cpa.activityearbuds.com Open in urlscan Pro
45.55.121.131  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response cpa.activityearbuds.com/	110 KB 37 KB	756ms 178ms	Document text/html	45.55.121.131 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://cpa.activityearbuds.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.55.121.131 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Express Resource Hash 19014560ee65709bf907ea9b24de16d3738af37051178bbd3e28852524f1c6c1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * content-encoding gzip content-type text/html; charset=utf-8 date Sat, 12 Nov 2022 11:21:38 GMT etag W/"1b98f-A6Tz78ujPiAqRtIxIZG4q+HUaLs" server nginx vary Accept-Encoding x-powered-by Express
GET H2	200	libphonenumber-max.js Show response unpkg.com/libphonenumber-js@1.7.30/bundle/	193 KB 55 KB	57ms 29ms	Script application/javascript	2606:4700::6810:7eaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/libphonenumber-js@1.7.30/bundle/libphonenumber-max.js Requested by Host: cpa.activityearbuds.com URL: https://cpa.activityearbuds.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b35e0da2259324aa245a1259a3d4dae1853eaeb3d63aceb93a97e5000261deb8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cpa.activityearbuds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 11:21:39 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 2039185 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01GFS0ERYQBRPXJ9QR0068SAF7-fra server cloudflare etag W/"3058d-yRrLdFhKJ3Ne06wdL1yftogD2vk" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 768ee2a3bcfa9bd6-FRA
GET H2	200	css fonts.googleapis.com/	3 KB 1 KB	45ms 17ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Raleway:400,700 Requested by Host: cpa.activityearbuds.com URL: https://cpa.activityearbuds.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c639475111ae9c7a6c89e022ab7a77eb6e9d82145e845dfba037b53650297288 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cpa.activityearbuds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 12 Nov 2022 11:21:39 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 12 Nov 2022 09:42:35 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 12 Nov 2022 11:21:39 GMT
GET H2	200	everflow.js Show response www.tb42trk.com/scripts/sdk/	58 KB 18 KB	609ms 117ms	Script text/javascript	34.102.156.27 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://www.tb42trk.com/scripts/sdk/everflow.js Requested by Host: cpa.activityearbuds.com URL: https://cpa.activityearbuds.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.156.27 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 27.156.102.34.bc.googleusercontent.com Software nginx / Resource Hash 8028ab462489c1ae7e31c5e4155e01733284cd005b2cf330a092f39791ee6ef1 Request headers accept-language de-DE,de;q=0.9 Referer https://cpa.activityearbuds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 11:21:39 GMT content-encoding gzip via 1.1 google server nginx vary Origin content-type text/javascript cache-control max-age=14400 x-eflow-request-id c04cf7a7-5172-4cfe-9e4b-f25e3c3fb7f0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	js Show response www.googletagmanager.com/gtag/	109 KB 43 KB	59ms 28ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-144760998-1 Requested by Host: cpa.activityearbuds.com URL: https://cpa.activityearbuds.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 749d92abec713d027826aedc1242a051965fe87f99dcb12593ae857aa2ec78c9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cpa.activityearbuds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 11:21:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43682 x-xss-protection 0 last-modified Sat, 12 Nov 2022 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 12 Nov 2022 11:21:39 GMT
GET H2	200	1596807188080logo.jpg cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/	71 KB 71 KB	192ms 130ms	Image image/jpeg	2606:4700:20::681a:2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1596807188080logo.jpg Requested by Host: cpa.activityearbuds.com URL: https://cpa.activityearbuds.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 679c39bdef09a1c5a23e1b3461f5896060fbe28e32fa7f8c614aef25c8d4fa30 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cpa.activityearbuds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 11:21:39 GMT content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Sat, 12 Nov 2022 11:21:39 GMT server cloudflare x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FyQs9%2BLhHflfELlmdyBM8lDldgzfErKcYfNQxvbPzOZK03lf%2B9MRyrNIwrZFtd2C4mPkq1lMGxrTQn4WTzN4IEnQWHL7bXRIqgzmxfprbdV0HZcJmvt1csTCNQYvwo2VE7woSzzFY2dGVU0zFL6sHTX86GJZAg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg vary Accept-Encoding cache-control max-age=16070400 cf-ray 768ee2a7da2cbb55-FRA
GET H2	200	1594148666894coolbackground.jpg cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/	33 KB 34 KB	214ms 152ms	Image image/jpeg	2606:4700:20::681a:2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1594148666894coolbackground.jpg Requested by Host: cpa.activityearbuds.com URL: https://cpa.activityearbuds.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 412119f7ff7490816ee913184eda0d756b6f8dd0ffad06194eff22c242aa15ed Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cpa.activityearbuds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 11:21:39 GMT content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Sat, 12 Nov 2022 11:21:39 GMT server cloudflare x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lsUiQOa5KAh01MfO7K37VIrNK5Cz%2FtFUB%2BIF7i1wyETCduMLRO1Ris1ErV9W9imqSjMsE2y03EGlDcuXmQ2%2F%2FE14nlqgiPV8E6r35HJ3LTEur1ATdm%2F5PleYbfbeXqr2MK3D565a6DRQYsphMDOvZc7Z2tJ3UA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg vary Accept-Encoding cache-control max-age=16070400 cf-ray 768ee2a7da3abb55-FRA
GET H2	200	1594148528354withphone.jpg cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/	43 KB 44 KB	184ms 122ms	Image image/jpeg	2606:4700:20::681a:2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1594148528354withphone.jpg Requested by Host: cpa.activityearbuds.com URL: https://cpa.activityearbuds.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 2587b01db30d185b8f566dad0141a8dd9473c421391172a8fb390dcf42db2b1f Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cpa.activityearbuds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 11:21:39 GMT content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Sat, 12 Nov 2022 11:21:39 GMT server cloudflare x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NgCxROr1AC2ni0rffx1OZnkXHq5Oqigjm4Ch%2Bzd5QQnW614aG5ZPX6Ns0StI4Uu4iNYOcuL4e0%2BhT6rHW7YBS7c0s7Gkt%2BsOc%2Fu3edfDJjg8b2Sj%2BkWTmaXxQt7yvXCzo28CCJRXWzg1uL4cP1XySCzAoFc1g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg vary Accept-Encoding cache-control max-age=16070400 cf-ray 768ee2a7da2ebb55-FRA
GET H2	200	1594148672967noisebarrier.jpg cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/	42 KB 42 KB	206ms 144ms	Image image/jpeg	2606:4700:20::681a:2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1594148672967noisebarrier.jpg Requested by Host: cpa.activityearbuds.com URL: https://cpa.activityearbuds.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 65228ce15f9289d41192dbc17a569c2b5c3ad8fdebcff287959cb51df59fe6ad Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cpa.activityearbuds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 11:21:39 GMT content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Sat, 12 Nov 2022 06:58:00 GMT server cloudflare x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s5ri8Y2ZDAEAFcb4RVLMPJJzSaP1AXHefFcDkBGfpfa2mvV6Qn91RqMprcP3A9lnWkVr1vl61jvqqA2a4T5gviQwmn3Qw4pS88d9AxiXHMslYQHw5yawnH5sqgxy9f1GOKGVTiFjMJbObYjFJPemApbHj93daQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg vary Accept-Encoding cache-control max-age=16070400 cf-ray 768ee2a7da30bb55-FRA
GET H2	200	1594149113633audiofinal.png cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/	3 KB 3 KB	205ms 144ms	Image image/png	2606:4700:20::681a:2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1594149113633audiofinal.png Requested by Host: cpa.activityearbuds.com URL: https://cpa.activityearbuds.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash c0fbec07aed2e2589b904d38fb81c35d7739e5d7507be2dc2f95419778d57572 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cpa.activityearbuds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 11:21:39 GMT content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Sat, 12 Nov 2022 11:21:39 GMT server cloudflare x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8wSmvij0rsDLBvLWFYzzcZ39RntrHM0Q8ZRYNuT38MS6qhEPuO3OjZ8QqtkTd9FYgYv1luDRagXUFvJcAXHP3HDtc%2Bvm%2BS0DQWqYytbjyBST9WWhD2Onss53lm7dy6eDYX8Cb%2BacGolTfVRLS0j7YXSYCz%2Fjw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png vary Accept-Encoding cache-control max-age=16070400 cf-ray 768ee2a7da31bb55-FRA
GET H2	200	1594149167390handsfreefinal.png cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/	2 KB 2 KB	190ms 129ms	Image image/png	2606:4700:20::681a:2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1594149167390handsfreefinal.png Requested by Host: cpa.activityearbuds.com URL: https://cpa.activityearbuds.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash d69483422ce7e50710c124b5972cbad503a38210952581c330233954d88db1ec Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cpa.activityearbuds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 11:21:39 GMT content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Sat, 12 Nov 2022 11:21:39 GMT server cloudflare x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dI9IkXp4zY%2FOnCKNlMtH1P6kkrZ%2F6vwK6hKmDX17G9WV86ZVsenP4c44s30tHW3rA%2FkxEFvl49%2FYybADZTgLjKprViWn%2B9ziInX8YtCIcKmaKmXY2MwnwDz%2B6NWiPfb50zeexWI9p3CyvfkazAE69Ei%2B1%2Fqc2Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png vary Accept-Encoding cache-control max-age=16070400 cf-ray 768ee2a7da2fbb55-FRA
GET H2	200	1594149212792batteryfinal.png cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/	1 KB 1 KB	145ms 144ms	Image image/png	2606:4700:20::681a:2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1594149212792batteryfinal.png Requested by Host: cpa.activityearbuds.com URL: https://cpa.activityearbuds.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 4775f1d507a11ba44df10acc53269b936bb18dfd262ce3f8b65b9897a87a20d2 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cpa.activityearbuds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 11:21:39 GMT content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Sat, 12 Nov 2022 11:21:39 GMT server cloudflare x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BmI7iyejqwNgaKfo5134h4WpBJfDt%2FhVxnr188WcZa4y543gr068DcMxQcSd7%2FvnjtTNVYmdOl4vrIJIyyK08BwWdWdf08hraSDCUvXi92HyIISUz575MRHb9QUiw3P6YQD7KoVTkh2F1FTDjpKNWzSOXd9Ow%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png vary Accept-Encoding cache-control max-age=16070400 cf-ray 768ee2a7ea4dbb55-FRA
GET H2	200	1594152735606reviewblock1.jpg cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/	235 KB 236 KB	135ms 135ms	Image image/jpeg	2606:4700:20::681a:2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1594152735606reviewblock1.jpg Requested by Host: cpa.activityearbuds.com URL: https://cpa.activityearbuds.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash fce350909f9689ac770040bf3998f1484c82ca7a60ff38fb733d19f5779ff75b Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cpa.activityearbuds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 11:21:39 GMT content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Sat, 12 Nov 2022 11:21:39 GMT server cloudflare x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P57jHc8gciiSvQd%2BCgnrLDBTY%2FhoDGBUmwt4WnvPwAEyZfCb3km%2BfA%2B8zoFJ7Sq9pjppl4EEqrnZbgUBuZGVWye%2BOieGn0YTrJMewxmCYnz4%2FQ9OOQzGXjrhuenuGPNJmsFLQ2F75PF6zXdljCzv2CzsIuD1%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg vary Accept-Encoding cache-control max-age=16070400 cf-ray 768ee2a7ea4fbb55-FRA
GET H2	200	1594152744393reviewblock4.jpg cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/	244 KB 244 KB	156ms 155ms	Image image/jpeg	2606:4700:20::681a:2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1594152744393reviewblock4.jpg Requested by Host: cpa.activityearbuds.com URL: https://cpa.activityearbuds.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 3fabc12ef07bba92402635aa941343c44b924957b5254d8a9fe010d40ead4003 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cpa.activityearbuds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 11:21:39 GMT content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Sat, 12 Nov 2022 11:21:39 GMT server cloudflare x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2FUNEJtLKHe9SXF9QxSYQLYEbBM5oHyteLP6tDow%2B%2FMhEpmIpW%2BJ%2FE2JM6VORl4WLqPk18SFZJC7rchT8ay2wWC7S1%2FEG5yUCaTFtyLtqWuWY2k7IDULxp7QHHv81h0OR%2BP5OCrv0gndxkkcyCsqRR%2FPxNZLnA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg vary Accept-Encoding cache-control max-age=16070400 cf-ray 768ee2a7ea52bb55-FRA
GET H2	200	1594152754646reviewblock3.jpg cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/	244 KB 245 KB	202ms 201ms	Image image/jpeg	2606:4700:20::681a:2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1594152754646reviewblock3.jpg Requested by Host: cpa.activityearbuds.com URL: https://cpa.activityearbuds.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 7442d7451b47a294b3291fa5f46b4c9a34ec2f0b82ea42f57db984aef9140da1 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cpa.activityearbuds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 11:21:39 GMT content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Sat, 12 Nov 2022 11:21:39 GMT server cloudflare x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3EYmm4mA6LUBAXVQFmvbpnJWpzDZ06yFjYNoDe23m9P5E%2F1imXFagsdllAvp9FEuuZdFeLLh4nokwmTQawwWzikFB%2BGFu%2BGdMIpS4Y8qnyB0zNqIbQXEOE769ffteiMDR7crYgsAI9tnbEflMToBLq%2F8Q2Hgw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg vary Accept-Encoding cache-control max-age=16070400 cf-ray 768ee2a7ea55bb55-FRA
GET H2	200	1594152763017reviewblock2.jpg cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/	244 KB 245 KB	164ms 163ms	Image image/jpeg	2606:4700:20::681a:2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1594152763017reviewblock2.jpg Requested by Host: cpa.activityearbuds.com URL: https://cpa.activityearbuds.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash f692613884f0acdac485bc9e6de9fb612ab6c5aa931e2d2809013dabbc6c1e6a Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cpa.activityearbuds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 11:21:39 GMT content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Sat, 12 Nov 2022 11:21:39 GMT server cloudflare x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FplbTZpIJ2pLwWTorm4q7r2kr5kOekwU5U46%2Bubv7UpNs%2FKt3Oy8MX5gPmtts%2BS6rn5ncfjvP%2FItQz911rs9%2BTOq81llxS9M81pXlORA%2BO%2BWMm1o4kG%2BXv84iYTMbi73UFlY9CjyzJkMdnsRWgw7CXuPQcOHnA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg vary Accept-Encoding cache-control max-age=16070400 cf-ray 768ee2a7ea56bb55-FRA
GET H2	200	1594152769648reviewblock6.jpg cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/	233 KB 234 KB	144ms 144ms	Image image/jpeg	2606:4700:20::681a:2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1594152769648reviewblock6.jpg Requested by Host: cpa.activityearbuds.com URL: https://cpa.activityearbuds.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 013b86be6bca984f8db39a991a1006934f78f742823690f1ca0e3c2f0401529e Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cpa.activityearbuds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 11:21:39 GMT content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Sat, 12 Nov 2022 11:21:39 GMT server cloudflare x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltpFqN90NbW08tBGWZLtm01I2nNM4PxHvaWzqzCeXZTJu0ObwdORUSdn1G1sYcwE5oJg2e1SqhGzRmP%2BAdI7haoULxzwZLjXQXUUbOksOrcHQGzh7kDbf8roU%2FxYJidi3UWljYeYwN%2F96a4mc1Eb66oC0FEiuQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg vary Accept-Encoding cache-control max-age=16070400 cf-ray 768ee2a7ea59bb55-FRA
GET H2	200	1594152777822reviewblock5.jpg cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/	298 KB 299 KB	165ms 165ms	Image image/jpeg	2606:4700:20::681a:2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1594152777822reviewblock5.jpg Requested by Host: cpa.activityearbuds.com URL: https://cpa.activityearbuds.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 1562134bcb43b351e4d55e8942ed1155787cc9ef45c79a585cfdbfce934ed28c Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cpa.activityearbuds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 11:21:39 GMT content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Sat, 12 Nov 2022 11:21:39 GMT server cloudflare x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQ68tFdVbS%2BLfB9e9a55YV65ff8kPQLMHhusCIIsxJWdixnrlXeCyLzpTDhlvJDBpbkpMrfB%2BsyqNEzUc8IRUaCh6mx5WPQr%2F6MIfAR1h%2FxJok03l2%2BtXHQTb2yQzM6gLWj8TMRfMjZsjn81QeNS64TTZbberw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg vary Accept-Encoding cache-control max-age=16070400 cf-ray 768ee2a7ea5bbb55-FRA
GET H2	200	css2 fonts.googleapis.com/	10 KB 742 B	17ms 17ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500;600;700&display=swap Requested by Host: cpa.activityearbuds.com URL: https://cpa.activityearbuds.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e8e757bf3950349d716928b1b3729d44f5c45084cb072930f83ca80e84b5f071 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cpa.activityearbuds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 12 Nov 2022 11:21:39 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 12 Nov 2022 11:14:48 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 12 Nov 2022 11:21:39 GMT
GET H2	200	jquery-3.5.1.min.js Show response code.jquery.com/	87 KB 30 KB	1124ms 866ms	Script application/javascript	2001:4de0:ac18::1:a:1a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.min.js Requested by Host: cpa.activityearbuds.com URL: https://cpa.activityearbuds.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers Referer https://cpa.activityearbuds.com/ Origin https://cpa.activityearbuds.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 11:21:39 GMT content-encoding gzip last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx etag W/"28feccc0-15d84" vary Accept-Encoding x-hw 1668252099.dop097.fr8.t,1668252099.cds146.fr8.hn,1668252099.cds280.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30879
GET H2	200	plg.min.js Show response stats.productlistgenie.io/	36 KB 13 KB	321ms 130ms	Script application/javascript	2606:4700:3034::ac43:d9dc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stats.productlistgenie.io/plg.min.js?123 Requested by Host: cpa.activityearbuds.com URL: https://cpa.activityearbuds.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:d9dc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash d66946970c026c563550bcba8b8c863b1b8d4b1068aa870d3b407900434adfe0 Request headers accept-language de-DE,de;q=0.9 Referer https://cpa.activityearbuds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 11:21:40 GMT content-encoding br cf-cache-status EXPIRED last-modified Sat, 06 Nov 2021 19:36:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"8efb-17cf6c0dc60" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXxiSHUCILyNqfiAk%2BihpKG1QBxqa1IXLiD0tXCx%2F2XpuDG1vBGHu091bTcRra%2FCbnwvpBPBCNVmG9%2Bg3QVhkG%2FE8WPpgNjSk%2FYCQ47zM3TCcOSHc5zoeBgDGXiFntPhJLTQJ%2BX9jRX%2FcglDlZ%2FqpPbFYlCLimvJ"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=14400 cf-ray 768ee2a8a9399a0c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	1594219570380darkend2700.jpg cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/	2 MB 2 MB	186ms 134ms	Image image/jpeg	2606:4700:20::681a:2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1594219570380darkend2700.jpg Requested by Host: cpa.activityearbuds.com URL: https://cpa.activityearbuds.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash b566114e68479368ca15f87b0d7da36a110c719e45b6cbf13eb57c380a1bd151 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cpa.activityearbuds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 11:21:39 GMT content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 11 Nov 2022 08:43:10 GMT server cloudflare x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kC1Cz1jA54n2y1MIbLMC9tMzauqxz3nXBD8ZeyFa4Y719jwVPhO6U%2BnEv1fdOhV%2BiwZcboeUMKMTzcT9ORt7vauaDOFqPg6K6%2FP3wIxTEzIxjVJbeiy800bSwKCxI3Taa1W6khpoTl1RIUy5PP68M%2FpGjw7WnA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg vary Accept-Encoding cache-control max-age=16070400 cf-ray 768ee2a7da25bb55-FRA
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v25/	30 KB 31 KB	46ms 8ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://cpa.activityearbuds.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 08 Nov 2022 16:06:09 GMT x-content-type-options nosniff age 328530 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30928 x-xss-protection 0 last-modified Mon, 11 Jul 2022 18:57:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 08 Nov 2023 16:06:09 GMT
GET H2	200	1594151370949happywomangradient.jpg cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/	125 KB 125 KB	145ms 145ms	Image image/jpeg	2606:4700:20::681a:2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1594151370949happywomangradient.jpg Requested by Host: cpa.activityearbuds.com URL: https://cpa.activityearbuds.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash be0a8cc4bd539c05af4c3b8b60d50b26a163c45ba7d8d1509164e3e1aadf4793 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cpa.activityearbuds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 11:21:39 GMT content-security-policy default-src * data: 'unsafe-eval' 'unsafe-inline' x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 11 Nov 2022 08:43:10 GMT server cloudflare x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7d7QmAoLK7lQODOVaVxzcbpqJcgjmDM8L82dHGCop8YJQql%2B0idC0iDmzGYPsXLi%2FYSOouQZWWeeiz1WafV30sWpS8C0pWkcaiJo416MJ%2BSnt8zWLTZkJBXD2mOLTijKF%2FMx50Ys3zRJr58mVyB7JJL%2FBdjHQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg vary Accept-Encoding cache-control max-age=16070400 cf-ray 768ee2a7ea5ebb55-FRA
GET H3	200	js Show response www.googletagmanager.com/gtag/	109 KB 43 KB	63ms 32ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-145097719-1&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-144760998-1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ab08b3a3869966fbe79576998cc1bf4b95499a533d573d9445a171ce79ef536c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cpa.activityearbuds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 11:21:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43770 x-xss-protection 0 last-modified Sat, 12 Nov 2022 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 12 Nov 2022 11:21:39 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	49ms 9ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-145097719-1&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cpa.activityearbuds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 12 Nov 2022 11:15:54 GMT last-modified Tue, 27 Sep 2022 22:01:05 GMT server Golfe2 age 345 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20039 expires Sat, 12 Nov 2022 13:15:54 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	35ms 17ms	XHR text/plain	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1685416517&t=pageview&_s=1&dl=https%3A%2F%2Fcpa.activityearbuds.com%2F&ul=en-us&de=UTF-8&dt=Activity%20Earbuds%20Cpa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=89263510&gjid=2119648062&cid=1734759931.1668252100&tid=UA-145097719-1&_gid=538953801.1668252100&_r=1&gtm=2oub90&z=615105849 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://cpa.activityearbuds.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 12 Nov 2022 11:21:40 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cpa.activityearbuds.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	1Ptug8zYS_SKggPNyC0ITw.woff2 fonts.gstatic.com/s/raleway/v28/	45 KB 45 KB	30ms 9ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Raleway:400,700 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://cpa.activityearbuds.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 22:05:34 GMT x-content-type-options nosniff age 134166 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 46524 x-xss-protection 0 last-modified Mon, 18 Jul 2022 19:58:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 10 Nov 2023 22:05:34 GMT
GET H2	200	eyJndHlwZSI6InBhZ2VkYXRhIiwicGF5bG9hZCI6eyJiZWhhdmlvclBhZ2VJRCI6ImYyMjZhNmRjMWQzNzViN2IwNTIwMGIwMjY3Zjk1M2Y1NWYzYWNhMDhjYmE1MTcxZDA2NzQ4NWFiIiwicGFnZVR5cGUiOiJwYWdlIiwic2Vzc2lvbklEIjoiZjIyNmE2ZGMxZ... Show response stats.productlistgenie.io/data/	2 B 522 B	151ms 110ms	Fetch text/plain	2606:4700:3034::ac43:d9dc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stats.productlistgenie.io/data/eyJndHlwZSI6InBhZ2VkYXRhIiwicGF5bG9hZCI6eyJiZWhhdmlvclBhZ2VJRCI6ImYyMjZhNmRjMWQzNzViN2IwNTIwMGIwMjY3Zjk1M2Y1NWYzYWNhMDhjYmE1MTcxZDA2NzQ4NWFiIiwicGFnZVR5cGUiOiJwYWdlIiwic2Vzc2lvbklEIjoiZjIyNmE2ZGMxZDM3NWI3YjA1MjAwYjAyNjdmOTUzZjUiLCJjcmVhdG9ySUQiOiJVMkZzZEdWa1gxK1lFL2tmV3l2V2Z0NkZXaEl4Tmw3clJ1eW1mQ25xN09BbFJwM2dmdFFVVlphNUt3amN1cGtSIiwicGFnZUlEIjoiNWYzYWNhMDhjYmE1MTcxZDA2NzQ4NWFiIiwiZnVubmVsSUQiOiI1ZjNhY2EwOGNiYTUxNzFkMDY3NDg1YTAiLCJkZXZpY2UiOiJkZXNrdG9wIiwicGFnZVVSTCI6Imh0dHBzOi8vY3BhLmFjdGl2aXR5ZWFyYnVkcy5jb20vIn19 Requested by Host: stats.productlistgenie.io URL: https://stats.productlistgenie.io/plg.min.js?123 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:d9dc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers accept-language de-DE,de;q=0.9 Referer https://cpa.activityearbuds.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sat, 12 Nov 2022 11:21:41 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bt%2Fpk70PdSCMvsCqCDXLUV2CBqrms33nM6IwsFOlCubQeRMwymQUSpyzlUPSmcP4Xs57JXzvbDkOKInEmfcPFMJAVZDUuQ9qRJWu%2FL9hPRMZ4PefheO4eXsBJzw85NILusih94PZHmyGMvkwpY0fTTzXbyXF0Vw1"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 access-control-allow-origin * cf-ray 768ee2b22a9a9b76-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| EF function| gtag object| dataLayer boolean| isMobile undefined| header undefined| sticky undefined| stickyFunction object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery object| modalContainer object| closeButton function| RecordPrepopValue string| sessionID object| urlParams function| PLGSession function| send undefined| isScrolledIntoViews object| libphonenumber

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cpa.activityearbuds.com/	1969-12-31 23:59:59	Name: loc_iso2 Value: DE
			cpa.activityearbuds.com/	1969-12-31 23:59:59	Name: loc_iso3 Value: DEU
			cpa.activityearbuds.com/	1969-12-31 23:59:59	Name: client Value: 81.95.5.43
			.activityearbuds.com/	1970-01-20 17:00:12	Name: _ga Value: GA1.2.1734759931.1668252100
			.activityearbuds.com/	1970-01-20 07:25:38	Name: _gid Value: GA1.2.538953801.1668252100
			.activityearbuds.com/	1970-01-20 07:24:12	Name: _gat_gtag_UA_145097719_1 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.productlistgenie.com
code.jquery.com
cpa.activityearbuds.com
fonts.googleapis.com
fonts.gstatic.com
stats.productlistgenie.io
unpkg.com
www.google-analytics.com
www.googletagmanager.com
www.tb42trk.com
2001:4de0:ac18::1:a:1a
2606:4700:20::681a:2b
2606:4700:3034::ac43:d9dc
2606:4700::6810:7eaf
2a00:1450:4001:802::2003
2a00:1450:4001:806::2008
2a00:1450:4001:808::200e
2a00:1450:4001:809::200a
34.102.156.27
45.55.121.131
013b86be6bca984f8db39a991a1006934f78f742823690f1ca0e3c2f0401529e
1562134bcb43b351e4d55e8942ed1155787cc9ef45c79a585cfdbfce934ed28c
19014560ee65709bf907ea9b24de16d3738af37051178bbd3e28852524f1c6c1
2587b01db30d185b8f566dad0141a8dd9473c421391172a8fb390dcf42db2b1f
3fabc12ef07bba92402635aa941343c44b924957b5254d8a9fe010d40ead4003
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
412119f7ff7490816ee913184eda0d756b6f8dd0ffad06194eff22c242aa15ed
4775f1d507a11ba44df10acc53269b936bb18dfd262ce3f8b65b9897a87a20d2
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
65228ce15f9289d41192dbc17a569c2b5c3ad8fdebcff287959cb51df59fe6ad
679c39bdef09a1c5a23e1b3461f5896060fbe28e32fa7f8c614aef25c8d4fa30
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7442d7451b47a294b3291fa5f46b4c9a34ec2f0b82ea42f57db984aef9140da1
749d92abec713d027826aedc1242a051965fe87f99dcb12593ae857aa2ec78c9
8028ab462489c1ae7e31c5e4155e01733284cd005b2cf330a092f39791ee6ef1
ab08b3a3869966fbe79576998cc1bf4b95499a533d573d9445a171ce79ef536c
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b35e0da2259324aa245a1259a3d4dae1853eaeb3d63aceb93a97e5000261deb8
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b566114e68479368ca15f87b0d7da36a110c719e45b6cbf13eb57c380a1bd151
be0a8cc4bd539c05af4c3b8b60d50b26a163c45ba7d8d1509164e3e1aadf4793
c0fbec07aed2e2589b904d38fb81c35d7739e5d7507be2dc2f95419778d57572
c639475111ae9c7a6c89e022ab7a77eb6e9d82145e845dfba037b53650297288
d66946970c026c563550bcba8b8c863b1b8d4b1068aa870d3b407900434adfe0
d69483422ce7e50710c124b5972cbad503a38210952581c330233954d88db1ec
e8e757bf3950349d716928b1b3729d44f5c45084cb072930f83ca80e84b5f071
f692613884f0acdac485bc9e6de9fb612ab6c5aa931e2d2809013dabbc6c1e6a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fce350909f9689ac770040bf3998f1484c82ca7a60ff38fb733d19f5779ff75b