f75ff
1e36067ffbde51faec89f96ebe1fd08513be4a97d109cc8130dcdc9cf3f4590d
222412977d7bc9120b1e08965ba9c3185bc7521521025cee69d240320262785e
24ddfeb38efb50aa4c95eb7e71aec80777d7efdc3367b5ff7eeb62f8a570b78f
32dd60827f49bffd383454bcb7499bd979e5a74f9557a6722da4919cee7e9137
35003c3c4cd6c1bf83dbd568a44ac386cea80b135d6786840375d88cccd2c8be
3d8e94fed6cc8ea56ee5ec6174efb68cb7197d2e729149cb43e85505bf175779
3fc2e37408924d584494f6bc93da84e076d9e095ae3760d486f4f43653b30f1a
4250a0879071ca733c048d4c5dcd9829a7a45cd950dc61ef40877101ac46ec31
42ef0c00bb301dc84029585930cdb20116ba420225f4b9f4103cfe541cac4a32
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4dd2612d460b0e5d58b0df5556ece416b10c5962270e95770a25ba823759e52c
4e1acae0c6a9280cbf2fd0d01a7365cd3f02d30bcafd73c04ab5d4ef1707cf49
503da2508f12960a321d59b4ef474a7419750c4175bc149f2e544d52040aaea7
5067363d2f239dad07de1275b5636c0b33b595f586284fd55cd9b976be9cf4db
51a7ea31dd4530bbf4d4e4317b0b61ce85603ab4255644ab69b1a021a99854d4
557fa0d14f76afb2a3815c4b43aeef0718eff66f08fba5943447ab3cb0586437
58ba26992db7168e4bb2e589b1eace645e912b712d7fdc9037349ce91b234dae
5ca40cf3c3781547120d4a0e2da04ef4b227877ab3322eed8dc64aa47c55e8ed
62a388a7833280dc7dfe5716af9969711f3c2a2fcc34c5af249907d1e2be7c73
6856379ccc3fe72eac3b66760cad72f22a62b1ae190f6347303b088572fd6b51
6a15f7b1376076cb187acc74038ed90276d29c47908059471b225bf9175d6ff3
6a6bf7a09c7b6eb357e04e5582a1f44e5df53e33626ea3457c253f6bc310118e
6e1d679ce92eb61b08a32b42113b6edd56e67600237be25fa49b667cb67bce2e
77605bf5837cbeb23efe8bae982003b185aab43275363502b38554ebcb3e3c51
7e5bbde9d7e0183ded3401b92a614f42559d17d7bf399273ad38d0806aebdf14
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
8879a36c269ad5a0b58f817ee19bce0175fcd4e8b17b105e1d1ce5cab4862c5b
88dddd50fe157cc0832d8d0a36b52d1ea07fd02b2b72371a6eba83574584b023
8b2417f1185473a1b8744f66862b8174360b3ac8c329d674eaa60b8cc5b14185
94911a4e825a1b0e4134eef5a10a84091db1a17575ed076786fe997bf6107476
960067581107e70e6de1aec1620de75d663060fac6fde3630ff13a2d6516120b
b1e6196e50a2cf403280b573b726f8532d7d4a97a3b0d3b06ba80df4a408dcb0
b9469c50f1a92c4687f3d2c11d43d2f169e2276441f9cb73d3564d266fb9bf74
bad4cea80db5288df56586ff39df9aa1a0c49a0f1e7511851c5ac755033385ec
c26149cdd52705382cd15273feb70f7a33e7919010273e129bdee3301b742222
cba2dd9d00ef6c95d4cb86a6c42e8f86d0935e0276348138f47e8f787107d560
cef96ddf59f7c81b34af99ba0a3e91abb75015f9885daf85063e5d1e1d714b3b
d8f717f080977be01e40587283625fb40486a915ff0c21678b7619cbd81e07a2
d9cd9bd5161687518818a383f1269d7a3214a28b91c1baf0eebafeee7c04f3a6
dc4df998ab3d7c6c311d0ed2936e45242bf86ce24668d8270c6d3c694672c1c7
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
dd6a814cfd28de5543630dc3da4423218285fd2d7692a50b228e21461b47b459
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44f67b180472b497c8de7d22638ee88cf3af042e33c1add1589104a6f5a4a96
e603eeec9854a345011c25b2b02b4c1c4a2f2896c9de98bfaee5d08dd6b11988
e8a14f313c1ae3d9c0369c13cb9c46c29f2e00e0508eddf13727c3d7e6655351
e9cac3b0efee89bb883731b92c9e1c33e27927c7f0e8a968b0f0c88cc93cc123
eb0c41adcf2f8edb16d0bb5fb7602d5646be318c6ccc041b432fe40a7f2b8751
eff2b4e9a1ce0665660281b8705e2ba1eb0516f8a0567b2e2902305ae2a90c0c
f20d4a0e7f581fd0d5fec3ae7bb0d43d900f6761de2a6afb840aac24b74f1295
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fed888fb36fd28a0f2d0eb922e957d5c7af268c513916392275abc254924970b