urlscan.io logo urlscan.io
SecurityTrails logo

earthley.com Open in urlscan Pro
2606:4700:3108::ac42:2b49  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.earthley.com/ref/TheAvonMan/
Effective URL: https://earthley.com/ref/TheAvonMan/
Submission: On December 13 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 5 countries across 18 domains to perform 103 HTTP transactions. The main IP is 2606:4700:3108::ac42:2b49, located in United States and belongs to CLOUDFLARENET, US. The main domain is earthley.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 5th 2022. Valid for: a year.
This is the only time earthley.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 51 2606:4700:310... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.122.73 16509 (AMAZON-02)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:21f... 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 23.36.163.153 20940 (AKAMAI-ASN1)
2 3 104.16.105.139 13335 (CLOUDFLAR...)
1 104.18.72.113 13335 (CLOUDFLAR...)
1 52.222.214.11 16509 (AMAZON-02)
5 13.224.189.41 16509 (AMAZON-02)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2606:50c0:800... 54113 (FASTLY)
2 172.64.144.208 13335 (CLOUDFLAR...)
2 104.18.37.231 13335 (CLOUDFLAR...)
1 104.18.70.113 13335 (CLOUDFLAR...)
2 2a03:2880:f11... 32934 (FACEBOOK)
103 25
51    2606:4700:3108::ac42:2b49 (United States)

ASN13335 (CLOUDFLARENET, US)
www.earthley.com
earthley.com
2    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    18.66.122.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-73.fra60.r.cloudfront.net
sf.bayengage.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2600:9000:21f3:7a00:1c:9484:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.attn.tv
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    2a00:1450:400c:c0d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    23.36.163.153 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-153.deploy.static.akamaitechnologies.com
analytics.tiktok.com
3    104.16.105.139 (None, )

ASN13335 (CLOUDFLARENET, US)
v2.zopim.com
1    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
1    52.222.214.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-11.fra56.r.cloudfront.net
sfc-api.bayengage.com
5    13.224.189.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-41.fra2.r.cloudfront.net
img.bayengage.com
2    2a03:2880:f080:9:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:50c0:8000::153 (United States)

ASN54113 (FASTLY, US)
mreq.github.io
2    172.64.144.208 (United States)

ASN13335 (CLOUDFLARENET, US)
events.attentivemobile.com
2    104.18.37.231 (None, )

ASN13335 (CLOUDFLARENET, US)
earthley.attn.tv
1    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
ekr.zdassets.com
2    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
51 earthley.com
www.earthley.com
earthley.com
353 KB
7 bayengage.com
sf.bayengage.com — Cisco Umbrella Rank: 273043
sfc-api.bayengage.com — Cisco Umbrella Rank: 261161
img.bayengage.com — Cisco Umbrella Rank: 316463
2 MB
5 attn.tv
cdn.attn.tv — Cisco Umbrella Rank: 3266
earthley.attn.tv
34 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
325 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 789
99 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 7952
781 B
4 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 6986
www.google.com — Cisco Umbrella Rank: 2
1 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
40 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
stats.g.doubleclick.net — Cisco Umbrella Rank: 81
2 KB
3 zopim.com
v2.zopim.com — Cisco Umbrella Rank: 9937
244 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 373
12 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
203 B
2 attentivemobile.com
events.attentivemobile.com — Cisco Umbrella Rank: 2989
807 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
112 KB
2 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 1953
ekr.zdassets.com — Cisco Umbrella Rank: 2224
8 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
1 KB
1 github.io
mreq.github.io — Cisco Umbrella Rank: 230866
4 KB
1 gstatic.com
fonts.gstatic.com
31 KB
103 18
Domain Requested by
50 earthley.com earthley.com
5 img.bayengage.com earthley.com
5 www.googletagmanager.com earthley.com
www.googletagmanager.com
4 analytics.tiktok.com earthley.com
analytics.tiktok.com
4 www.google.de earthley.com
4 www.google-analytics.com www.googletagmanager.com
earthley.com
www.google-analytics.com
3 v2.zopim.com 2 redirects
3 www.google.com earthley.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 cdn.attn.tv www.googletagmanager.com
cdn.attn.tv
3 bat.bing.com www.googletagmanager.com
bat.bing.com
2 www.facebook.com
2 earthley.attn.tv cdn.attn.tv
2 events.attentivemobile.com cdn.attn.tv
2 connect.facebook.net earthley.com
connect.facebook.net
2 fonts.googleapis.com earthley.com
sf.bayengage.com
1 ekr.zdassets.com v2.zopim.com
1 mreq.github.io earthley.com
1 sfc-api.bayengage.com sf.bayengage.com
1 static.zdassets.com
1 region1.analytics.google.com www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 sf.bayengage.com earthley.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.earthley.com 1 redirects
103 25

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.tiktok.com
www.youtube.com
www.instagram.com
www.pinterest.com
vesst.io
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-05 -
2023-06-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.bayengage.com
Amazon		 2022-08-17 -
2023-09-14		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-11-25 -
2023-05-25		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.attn.tv
Amazon		 2022-04-04 -
2023-05-02		 a year crt.sh
www.google.de
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
img.bayengage.com
Amazon		 2022-06-28 -
2023-07-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-21 -
2022-12-20		 3 months crt.sh
*.github.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-04-07		 a year crt.sh
attentivemobile.com
Cloudflare Inc ECC CA-3		 2022-12-03 -
2023-12-03		 a year crt.sh
attn.tv
Cloudflare Inc ECC CA-3		 2022-12-03 -
2023-12-03		 a year crt.sh
zdassets.com
Cloudflare Inc ECC CA-3		 2022-11-10 -
2023-11-09		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://earthley.com/ref/TheAvonMan/
Frame ID: 69F0EA3DEEB8102264FF1B01AA19C492
Requests: 98 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:400,700
Frame ID: 95C535F241D65B6F7223DA0C2CF7EA76
Requests: 2 HTTP requests in this frame

Frame: https://img.bayengage.com/7edf29a676de/studio/34102/AdobeStock_213647358.jpg
Frame ID: D6E268FC0DEAE64A6D7DD61FD35CDDFF
Requests: 1 HTTP requests in this frame

Frame: https://img.bayengage.com/7edf29a676de/studio/36756/chicken-mushroom-ravioli.jpg
Frame ID: D0426D0F65ED1EE2B56F8C216AF7B3B0
Requests: 1 HTTP requests in this frame

Frame: https://img.bayengage.com/assets/1668625883375-92725.jpg
Frame ID: AAF7E68231D035B67165F8068D7E4A6D
Requests: 1 HTTP requests in this frame

Frame: https://img.bayengage.com/7edf29a676de/studio/41794/Fearless-Healthy-Living-copy-8.png
Frame ID: C688FA677B4C8CAEFC6FA0D01BBB3A37
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: CA4BD145BB0513772FA43681F85698A0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.earthley.com/ref/TheAvonMan/ HTTP 301
    https://earthley.com/ref/TheAvonMan/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • v2\.zopim\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+lightbox(?:\.min)?\.css
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

103
Requests

98 %
HTTPS

63 %
IPv6

18
Domains

25
Subdomains

25
IPs

5
Countries

2955 kB
Transfer

7291 kB
Size

34
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.earthley.com/ref/TheAvonMan/ HTTP 301
    https://earthley.com/ref/TheAvonMan/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56
  • https://v2.zopim.com/?3gjxF0HKFjqXRFX6Wje13hS03wOl0YQA HTTP 302
  • https://static.zdassets.com/ekr/asset_composer.js
Request Chain 98
  • https://v2.zopim.com/w?3gjxF0HKFjqXRFX6Wje13hS03wOl0YQA HTTP 302
  • https://v2.zopim.com/bin/v/widget_v2.334.js

103 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
earthley.com/ref/TheAvonMan/
Redirect Chain
  • https://www.earthley.com/ref/TheAvonMan/
  • https://earthley.com/ref/TheAvonMan/
94 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d72a94b3e8520e530b8fa1c982fa23610dc03f0f299e81c451ae7df1455a1c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
779020ec2dbd9c00-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 16:38:10 GMT
last-modified
Tue, 13 Dec 2022 15:03:54 GMT
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
779020eaeaff9c00-FRA
content-type
text/html
date
Tue, 13 Dec 2022 16:38:10 GMT
location
https://earthley.com/ref/TheAvonMan/
server
cloudflare
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat%3Awght%40200%3B400%3B500&ver=6.0.2&display=swap
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc4f688fd161944b5ca268a9072272d4e6369366456b9e4bcce2b770bfd668ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Dec 2022 16:38:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 16:38:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Dec 2022 16:38:10 GMT
rocket-loader.min.js
earthley.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://earthley.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 07 Dec 2022 18:45:45 GMT
server
cloudflare
etag
W/"6390df59-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
779020ed78569c00-FRA
expires
Thu, 15 Dec 2022 16:38:10 GMT
wc-square-cart-checkout-blocks.min.css
earthley.com/wp-content/plugins/woocommerce-square/assets/css/frontend/ 		4 KB
958 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-content/plugins/woocommerce-square/assets/css/frontend/wc-square-cart-checkout-blocks.min.css?ver=3.2.0
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86297992b82912cf31488ed9f439a19d53a1603cc8fbb43a14ff98bc1bcce262
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 18 Nov 2022 09:08:00 GMT
server
cloudflare
etag
W/"63774b70-1061"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=31536000
cf-ray
779020ed78539c00-FRA
style.min.css
earthley.com/wp-includes/css/dist/block-library/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 18 Nov 2022 09:08:02 GMT
server
cloudflare
etag
W/"63774b72-15b64"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=31536000
cf-ray
779020ed78599c00-FRA
wc-blocks-vendors-style.css
earthley.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=1670941416
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a25eb6972f4a513da7ead5d8c0f74832ed42b1ae5e1f13ed3ea36f0865a59c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 13 Dec 2022 14:23:36 GMT
server
cloudflare
etag
W/"63988ae8-28c3"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=31536000
cf-ray
779020ed785d9c00-FRA
wc-blocks-style.css
earthley.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 		225 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=1670941416
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7567fb19c9c43375d3fd64e1dd0f7089ed3e4b1c48af419c4f601066b7a9235c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 13 Dec 2022 14:23:36 GMT
server
cloudflare
etag
W/"63988ae8-385fe"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=31536000
cf-ray
779020ed78609c00-FRA
forms.min.css
earthley.com/wp-content/plugins/affiliate-wp/assets/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-content/plugins/affiliate-wp/assets/css/forms.min.css?ver=2.9.8
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee564a0080a642f8dbe317a9596032900545837e52d20cb9aee450e6b8122293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 18 Nov 2022 09:07:59 GMT
server
cloudflare
etag
W/"63774b6f-1167"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=31536000
cf-ray
779020ed78639c00-FRA
earthley.css
earthley.com/wp-content/cache/min/1/wp-content/themes/earthley/includes/css/ 		86 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-content/cache/min/1/wp-content/themes/earthley/includes/css/earthley.css?ver=1670941416
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
115eeb43eda96c8d2c74658ef63f1eeac14aad98135c986f0787cbca971ec230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 13 Dec 2022 14:23:36 GMT
server
cloudflare
etag
W/"63988ae8-15712"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=31536000
cf-ray
779020ed78649c00-FRA
slick.css
earthley.com/wp-content/cache/min/1/npm/slick-carousel@1.8.1/slick/ 		1 KB
584 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-content/cache/min/1/npm/slick-carousel@1.8.1/slick/slick.css?ver=1670941416
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c1f806310322c848c4c996ca568a03b3b16cf9487cbccf09aef3cf17e2c643d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 13 Dec 2022 14:23:36 GMT
server
cloudflare
etag
W/"63988ae8-534"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=31536000
cf-ray
779020ed78669c00-FRA
slick-lightbox.css
earthley.com/wp-content/cache/min/1/slick-lightbox/dist/ 		2 KB
718 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-content/cache/min/1/slick-lightbox/dist/slick-lightbox.css?ver=1670941416
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
696d9cb735750f9efb939d0c3cefe31945b7c08fa0e7144c9ba6653c27b1f321
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 13 Dec 2022 14:23:36 GMT
server
cloudflare
etag
W/"63988ae8-781"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=31536000
cf-ray
779020ed78679c00-FRA
slick-theme.css
earthley.com/wp-content/cache/min/1/slick-lightbox/gh-pages/bower_components/slick-carousel/slick/ 		3 KB
885 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-content/cache/min/1/slick-lightbox/gh-pages/bower_components/slick-carousel/slick/slick-theme.css?ver=1670941416
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aeb414bb1e8013a6746ef4a704275a3fb8a16fdb3a50695f4703630ff85d85b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 13 Dec 2022 14:23:36 GMT
server
cloudflare
etag
W/"63988ae8-b13"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=31536000
cf-ray
779020ed78689c00-FRA
checkout-blocks.css
earthley.com/wp-content/cache/min/1/wp-content/plugins/woocommerce-product-bundles/assets/css/frontend/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-content/cache/min/1/wp-content/plugins/woocommerce-product-bundles/assets/css/frontend/checkout-blocks.css?ver=1670941416
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a2333f3aaf31cdb57dc5e734d2e05f62e0dbbe1b3ca69709a7e2676b0cba143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 13 Dec 2022 14:23:36 GMT
server
cloudflare
etag
W/"63988ae8-2bb8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=31536000
cf-ray
779020edb8e59c00-FRA
select2.css
earthley.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/ 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/select2.css?ver=1670941416
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6610cfb284c5370ed1cd73333301a0fd21d0149efdcd366dd7b8fe35a5949806
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 13 Dec 2022 14:23:36 GMT
server
cloudflare
etag
W/"63988ae8-3917"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=31536000
cf-ray
779020edb8e89c00-FRA
RegistrationForm.css
earthley.com/wp-content/cache/min/1/wp-content/plugins/woocommerce-wholesale-lead-capture/css/ 		2 KB
737 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-content/cache/min/1/wp-content/plugins/woocommerce-wholesale-lead-capture/css/RegistrationForm.css?ver=1670941416
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6950a212568305b78d0994dec97c320dbecbed4b8c98ed596048bf9b8d677ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 13 Dec 2022 14:23:36 GMT
server
cloudflare
etag
W/"63988ae8-8ef"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=31536000
cf-ray
779020edb8ea9c00-FRA
woocommerce.css
earthley.com/wp-content/cache/min/1/wp-content/plugins/woocommerce-product-bundles/assets/css/frontend/ 		2 KB
752 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-content/cache/min/1/wp-content/plugins/woocommerce-product-bundles/assets/css/frontend/woocommerce.css?ver=1670941416
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36c378fe6273417e8f3051f2f4814e7c6c02abe4cc904e219b7c76fc72110bbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 13 Dec 2022 14:23:36 GMT
server
cloudflare
etag
W/"63988ae8-976"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=31536000
cf-ray
779020edb8ec9c00-FRA
email-decode.min.js
earthley.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
727 B 		Script
General
Check archive.org
Download Go to
Full URL
https://earthley.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 07 Dec 2022 18:45:45 GMT
server
cloudflare
etag
W/"6390df59-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
779020edb8ee9c00-FRA
expires
Thu, 15 Dec 2022 16:38:10 GMT
gtm.js
www.googletagmanager.com/ 		233 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TGF6NNB
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8e4372d5beb672183c75dade3760e039d8632faadebff5b4910ce46f9e8569a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83903
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 13 Dec 2022 16:38:11 GMT
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/svg+xml
earthley-cart.svg
earthley.com/wp-content/themes/earthley/images/ 		1 KB
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://earthley.com/wp-content/themes/earthley/images/earthley-cart.svg
Requested by
Host: earthley.com
URL: https://earthley.com/wp-content/cache/min/1/wp-content/themes/earthley/includes/css/earthley.css?ver=1670941416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea0bd505e3aaf0a9a70d04a254c5c812a7a3be9302bbb357fb5dcde5c77a5adc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/wp-content/cache/min/1/wp-content/themes/earthley/includes/css/earthley.css?ver=1670941416
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 18 Nov 2022 09:08:02 GMT
server
cloudflare
etag
W/"63774b72-445"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
779020ef0b549c00-FRA
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat%3Awght%40200%3B400%3B500&ver=6.0.2&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://earthley.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 01:41:22 GMT
x-content-type-options
nosniff
age
399409
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 01:41:22 GMT
cart.min.js
earthley.com/wp-content/themes/earthley/includes/js/ 		2 KB
1007 B 		Script
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-content/themes/earthley/includes/js/cart.min.js
Requested by
Host: earthley.com
URL: https://earthley.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
257010a756e8ab7c9c65fdfdbbc68a10dde55a422bfc632b50cf09e651d85f69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 23 Nov 2022 05:48:01 GMT
server
cloudflare
etag
W/"637db411-884"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
779020ef3ba79c00-FRA
lazyload.min.js
earthley.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by
Host: earthley.com
URL: https://earthley.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 03:08:13 GMT
server
cloudflare
etag
W/"637ee01d-2063"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
779020ef3bb79c00-FRA
front.js
earthley.com/wp-content/cache/min/1/wp-content/plugins/woo-product-country-base-restrictions/assets/js/ 		3 KB
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-content/cache/min/1/wp-content/plugins/woo-product-country-base-restrictions/assets/js/front.js?ver=1670941416
Requested by
Host: earthley.com
URL: https://earthley.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
800a05d6b7a6414db47887a6e565cb2be922973c4bca753862518f8c73f70879
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 13 Dec 2022 14:23:36 GMT
server
cloudflare
etag
W/"63988ae8-b6a"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
779020ef3bbb9c00-FRA
frontend-checkout.min.js
earthley.com/wp-content/plugins/woocommerce-table-rate-shipping/assets/js/ 		190 B
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-content/plugins/woocommerce-table-rate-shipping/assets/js/frontend-checkout.min.js?ver=3.1.0
Requested by
Host: earthley.com
URL: https://earthley.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a98cfd53fb371872ceef03beaed46b74a7e02d44caa34bab76913cccf0249bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 18 Nov 2022 09:08:00 GMT
server
cloudflare
etag
W/"63774b70-be"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
779020ef3bbc9c00-FRA
gtm4wp-form-move-tracker.js
earthley.com/wp-content/cache/min/1/wp-content/plugins/duracelltomi-google-tag-manager/js/ 		1 KB
400 B 		Script
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-content/cache/min/1/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1670941416
Requested by
Host: earthley.com
URL: https://earthley.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab839cf513a18a586b9781827f2399ab4dbe1e772ea852966712f1d132d1231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 13 Dec 2022 14:23:36 GMT
server
cloudflare
etag
W/"63988ae8-50a"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
779020ef3bbd9c00-FRA
sf.js
sf.bayengage.com/ 		27 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sf.bayengage.com/sf.js?t=7edf29a676de&ver=6.0.2
Requested by
Host: earthley.com
URL: https://earthley.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4bd52a9dbce7e2a44571aeea3078c1db8a653711a04112e23891e87013899117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 06:29:54 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Fri, 11 Nov 2022 11:40:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
36498
etag
"3109f2dac44527cfe67b52454b31905d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
27655
x-amz-cf-id
mFV-TaI3gLkj0ywhcLzSRPegAiltArPp4VfZ2I46987oMqJwN3r7JQ==
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-71095234-1
Requested by
Host: earthley.com
URL: https://earthley.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
24f1a2053bfad218ff1539a3e4bce38569fddaef48a121cad79c2011b1f8e272
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43590
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 13 Dec 2022 16:38:11 GMT
public.js
earthley.com/wp-content/cache/min/1/wp-content/plugins/pixelyoursite/dist/scripts/ 		46 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-content/cache/min/1/wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=1670941416
Requested by
Host: earthley.com
URL: https://earthley.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe215b4921e3640887b0cfc2c14641fecbd3c0540e44bc3c7cf829ac51bde775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 13 Dec 2022 14:23:36 GMT
server
cloudflare
etag
W/"63988ae8-b637"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
779020ef3bc09c00-FRA
js.cookie.min.js
earthley.com/wp-content/plugins/woocommerce/assets/js/js-cookie/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.0.1
Requested by
Host: earthley.com
URL: https://earthley.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 18 Nov 2022 09:08:01 GMT
server
cloudflare
etag
W/"63774b71-72a"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
779020ef3bc29c00-FRA
jquery.bind-first-0.2.3.min.js
earthley.com/wp-content/plugins/pixelyoursite/dist/scripts/ 		1 KB
774 B 		Script
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=6.0.2
Requested by
Host: earthley.com
URL: https://earthley.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 18 Nov 2022 09:08:00 GMT
server
cloudflare
etag
W/"63774b70-525"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
779020ef3bc49c00-FRA
earthley-min.js
earthley.com/wp-content/themes/earthley/includes/js/min/ 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-content/themes/earthley/includes/js/min/earthley-min.js?ver=1668762482
Requested by
Host: earthley.com
URL: https://earthley.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20f778eacbac13d809e63733eaac3449b02f979e1e01a5e5c8c3b5ae69d42137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 18 Nov 2022 09:08:02 GMT
server
cloudflare
etag
W/"63774b72-bd32"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
779020ef3bc89c00-FRA
slick-lightbox.js
earthley.com/wp-content/cache/min/1/slick-lightbox/dist/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-content/cache/min/1/slick-lightbox/dist/slick-lightbox.js?ver=1670941416
Requested by
Host: earthley.com
URL: https://earthley.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b68efd39e3a53734f9d77bc9ebc8df5da58feca07965e28d10778210aeab7e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 13 Dec 2022 14:23:36 GMT
server
cloudflare
etag
W/"63988ae8-23d7"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
779020ef3bc99c00-FRA
slick.min.js
earthley.com/wp-content/cache/min/1/npm/slick-carousel@1.8.1/slick/ 		42 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-content/cache/min/1/npm/slick-carousel@1.8.1/slick/slick.min.js?ver=1670941416
Requested by
Host: earthley.com
URL: https://earthley.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d6fcc49f0d1e0b04ac7ac2561cc91ce6ad72f242f81b3b9bd3ae30cf045b935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 13 Dec 2022 14:23:36 GMT
server
cloudflare
etag
W/"63988ae8-a76d"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
779020ef3bcd9c00-FRA
gtm4wp-woocommerce-enhanced.js
earthley.com/wp-content/cache/min/1/wp-content/plugins/duracelltomi-google-tag-manager/js/ 		29 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-content/cache/min/1/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-woocommerce-enhanced.js?ver=1670941416
Requested by
Host: earthley.com
URL: https://earthley.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1948d12316da3cc1f372bbce5329bdbf2ca054c32532aa605547e306aa8a382
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 13 Dec 2022 14:23:36 GMT
server
cloudflare
etag
W/"63988ae8-72ec"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
779020ef3bce9c00-FRA
tracking.min.js
earthley.com/wp-content/plugins/affiliate-wp/assets/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-content/plugins/affiliate-wp/assets/js/tracking.min.js?ver=2.9.8
Requested by
Host: earthley.com
URL: https://earthley.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c7bb881d50daf10495cb74da00bd5530559e1d819b85a29db561f3e93762f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 18 Nov 2022 09:07:59 GMT
server
cloudflare
etag
W/"63774b6f-1056"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
779020ef3bcf9c00-FRA
jquery.cookie.min.js
earthley.com/wp-content/plugins/woocommerce/assets/js/jquery-cookie/ 		1 KB
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-content/plugins/woocommerce/assets/js/jquery-cookie/jquery.cookie.min.js?ver=1.4.1-wc.7.0.1
Requested by
Host: earthley.com
URL: https://earthley.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fff09637c3bdbb4988240901f1ae70e3245cbc4ba4aff028fb1053c7064b0c6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 18 Nov 2022 09:08:01 GMT
server
cloudflare
etag
W/"63774b71-570"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
779020ef3bd09c00-FRA
jquery.min.js
earthley.com/wp-content/cache/min/1/ajax/libs/jquery/1.12.4/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-content/cache/min/1/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1670941416
Requested by
Host: earthley.com
URL: https://earthley.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ffffc1d8eba971457e39deffb10cbe028aa49e6898f67d4c933b71778a8b39e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 13 Dec 2022 14:23:36 GMT
server
cloudflare
etag
W/"63988ae8-17b85"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
779020ef3bd19c00-FRA
our-ingredients.jpg
earthley.com/wp-content/themes/earthley/images/dev/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://earthley.com/wp-content/themes/earthley/images/dev/our-ingredients.jpg
Requested by
Host: earthley.com
URL: https://earthley.com/wp-content/cache/min/1/wp-content/themes/earthley/includes/css/earthley.css?ver=1670941416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0ee54c5c200f4179e8c4e5551fdb714ea19bf195d189bd8e5a6c9c322abd742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/wp-content/cache/min/1/wp-content/themes/earthley/includes/css/earthley.css?ver=1670941416
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=81979
content-disposition
inline; filename="our-ingredients.webp"
content-length
5850
cf-bgj
imgq:85,h2pri
last-modified
Fri, 18 Nov 2022 09:08:02 GMT
server
cloudflare
etag
"63774b72-1403b"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
779020f06e7a9c00-FRA
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGF6NNB
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 13 Dec 2022 16:38:10 GMT
last-modified
Mon, 05 Dec 2022 17:15:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9BAF7ACF38114DDBB114F63AA7E96A63 Ref B: FRA31EDGE0720 Ref C: 2022-12-13T16:38:11Z
etag
"027e538cd8d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11460
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/659068233/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/659068233/?random=1670949491278&cv=11&fst=1670949491278&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fearthley.com%2Fref%2FTheAvonMan%2F&auid=894364414.1670949491&uaw=0&data=ecomm_pagetype%3Dhome%3Becomm_totalvalue%3D0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGF6NNB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
583237bf5ca786eccc773ce57669a824d491dfbec95de27ef1b132da725a6169
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:38:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
881
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGF6NNB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Dec 2022 15:15:46 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
4945
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 13 Dec 2022 17:15:46 GMT
dtag.js
cdn.attn.tv/earthley/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.attn.tv/earthley/dtag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGF6NNB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7a00:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba7e52e5df6c10041655cf4cedc157112a9ad0e15e283098853e5f783231e874

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
U.ez5VCt9WxTBYUIvbS_xZ.KqfQtcoIt
content-encoding
gzip
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
date
Tue, 13 Dec 2022 16:38:13 GMT
last-modified
Thu, 13 Oct 2022 18:54:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
W/"44270af2e360a8ef5bca31d8587c0072"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
public, max-age=120
x-amz-replication-status
COMPLETED
x-amz-cf-id
xdHPtG1RhOq7KoCHV-Y4ZHyKfwbY_TtK3Y6lSUtvuB3QYaVqjm-EmA==
js
www.googletagmanager.com/gtag/ 		216 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GQ0XH5LPYB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGF6NNB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
da68124b0af9ffcdf459071716b6d6aae6b9fceaa275d8f604a23746e92e6332
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76846
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 13 Dec 2022 16:38:11 GMT
collect
region1.analytics.google.com/g/ 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-GQ0XH5LPYB&gtm=2oebu0&_p=925122475&_gaz=1&cid=619192876.1670949491&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670949491&sct=1&seg=0&dl=https%3A%2F%2Fearthley.com%2Fref%2FTheAvonMan%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GQ0XH5LPYB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:38:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://earthley.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GQ0XH5LPYB&cid=619192876.1670949491&gtm=2oebu0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GQ0XH5LPYB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:38:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://earthley.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GQ0XH5LPYB&cid=619192876.1670949491&gtm=2oebu0&aip=1&z=1981721547
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:38:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-71095234-1&cid=619192876.1670949491&jid=2144485901&gjid=350609864&_gid=121525009.1670949491&_u=YCDAgEABAAAAAEAAI~&z=1179013722
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://earthley.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 13 Dec 2022 16:38:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://earthley.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=925122475&t=pageview&_s=1&dl=https%3A%2F%2Fearthley.com%2Fref%2FTheAvonMan%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAAAAI~&jid=2144485901&gjid=350609864&cid=619192876.1670949491&tid=UA-71095234-1&_gid=121525009.1670949491&gtm=2wgbu0TGF6NNB&z=934717649
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 19:43:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
75275
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
56302617.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/56302617.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 13 Dec 2022 16:38:10 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E802423074864E5294EC7F88F6454F79 Ref B: FRA31EDGE0720 Ref C: 2022-12-13T16:38:11Z
x-cache
CONFIG_NOCACHE
/
www.google.com/pagead/1p-user-list/659068233/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/659068233/?random=1670949491278&cv=11&fst=1670947200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fearthley.com%2Fref%2FTheAvonMan%2F&data=ecomm_pagetype%3Dhome%3Becomm_totalvalue%3D0&fmt=3&is_vtc=1&random=690453689&rmt_tld=0&ipr=y
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:38:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/659068233/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/659068233/?random=1670949491278&cv=11&fst=1670947200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fearthley.com%2Fref%2FTheAvonMan%2F&data=ecomm_pagetype%3Dhome%3Becomm_totalvalue%3D0&fmt=3&is_vtc=1&random=690453689&rmt_tld=1&ipr=y
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:38:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-71095234-1&cid=619192876.1670949491&jid=2144485901&_u=YCDAgEABAAAAAEAAI~&z=1396397315
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:38:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-71095234-1&cid=619192876.1670949491&jid=2144485901&_u=YCDAgEABAAAAAEAAI~&z=1396397315
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:38:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2841CVMU8Q03RAIAS7G&lib=ttq
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-153.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0b39cabfd671f079648c2914d24f065fc9931a7fb59b535ebada719000924b8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-akamai-request-id
bc4bce56.84eb1524
date
Tue, 13 Dec 2022 16:38:13 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-153.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time
94,23.36.161.153
server-timing
cdn-cache; desc=MISS, edge; dur=89, origin; dur=5, inner; dur=3
content-length
1108
pragma
no-cache
server
nginx
x-tt-logid
20221213163812FB7A0287A54A402D361F
x-cache-remote
TCP_MISS from a23-220-104-26.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
5,23.220.104.26
x-tt-trace-host
01b5611c10e67fd7b62b972475fb95eb1e885fba9d4774eb2b20146633d69f59efa95f5ccd1c5a1c4d1100d6319f9873b1118911ac5123c7618308e8a0154b9854572800109c0b79be18d904491f6f4e0a2d1068534be2a342805073cc11060afc
expires
Tue, 13 Dec 2022 16:38:13 GMT
gtm.js
www.googletagmanager.com/ 		233 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TGF6NNB&l=beaconLayer
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
77c92a91cc051d6c20f7983a3acfeafaec1bed4d74c95516cdc6894691a3fa33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83957
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 13 Dec 2022 16:38:12 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-71095234-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGF6NNB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8c918358059ae78aed4be7500c5da3880c5052c27acf400e872b3b7a1bce7257
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43594
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 13 Dec 2022 16:38:12 GMT
asset_composer.js
static.zdassets.com/ekr/
Redirect Chain
  • https://v2.zopim.com/?3gjxF0HKFjqXRFX6Wje13hS03wOl0YQA
  • https://static.zdassets.com/ekr/asset_composer.js
23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/asset_composer.js
Protocol
H2
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:13 GMT
x-amz-version-id
57KHzv0Z81imwMa0XxScJAmcLiHhq1Ku
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
KCM77DDQVGEDQ38T
age
46
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
XftthlYlyLzycWuL0vAgrfZ3A0o6DKWAJ/d4P6ydSt49qAWVT8QsJEKarr/XA7hqtwOFCUZ8DOY=
last-modified
Thu, 28 Jul 2022 23:44:02 GMT
server
cloudflare
etag
W/"5cae6ce528dce0c327b2bcbaad459fdb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMoVrdXJQliDPmirly7m4gn4dJ6FiODOIo0RcUZ77AU2sQ607OmC4HpAGjFHfRDabP4Z4MQpjL1iaRhT5b2nUf6FmuRLGg3By%2FIjoYfSt3v0X52eFdce2iF1Vnivl4kPLAvD2mM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
cf-ray
779020fb5bad9b2b-FRA

Redirect headers

location
https://static.zdassets.com/ekr/asset_composer.js
date
Tue, 13 Dec 2022 16:38:12 GMT
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server
cloudflare
cf-ray
779020fa1f96bbf5-FRA
vary
Accept-Encoding
expires
Thu, 01 Jan 1970 00:00:01 GMT
fetch
sfc-api.bayengage.com/ 		112 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sfc-api.bayengage.com/fetch?t=7edf29a676de
Requested by
Host: sf.bayengage.com
URL: https://sf.bayengage.com/sf.js?t=7edf29a676de&ver=6.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-11.fra56.r.cloudfront.net
Software
/
Resource Hash
24b335f07e996e5e6473ebae86963963708d932f5b1838b31bc741ec05cbcaab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:36:44 GMT
content-encoding
br
via
1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
87
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
date,x-api-id
x-amz-cf-id
_O-7U0vXeNRAJgkXdZkmkz22OiqS6Y7HDFj9pXYHN1kT4wFi8m8YaQ==
apigw-requestid
dF-EjgIQoAMEacg=
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=925122475&t=pageview&_s=1&dl=https%3A%2F%2Fearthley.com%2Fref%2FTheAvonMan%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUABAAAAAGAAI~&jid=2034584105&gjid=1936111476&cid=619192876.1670949491&tid=UA-71095234-1&_gid=121525009.1670949491&_r=1&gtm=2oubu0&z=1468277325
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://earthley.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:38:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://earthley.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-71095234-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Dec 2022 15:15:46 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
4946
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 13 Dec 2022 17:15:46 GMT
css
fonts.googleapis.com/ Frame 95C5 		1 KB
396 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: sf.bayengage.com
URL: https://sf.bayengage.com/sf.js?t=7edf29a676de&ver=6.0.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Dec 2022 16:38:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 14:56:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Dec 2022 16:38:13 GMT
AdobeStock_269636595.jpg
img.bayengage.com/7edf29a676de/studio/34090/ Frame 95C5 		223 KB
223 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.bayengage.com/7edf29a676de/studio/34090/AdobeStock_269636595.jpg
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-41.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02c4f258088c4fb676db6ddc6ec404da886f2bfa133c2a232c36cd249eb3fd73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 15:37:53 GMT
x-amz-version-id
null
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 22:26:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
262821
etag
"6536d9d1c9fab789ace7c4ba611663f2"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
228059
x-amz-cf-id
kF0OwTQ2izEXbRNa7xU4qGbxRXpXYdud2WO3f8dXSE9h6FE7ckXa4A==
AdobeStock_213647358.jpg
img.bayengage.com/7edf29a676de/studio/34102/ Frame D6E2 		202 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.bayengage.com/7edf29a676de/studio/34102/AdobeStock_213647358.jpg
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-41.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
171af32144ec6406ff6bb8fc1f9e3c5f19545306b196824de0a683f9cbfd7875

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 07:41:18 GMT
x-amz-version-id
null
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 22:46:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
464215
etag
"68a67ed86a3fc34a06eff79d50389a90"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
206480
x-amz-cf-id
Ya8zi2sA17EpCIvKsWGwiD5HPCnMLBnqtBFnaeT4_kYLhKfI0e4HOA==
chicken-mushroom-ravioli.jpg
img.bayengage.com/7edf29a676de/studio/36756/ Frame D042 		337 KB
337 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.bayengage.com/7edf29a676de/studio/36756/chicken-mushroom-ravioli.jpg
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-41.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8da1ab11d79347d9fae5f7b00548fc1838f410dc773121bc14a065517e9a598

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 15:37:53 GMT
x-amz-version-id
null
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
last-modified
Wed, 26 Oct 2022 20:49:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
262821
etag
"da101e450041a88619d97f04776a053a"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
344699
x-amz-cf-id
FJ3G-j_S8LxuYYfBShxQInpag3O9hx8Du6Y-MMg7N9qioRlprTpgYw==
1668625883375-92725.jpg
img.bayengage.com/assets/ Frame AAF7 		118 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.bayengage.com/assets/1668625883375-92725.jpg
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-41.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9d35fa1940f10733d2b12a3f9bf8646fe2a8b2f766fe2b8c48d3c2b48aa76ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 12 Dec 2022 19:30:13 GMT
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
last-modified
Wed, 16 Nov 2022 19:11:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
76081
etag
"aa1d4a62a919329cdff4e3fff2139d05"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
120380
x-amz-cf-id
Ofsfni9sRv5q7mvYapBWpL3xSiYmoxrHxGHrOSjKZKuZ5u3sa-g6PQ==
Fearless-Healthy-Living-copy-8.png
img.bayengage.com/7edf29a676de/studio/41794/ Frame C688 		758 KB
759 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.bayengage.com/7edf29a676de/studio/41794/Fearless-Healthy-Living-copy-8.png
Requested by
Host: earthley.com
URL: https://earthley.com/ref/TheAvonMan/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-41.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87225fc0d957010b626c8fda930f28b3dbec7b6d7fb6f0ae6c2106ed55b884d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 07:41:18 GMT
x-amz-version-id
null
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 00:15:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
464215
etag
"09a0d3fa34c9db913f8dafcba003cd7f"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
776399
x-amz-cf-id
x8IiTOFakIkU3ppe81qYnj3Kf38n7Z7wGotNWT3ilN70JnVCL5Yj_g==
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-71095234-1&cid=619192876.1670949491&jid=2034584105&gjid=1936111476&_gid=121525009.1670949491&_u=aCDAAUABAAAAAGAAI~&z=1374003895
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://earthley.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 13 Dec 2022 16:38:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://earthley.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
unified-tag.js
cdn.attn.tv/tag/4-latest/ 		90 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_263507365a
Requested by
Host: cdn.attn.tv
URL: https://cdn.attn.tv/earthley/dtag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7a00:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0177213eb6447275ba23515febe55c90146c142de5e70d2eef3c4377c214d3f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
XhvFjTqx0Y_xmKwQwd5qshBNgl77CBQG
content-encoding
gzip
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
date
Tue, 13 Dec 2022 16:38:00 GMT
last-modified
Tue, 13 Dec 2022 15:24:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
13
etag
W/"d742c3223a6aa67f4011ed7335d33e37"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=300
x-amz-replication-status
COMPLETED
x-amz-cf-id
oOhKxYiVDr0Q7Ah0LiJPd5iOqDf1Ts3iREosEUcwh-sCdQxC_Wfa-w==
admin-ajax.php
earthley.com/wp-admin/ 		57 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-admin/admin-ajax.php
Requested by
Host: earthley.com
URL: https://earthley.com/wp-content/cache/min/1/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1670941416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72445d1c7f7381d0d3432dbc1a845ae2c52bf65cf01bc91d1609b7f042044913
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept
*/*
Referer
https://earthley.com/ref/TheAvonMan/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 13 Dec 2022 16:38:13 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://earthley.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
cf-ray
779020fb4d189c00-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
vesst-arrow.svg
earthley.com/wp-content/themes/earthley/images/ 		1 KB
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://earthley.com/wp-content/themes/earthley/images/vesst-arrow.svg
Requested by
Host: earthley.com
URL: https://earthley.com/wp-content/cache/min/1/wp-content/themes/earthley/includes/css/earthley.css?ver=1670941416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4afd1ededc2729eb6a2491db8eb9dbcc5f91623d1c4a7ce4709fd23e520fc5d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/wp-content/cache/min/1/wp-content/themes/earthley/includes/css/earthley.css?ver=1670941416
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 18 Nov 2022 09:08:02 GMT
server
cloudflare
etag
W/"63774b72-444"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
779020fb4d1b9c00-FRA
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: earthley.com
URL: https://earthley.com/wp-content/cache/min/1/wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=1670941416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
712d764046bbcaae7b93ad4bc8adaf8536a1d0ecec35d046abe05d9d5738af2e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 13 Dec 2022 16:38:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27316
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
sGeufy0pKn1k/v9YcHFDD2euYgsDkSitHioKryoTDseBkIxfOZ9j9le8BO0K4Y8XLLTBls22G9cpny8eibidOw==
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
ajax-loader.gif
mreq.github.io/slick-lightbox/gh-pages/bower_components/slick-carousel/slick/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mreq.github.io/slick-lightbox/gh-pages/bower_components/slick-carousel/slick/ajax-loader.gif
Requested by
Host: earthley.com
URL: https://earthley.com/wp-content/cache/min/1/slick-lightbox/gh-pages/bower_components/slick-carousel/slick/slick-theme.css?ver=1670941416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-fastly-request-id
b62c3a3f39813687a13e642b983b3f099f0aeced
date
Tue, 13 Dec 2022 16:38:13 GMT
via
1.1 varnish
x-cache-hits
1
age
143
x-cache
HIT
x-proxy-cache
MISS
content-length
4178
x-served-by
cache-hhn-etou8220069-HHN
last-modified
Tue, 10 Oct 2017 19:26:00 GMT
server
GitHub.com
x-github-request-id
B01E:0D46:5647D4:740E94:6391738B
x-timer
S1670949493.126311,VS0,VE2
etag
"59dd1ec8-1052"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Thu, 08 Dec 2022 05:28:04 GMT
cart
earthley.com/wp-json/wc/store/v1/ 		978 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-json/wc/store/v1/cart
Requested by
Host: earthley.com
URL: https://earthley.com/wp-content/cache/min/1/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1670941416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59f4703349d66c29ad2e2f2d1d893267d7bd4690cb448a104bbfef07f8768ca4
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://earthley.com/ref/TheAvonMan/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

user-id
0
date
Tue, 13 Dec 2022 16:38:13 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
nonce
60e8f8b89d
cf-cache-status
DYNAMIC
x-wc-store-api-nonce
60e8f8b89d
x-wp-doingitwrong
shipping_state (since 3.0; Customer properties should not be accessed directly. Backtrace: require('wp-blog-header.php'), wp, WP->main, WP->parse_request, do_action_ref_array('parse_request'), WP_Hook->do_action, WP_Hook->apply_filters, rest_api_loaded, WP_REST_Server->serve_request, WP_REST_Server->dispatch, WP_REST_Server->respond_to_request, Automattic\WooCommerce\StoreApi\Routes\V1\AbstractCartRoute->get_response, Automattic\WooCommerce\StoreApi\Routes\V1\AbstractCartRoute->calculate_totals, WC_Cart->calculate_fees, do_action('woocommerce_cart_calculate_fees'), WP_Hook->do_action, WP_Hook->apply_filters, colorado_rdf_fee, WC_Legacy_Customer->__get, wc_doing_it_wrong)
x-wp-deprecatedfunction
get_discounts_before_tax (since 2.3; use get_total_discount instead)
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
allow
GET
content-type
application/json; charset=UTF-8
nonce-timestamp
1670949493
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
no-store, no-cache, must-revalidate
x-frame-options
SAMEORIGIN
x-robots-tag
noindex
link
<https://earthley.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray
779020fb7d699c00-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
arrow-right.svg
earthley.com/wp-content/themes/earthley/images/ 		563 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://earthley.com/wp-content/themes/earthley/images/arrow-right.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3222fcb8cfb00e24f60c44204f71dbfb06212b92792d5c9b25adf7a53bfe7b2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 18 Nov 2022 09:08:02 GMT
server
cloudflare
etag
W/"63774b72-233"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
779020fb7d6f9c00-FRA
deo..831A1415-600x600.jpg
earthley.com/wp-content/uploads/2017/11/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://earthley.com/wp-content/uploads/2017/11/deo..831A1415-600x600.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd75705e34e1d047532b6692e2fc9c6b4001ba866d31f375346ad1fa3ccc6469
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:13 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=18535
content-disposition
inline; filename="deo.webp"
content-length
14376
cf-bgj
imgq:85,h2pri
last-modified
Fri, 18 Nov 2022 11:13:39 GMT
server
cloudflare
etag
"637768e3-4867"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
779020fb9db99c00-FRA
Skin.care_.831A9829-600x600.jpg
earthley.com/wp-content/uploads/2018/10/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://earthley.com/wp-content/uploads/2018/10/Skin.care_.831A9829-600x600.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
164cd084074717d1d0771fd0fc42ffa81e7bc3c93ca1aa55973941ee1cd9e99e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:13 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=27948
content-disposition
inline; filename="Skin.webp"
content-length
23338
cf-bgj
imgq:85,h2pri
last-modified
Fri, 18 Nov 2022 11:24:18 GMT
server
cloudflare
etag
"63776b62-6d2c"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
779020fbde449c00-FRA
stock.mineral.deodorant.vanilla.bean_.831A4218-600x600.jpg
earthley.com/wp-content/uploads/2016/11/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://earthley.com/wp-content/uploads/2016/11/stock.mineral.deodorant.vanilla.bean_.831A4218-600x600.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1997726a76fc9de8c36762df3016cf6a03c221d24571a5c13dd3eddd4e8b85d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:13 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=21448
content-disposition
inline; filename="stock.webp"
content-length
17266
cf-bgj
imgq:85,h2pri
last-modified
Fri, 18 Nov 2022 10:53:43 GMT
server
cloudflare
etag
"63776437-53c8"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
779020fc7fa59c00-FRA
gnl.s.831A1410-600x600.jpg
earthley.com/wp-content/uploads/2016/10/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://earthley.com/wp-content/uploads/2016/10/gnl.s.831A1410-600x600.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8026e0fb4e8af4f3a81c9914dd7b4c2da991b65a8957738134317083a3f80c12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:13 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=18369
content-disposition
inline; filename="gnl.webp"
content-length
14184
cf-bgj
imgq:85,h2pri
last-modified
Fri, 18 Nov 2022 10:50:48 GMT
server
cloudflare
etag
"63776388-47c1"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
779020fca81c9c00-FRA
earthley-logo.svg
earthley.com/wp-content/themes/earthley/images/ 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://earthley.com/wp-content/themes/earthley/images/earthley-logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5daf45425cea64537063f5713fbc0f5d903d008478de8b43ed6b5a6798ea1160
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 18 Nov 2022 09:08:02 GMT
server
cloudflare
etag
W/"63774b72-23fa"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
779020fcd8779c00-FRA
earthley-search.svg
earthley.com/wp-content/themes/earthley/images/ 		1 KB
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://earthley.com/wp-content/themes/earthley/images/earthley-search.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64b23cc9606288a79a9c37a6d0c3ec3962d47e98911f32994103d519e88a25a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 18 Nov 2022 09:08:02 GMT
server
cloudflare
etag
W/"63774b72-450"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
779020fd9a119c00-FRA
earthley-welcome-line.svg
earthley.com/wp-content/themes/earthley/images/ 		314 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://earthley.com/wp-content/themes/earthley/images/earthley-welcome-line.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58933895dec141c2b970cff0aab2def9ce591b7f42de608ef052d70d2f106c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 18 Nov 2022 09:08:02 GMT
server
cloudflare
etag
W/"63774b72-13a"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
779020fdaa3e9c00-FRA
brooke-lark-182428-unsplash.jpg
earthley.com/wp-content/themes/earthley/images/dev/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://earthley.com/wp-content/themes/earthley/images/dev/brooke-lark-182428-unsplash.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53142b5a41ab9c6dff2525e81cd94c6ccca88fd7b8be87945c2f1e66dd545bbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:13 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Fri, 18 Nov 2022 09:08:02 GMT
server
cloudflare
cf-polished
degrade=85, origSize=375436, status=webp_bigger
etag
"63774b72-5ba8c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
779020fdca8e9c00-FRA
content-length
68310
earthley-leaf.svg
earthley.com/wp-content/themes/earthley/images/ 		16 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://earthley.com/wp-content/themes/earthley/images/earthley-leaf.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba5eb9ef259e65719d9785c9699378230097abc190b93c89411a65e7c4cd3e76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 18 Nov 2022 09:08:02 GMT
server
cloudflare
etag
W/"63774b72-4119"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
779020fe1b3f9c00-FRA
earthley-leaf-welcome.svg
earthley.com/wp-content/themes/earthley/images/ 		526 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://earthley.com/wp-content/themes/earthley/images/earthley-leaf-welcome.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cd60167ed6b446af16b6b76faadba06bf162673a49ebf6255856e6b4e3235b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 18 Nov 2022 09:08:02 GMT
server
cloudflare
etag
W/"63774b72-83655"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
779020feaca89c00-FRA
earthley-favorite-leaf.svg
earthley.com/wp-content/themes/earthley/images/ 		975 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://earthley.com/wp-content/themes/earthley/images/earthley-favorite-leaf.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b70883a7c1ab84803043878ade80dd4f7c299930cb9232da88c5ac74d034457c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/ref/TheAvonMan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 18 Nov 2022 09:08:02 GMT
server
cloudflare
etag
W/"63774b72-f3d25"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
779020febcbc9c00-FRA
0
bat.bing.com/action/ 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=56302617&tm=gtm002&Ver=2&mid=a815eaa3-6ab2-4b1d-8824-507c0fdd92c8&sid=8932faa07b0411edb3253f55ebb2d109&vid=8932e1107b0411edac9d1f6e82bd14fa&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fearthley.com%2Fref%2FTheAvonMan%2F&r=&lt=2423&evt=pageLoad&sv=1&rn=511365
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 13 Dec 2022 16:38:12 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 75EF41D412304094A13ACC974B278199 Ref B: FRA31EDGE0720 Ref C: 2022-12-13T16:38:13Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.MWI5ZjkwYWMwMA.js
analytics.tiktok.com/i18n/pixel/static/ 		234 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWI5ZjkwYWMwMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2841CVMU8Q03RAIAS7G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-153.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ee3a94394da6a061c63b8c4333b600ce2720480a2ab8a80b3df720b2294deaf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-akamai-request-id
84eb17dc
date
Tue, 13 Dec 2022 16:38:13 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20221213140521D0079E63DF635926CAA5
vary
Accept-Encoding
x-cache
TCP_HIT from a23-36-161-153.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01a07a25d72e61be0cb8906fcf3ef2c9317a6e8ccd35f4d1948b06c8627f4422a7d0e6580309d88987d1ec756d5589d63d80166dd6effc46b9308ce1de246d348df4a3fcbedbe965d1f8f4326ae71b89c4
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
66495
tpc
events.attentivemobile.com/ 		0
628 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.attentivemobile.com/tpc
Requested by
Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_263507365a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://earthley.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 13 Dec 2022 16:38:13 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
6
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
DENY
content-type
image/png
access-control-expose-headers
Set-Cookie, X-Count, X-Token
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
779020fcfb5c9159-FRA
/
earthley.attn.tv/d/ 		5 B
276 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://earthley.attn.tv/d/?attn_vid=3a24384a1c13453ba6bd4118ace47a4f
Requested by
Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_263507365a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:13 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
application/json
access-control-allow-origin
*
x-envoy-upstream-service-time
5
cf-ray
779020fc5c5fbbc2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
e
events.attentivemobile.com/ 		0
179 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.attentivemobile.com/e?v=4.16.23_7a29a1b3dc&pd=https%3A%2F%2Fearthley.com%2Fref%2FTheAvonMan%2F&u=3a24384a1c13453ba6bd4118ace47a4f&c=earthley&ceid=c0s&lt=1670949493041&tag=modern&cs=143540180&t=v&r=&m=%7B%22source%22%3A%22a%22%7D&cb=1670949493046
Requested by
Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_263507365a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/plain;charset=UTF-8
x-envoy-upstream-service-time
3
cf-ray
779020fcfb669159-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
earthley.attn.tv.js
cdn.attn.tv/growth-tag-assets/client-configs/ 		0
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.attn.tv/growth-tag-assets/client-configs/earthley.attn.tv.js
Requested by
Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_263507365a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7a00:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
kGJjc2HxNgGNuk_7UqP1h9o.liqWLb8I
content-encoding
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
date
Tue, 13 Dec 2022 11:54:58 GMT
last-modified
Mon, 17 Dec 2018 20:59:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
17060
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
0
x-amz-cf-id
lTOZeAcNRx9asXiOuY7itNliHJKC2DB8YBIc-PeN7Gs0X9LCs4ytMg==
3gjxF0HKFjqXRFX6Wje13hS03wOl0YQA
ekr.zdassets.com/compose/zopim_chat/ 		193 B
995 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/zopim_chat/3gjxF0HKFjqXRFX6Wje13hS03wOl0YQA
Requested by
Host: v2.zopim.com
URL: https://v2.zopim.com/?3gjxF0HKFjqXRFX6Wje13hS03wOl0YQA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
954be284f9094990d36d30daf96149a1a78b580c7df9e3f4d0a4aa83d7f34fe9
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:13 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
status
200 OK
x-xss-protection
1; mode=block
x-request-id
778104292b259b39-SEA, 778104292b259b39-SEA
x-runtime
0.005529
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"954be284f9094990d36d30daf96149a1"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WY8fFq5vIVhzaDx7oBP1iYEzBUpPGUXls5LZk8WnFBEGQcSNvHhp5TfRrKV4F4LfDaDaj00O1coLrOU%2FwmvvRg5MDfRpEGeXucbAYD2Mf4IPI27zHjFQ%2BKBu7fuxezxMVMI%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
vary
Origin, Accept-Encoding
cf-ray
779020fc6f33695b-FRA
admin-ajax.php
earthley.com/wp-admin/ 		0
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-admin/admin-ajax.php
Requested by
Host: earthley.com
URL: https://earthley.com/wp-content/cache/min/1/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1670941416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept
*/*
Cache-Control
no-cache
Referer
https://earthley.com/ref/TheAvonMan/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 13 Dec 2022 16:38:13 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://earthley.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
cf-ray
779020fbfe979c00-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-71095234-1&cid=619192876.1670949491&jid=2034584105&_u=aCDAAUABAAAAAGAAI~&z=758095391
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:38:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-71095234-1&cid=619192876.1670949491&jid=2034584105&_u=aCDAAUABAAAAAGAAI~&z=758095391
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:38:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify_a213e.js
analytics.tiktok.com/i18n/pixel/static/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_a213e.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI5ZjkwYWMwMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-153.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-akamai-request-id
84eb1a04
date
Tue, 13 Dec 2022 16:38:13 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202212131405225ED1CA70CC29A12A5B40
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-36-161-153.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
013bd3a6fda2045faf954495bfcba38e9e81cd89150bc87ccc6445fbff31f2cb070e9c4ee3699418952921aa35376150f79b3fc7edba8005edc54b06684644e9b5620db74024c14c51c9d78346671f2542
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length
30751
pixel
analytics.tiktok.com/api/v2/ 		0
692 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI5ZjkwYWMwMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-153.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://earthley.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
14daf837.84eb1acb
date
Tue, 13 Dec 2022 16:38:13 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-153.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time
102,23.36.161.153
server-timing
cdn-cache; desc=MISS, edge; dur=86, origin; dur=20, inner; dur=13
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202212131638133CB7092A8FEB292E9566
x-cache-remote
TCP_MISS from a23-221-225-190.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
20,23.221.225.190
x-tt-trace-host
01b5611c10e67fd7b62b972475fb95eb1e885fba9d4774eb2b20146633d69f59efc6ebceba564bc538c8d63a754574802e0af158a4b4462ac9af1153a5b784b5e1d28a231aeea24c8fbef01545124cacf68939bc9b52168d3d8049e8ce79a37045
expires
Tue, 13 Dec 2022 16:38:13 GMT
617122732347119
connect.facebook.net/signals/config/ 		294 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/617122732347119?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
28f83d0b8965a81ea2a42049b39363304cb1c39ed76b00acddab0bc8606b2e43
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 13 Dec 2022 16:38:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
0D1RSzPXh4l0fmGWD8c7+q7YJ7oGglFUoAkKNnIMqh2VSJWqajOr4fVlXnILofTlFY8zHWmDzePCSaKZzRir2Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
widget_v2.334.js
v2.zopim.com/bin/v/
Redirect Chain
  • https://v2.zopim.com/w?3gjxF0HKFjqXRFX6Wje13hS03wOl0YQA
  • https://v2.zopim.com/bin/v/widget_v2.334.js
1 MB
244 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v2.zopim.com/bin/v/widget_v2.334.js
Protocol
H2
Server
104.16.105.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4f2b366facc90cfc4a0b906f6940a869316cf45d690012613a5ad812b24bda1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:38:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 27 Jul 2022 03:35:19 GMT
server
cloudflare
age
48851
etag
W/"62e0b277-10301f"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=315360000
cf-ray
779020fe2870bbf5-FRA
expires
Fri, 10 Dec 2032 16:38:13 GMT

Redirect headers

date
Tue, 13 Dec 2022 16:38:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
etag
"62e9bace-0"
content-type
application/octet-stream
location
https://v2.zopim.com/bin/v/widget_v2.334.js
cache-control
max-age=14400, max-age=14400, public, must-revalidate, proxy-revalidate
cf-ray
779020fddfbebbf5-FRA
content-length
0
expires
Tue, 13 Dec 2022 20:38:13 GMT
admin-ajax.php
earthley.com/wp-admin/ 		7 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://earthley.com/wp-admin/admin-ajax.php
Requested by
Host: earthley.com
URL: https://earthley.com/wp-content/cache/min/1/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1670941416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
888486bbdc107458b4d7f5093eae3cce3317c01f8dda76d1c0b7d14ad376fe31
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept
*/*
Referer
https://earthley.com/ref/TheAvonMan/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 13 Dec 2022 16:38:13 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://earthley.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
cf-ray
779020fe1b489c00-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
unrenderedCreative
earthley.attn.tv/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://earthley.attn.tv/unrenderedCreative?v=4.16.23&r=&id=3a24384a1c13453ba6bd4118ace47a4f&pv=1&l=https%3A%2F%2Fearthley.com%2Fref%2FTheAvonMan%2F&w=1600&h=1200&ss_ref=ORGANIC&m=marketing&m=live-sms
Requested by
Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_263507365a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://earthley.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 13 Dec 2022 16:38:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
14
cf-ray
779020fe4935bbc2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=617122732347119&ev=PageView&dl=https%3A%2F%2Fearthley.com%2Fref%2FTheAvonMan%2F&rl=&if=false&ts=1670949493603&cd[page_title]=Home&cd[post_type]=page&cd[post_id]=5&cd[plugin]=PixelYourSite&cd[user_role]=guest&cd[event_url]=earthley.com%2Fref%2FTheAvonMan%2F&sw=1600&sh=1200&v=2.9.89&r=stable&a=dvpixelyoursite&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%222761758730800060%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%221856237187904289%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22529297195449764%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22377661920871082%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1670949492998.1512921910&it=1670949493211&coo=false&eid=1MT8P7v48t4TyuGYfXUo1zhf0CZ1LU6J7FNC&exp=a1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 13 Dec 2022 16:38:13 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
truncated
/ Frame CA4B 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2d83ad40a286051bd88ec3207cfeccf2e94ad85e777d9fe84708256f37ace14

Request headers

Referer
Origin
https://earthley.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
application/font-woff
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=617122732347119&ev=Microdata&dl=https%3A%2F%2Fearthley.com%2Fref%2FTheAvonMan%2F&rl=&if=false&ts=1670949495107&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&a=dvpixelyoursite&ec=1&o=30&fbp=fb.1.1670949492998.1512921910&it=1670949493211&coo=false&es=automatic&tm=3&exp=a0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://earthley.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 13 Dec 2022 16:38:15 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| oncontentvisibilityautostatechange string| gtm4wp_datalayer_name object| dataLayer object| dataLayer_content object| __cfQR object| google_tag_manager object| google_tag_data object| GooglebQhCsO string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData function| UET function| UET_init function| UET_push object| ueto_4fdbb0edbc object| uetq boolean| __attnLoaded object| attn_d0x0b_evt object| attentive string| __attentive_domain object| __attentive function| $ function| jQuery object| affwp_scripts object| affwp_debug_vars function| gtm4wp_map_eec_to_ga4 function| gtm4wp_handle_cart_qty_change function| gtm4wp_handle_payment_method_change function| gtm4wp_handle_shipping_method_change function| gtm4wp_process_woocommerce_pages function| gtm4wp_page_loading_completed boolean| gtm4wp_changedetail_fired_during_pageload boolean| gtm4wp_is_cart boolean| gtm4wp_is_checkout object| gtm4wp_checkout_step_fired number| gtm4wp_shipping_payment_method_step_offset string| gtm4wp_first_container_id object| Modernizr function| Cookies object| pysOptions function| pys_generate_token function| getBundlePriceOnSingleProduct function| getPixelBySlag function| getUrlParameter object| pys object| AFFWP string| TiktokAnalyticsObject object| ttq object| beaconLayer function| gtag function| $zopim object| bayengage function| loadContent function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| cbr_ajax_object function| setCountryCookie function| set_customer_country_on_checkout function| setCookie function| set_customer_country_on_checkout_without_reload object| lazyLoadOptions function| LazyLoad boolean| __cfRLUnblockHandlers object| __attentive_cfg boolean| __poll_for_path_change string| attn_d0x0b_cfg object| jQuery112402820689796523117 function| fbq function| _fbq number| timeoutDelay object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy function| __accessCheck function| __privateGet function| __privateAdd function| __privateSet object| zEWebpackACJsonp function| zE function| zEmbed object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly boolean| zEACLoaded string| __$z_results string| __$z_innerText

34 Cookies

Domain/Path Name / Value
.earthley.com/ Name: _gcl_au
Value: 1.1.894364414.1670949491
.earthley.com/ Name: _ga_GQ0XH5LPYB
Value: GS1.1.1670949491.1.0.1670949491.60.0.0
.earthley.com/ Name: _ga
Value: GA1.2.619192876.1670949491
.earthley.com/ Name: _gid
Value: GA1.2.121525009.1670949491
.earthley.com/ Name: _dc_gtm_UA-71095234-1
Value: 1
.bing.com/ Name: MUID
Value: 200A895D91B4645113239B24901865CE
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
earthley.com/ Name: pys_session_limit
Value: true
earthley.com/ Name: pys_start_session
Value: true
.earthley.com/ Name: _gat_gtag_UA_71095234_1
Value: 1
earthley.com/ Name: pys_first_visit
Value: true
earthley.com/ Name: pysTrafficSource
Value: direct
earthley.com/ Name: pys_landing_page
Value: https://earthley.com/ref/TheAvonMan/
earthley.com/ Name: last_pysTrafficSource
Value: direct
earthley.com/ Name: last_pys_landing_page
Value: https://earthley.com/ref/TheAvonMan/
.earthley.com/ Name: _uetsid
Value: 8932faa07b0411edb3253f55ebb2d109
.earthley.com/ Name: _uetvid
Value: 8932e1107b0411edac9d1f6e82bd14fa
.tiktok.com/ Name: _ttp
Value: 2IrpKVkUFsW90OMbtBb5gb5pcCR
earthley.com/ Name: tpc_a
Value: 9cdcf04ac94b40099b2aa7e42c8a15d7.1670949493.c0s.1670949493
earthley.com/ Name: __attentive_id
Value: 3a24384a1c13453ba6bd4118ace47a4f
earthley.com/ Name: _attn_
Value: eyJ1Ijoie1wiY29cIjoxNjcwOTQ5NDkzMDQzLFwidW9cIjoxNjcwOTQ5NDkzMDQzLFwibWFcIjoyMTkwMCxcImluXCI6ZmFsc2UsXCJ2YWxcIjpcIjNhMjQzODRhMWMxMzQ1M2JhNmJkNDExOGFjZTQ3YTRmXCJ9In0=
earthley.com/ Name: __attentive_cco
Value: 1670949493045
earthley.com/ Name: _fbp
Value: fb.1.1670949492998.1512921910
earthley.com/ Name: affwp_ref
Value: 8608
earthley.com/ Name: __attentive_pv
Value: 1
earthley.com/ Name: __attentive_ss_referrer
Value: "ORGANIC"
.attentivemobile.com/ Name: tpc_c_c0s
Value: 9756d248-b896-4388-b541-97ed9e550ccb.1670949493.c0s.1670949493
.attentivemobile.com/ Name: tpc_b_c0s
Value: 842934e3-dabb-4ba2-b477-0cefac8db76d.1670949493.c0s.1670949493
.earthley.com/ Name: _fbp
Value: fb.1.1670949492998.1512921910
earthley.com/ Name: PHPSESSID
Value: 74ja2a17v3aga7n8pmr067qf8o
earthley.com/ Name: __attentive_dv
Value: 1
widget-mediator.zopim.com/ Name: AWSALBCORS
Value: mpOqEHg19VD9GtZYQK3BJeQq35a97EVLP2mS1905GjcC8pl4VvNNhictavrAacFnay1859+tGvhr+WdfkWDQkGNbfv3ygOPu+yiuH4UQqjq+jP0OC2E8vcvqjU15
earthley.com/ Name: affwp_ref_visit_id
Value: 1226957
.earthley.com/ Name: __zlcmid
Value: 1DPlRncIxioGdXk

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
bat.bing.com
cdn.attn.tv
connect.facebook.net
earthley.attn.tv
earthley.com
ekr.zdassets.com
events.attentivemobile.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
img.bayengage.com
mreq.github.io
region1.analytics.google.com
sf.bayengage.com
sfc-api.bayengage.com
static.zdassets.com
stats.g.doubleclick.net
v2.zopim.com
www.earthley.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.16.105.139
104.18.37.231
104.18.70.113
104.18.72.113
13.224.189.41
172.64.144.208
18.66.122.73
2001:4860:4802:34::36
23.36.163.153
2600:9000:21f3:7a00:1c:9484:cec0:93a1
2606:4700:3108::ac42:2b49
2606:50c0:8000::153
2620:1ec:c11::200
2a00:1450:4001:808::200a
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:810::2008
2a00:1450:4001:812::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c0d::9a
2a03:2880:f080:9:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
52.222.214.11
0177213eb6447275ba23515febe55c90146c142de5e70d2eef3c4377c214d3f0
02c4f258088c4fb676db6ddc6ec404da886f2bfa133c2a232c36cd249eb3fd73
0b39cabfd671f079648c2914d24f065fc9931a7fb59b535ebada719000924b8d
115eeb43eda96c8d2c74658ef63f1eeac14aad98135c986f0787cbca971ec230
164cd084074717d1d0771fd0fc42ffa81e7bc3c93ca1aa55973941ee1cd9e99e
171af32144ec6406ff6bb8fc1f9e3c5f19545306b196824de0a683f9cbfd7875
1997726a76fc9de8c36762df3016cf6a03c221d24571a5c13dd3eddd4e8b85d5
20f778eacbac13d809e63733eaac3449b02f979e1e01a5e5c8c3b5ae69d42137
24b335f07e996e5e6473ebae86963963708d932f5b1838b31bc741ec05cbcaab
24f1a2053bfad218ff1539a3e4bce38569fddaef48a121cad79c2011b1f8e272
257010a756e8ab7c9c65fdfdbbc68a10dde55a422bfc632b50cf09e651d85f69
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28f83d0b8965a81ea2a42049b39363304cb1c39ed76b00acddab0bc8606b2e43
2ffffc1d8eba971457e39deffb10cbe028aa49e6898f67d4c933b71778a8b39e
3222fcb8cfb00e24f60c44204f71dbfb06212b92792d5c9b25adf7a53bfe7b2a
36c378fe6273417e8f3051f2f4814e7c6c02abe4cc904e219b7c76fc72110bbe
37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa
3a2333f3aaf31cdb57dc5e734d2e05f62e0dbbe1b3ca69709a7e2676b0cba143
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
3d72a94b3e8520e530b8fa1c982fa23610dc03f0f299e81c451ae7df1455a1c6
4a25eb6972f4a513da7ead5d8c0f74832ed42b1ae5e1f13ed3ea36f0865a59c9
4afd1ededc2729eb6a2491db8eb9dbcc5f91623d1c4a7ce4709fd23e520fc5d3
4bd52a9dbce7e2a44571aeea3078c1db8a653711a04112e23891e87013899117
53142b5a41ab9c6dff2525e81cd94c6ccca88fd7b8be87945c2f1e66dd545bbd
583237bf5ca786eccc773ce57669a824d491dfbec95de27ef1b132da725a6169
58933895dec141c2b970cff0aab2def9ce591b7f42de608ef052d70d2f106c1d
59f4703349d66c29ad2e2f2d1d893267d7bd4690cb448a104bbfef07f8768ca4
5d6fcc49f0d1e0b04ac7ac2561cc91ce6ad72f242f81b3b9bd3ae30cf045b935
5daf45425cea64537063f5713fbc0f5d903d008478de8b43ed6b5a6798ea1160
64b23cc9606288a79a9c37a6d0c3ec3962d47e98911f32994103d519e88a25a3
6610cfb284c5370ed1cd73333301a0fd21d0149efdcd366dd7b8fe35a5949806
696d9cb735750f9efb939d0c3cefe31945b7c08fa0e7144c9ba6653c27b1f321
6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c
712d764046bbcaae7b93ad4bc8adaf8536a1d0ecec35d046abe05d9d5738af2e
72445d1c7f7381d0d3432dbc1a845ae2c52bf65cf01bc91d1609b7f042044913
7567fb19c9c43375d3fd64e1dd0f7089ed3e4b1c48af419c4f601066b7a9235c
77c92a91cc051d6c20f7983a3acfeafaec1bed4d74c95516cdc6894691a3fa33
7a98cfd53fb371872ceef03beaed46b74a7e02d44caa34bab76913cccf0249bb
7cd60167ed6b446af16b6b76faadba06bf162673a49ebf6255856e6b4e3235b1
800a05d6b7a6414db47887a6e565cb2be922973c4bca753862518f8c73f70879
8026e0fb4e8af4f3a81c9914dd7b4c2da991b65a8957738134317083a3f80c12
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86297992b82912cf31488ed9f439a19d53a1603cc8fbb43a14ff98bc1bcce262
87225fc0d957010b626c8fda930f28b3dbec7b6d7fb6f0ae6c2106ed55b884d4
888486bbdc107458b4d7f5093eae3cce3317c01f8dda76d1c0b7d14ad376fe31
8c1f806310322c848c4c996ca568a03b3b16cf9487cbccf09aef3cf17e2c643d
8c918358059ae78aed4be7500c5da3880c5052c27acf400e872b3b7a1bce7257
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
8e4372d5beb672183c75dade3760e039d8632faadebff5b4910ce46f9e8569a1
954be284f9094990d36d30daf96149a1a78b580c7df9e3f4d0a4aa83d7f34fe9
9c7bb881d50daf10495cb74da00bd5530559e1d819b85a29db561f3e93762f05
a1948d12316da3cc1f372bbce5329bdbf2ca054c32532aa605547e306aa8a382
a4f2b366facc90cfc4a0b906f6940a869316cf45d690012613a5ad812b24bda1
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aeb414bb1e8013a6746ef4a704275a3fb8a16fdb3a50695f4703630ff85d85b9
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
b68efd39e3a53734f9d77bc9ebc8df5da58feca07965e28d10778210aeab7e9e
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b70883a7c1ab84803043878ade80dd4f7c299930cb9232da88c5ac74d034457c
ba5eb9ef259e65719d9785c9699378230097abc190b93c89411a65e7c4cd3e76
ba7e52e5df6c10041655cf4cedc157112a9ad0e15e283098853e5f783231e874
bc4f688fd161944b5ca268a9072272d4e6369366456b9e4bcce2b770bfd668ae
c0ee54c5c200f4179e8c4e5551fdb714ea19bf195d189bd8e5a6c9c322abd742
c2d83ad40a286051bd88ec3207cfeccf2e94ad85e777d9fe84708256f37ace14
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
da68124b0af9ffcdf459071716b6d6aae6b9fceaa275d8f604a23746e92e6332
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6950a212568305b78d0994dec97c320dbecbed4b8c98ed596048bf9b8d677ed
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e8da1ab11d79347d9fae5f7b00548fc1838f410dc773121bc14a065517e9a598
e9d35fa1940f10733d2b12a3f9bf8646fe2a8b2f766fe2b8c48d3c2b48aa76ad
ea0bd505e3aaf0a9a70d04a254c5c812a7a3be9302bbb357fb5dcde5c77a5adc
eab839cf513a18a586b9781827f2399ab4dbe1e772ea852966712f1d132d1231
ee3a94394da6a061c63b8c4333b600ce2720480a2ab8a80b3df720b2294deaf5
ee564a0080a642f8dbe317a9596032900545837e52d20cb9aee450e6b8122293
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fd75705e34e1d047532b6692e2fc9c6b4001ba866d31f375346ad1fa3ccc6469
fe215b4921e3640887b0cfc2c14641fecbd3c0540e44bc3c7cf829ac51bde775
fff09637c3bdbb4988240901f1ae70e3245cbc4ba4aff028fb1053c7064b0c6c