urlscan.io logo urlscan.io
SecurityTrails logo

down-to-earth.co.uk Open in urlscan Pro
141.193.213.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396
Effective URL: https://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396
Submission: On March 13 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 6 domains to perform 26 HTTP transactions. The main IP is 141.193.213.11, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is down-to-earth.co.uk.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 1st 2023. Valid for: a year.
This is the only time down-to-earth.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 141.193.213.10 209242 (CLOUDFLAR...)
11 141.193.213.11 209242 (CLOUDFLAR...)
4 4 109.61.86.193 60068 (CDN77 _)
1 142.251.40.170 15169 (GOOGLE)
3 216.239.32.178 15169 (GOOGLE)
1 142.250.176.200 15169 (GOOGLE)
10 142.251.40.131 15169 (GOOGLE)
26 5
1    141.193.213.10 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
down-to-earth.co.uk
11    141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
down-to-earth.co.uk
4    109.61.86.193 (Boston, United States)

ASN60068 (CDN77 _, GB)
PTR: 109-61-86-193.bunnyinfra.net
sp-ao.shortpixel.ai
1    142.251.40.170 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f10.1e100.net
fonts.googleapis.com
3    216.239.32.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.176.200 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f8.1e100.net
www.googletagmanager.com
10    142.251.40.131 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
12 down-to-earth.co.uk
down-to-earth.co.uk
290 KB
10 gstatic.com
fonts.gstatic.com
231 KB
4 shortpixel.ai
sp-ao.shortpixel.ai — Cisco Umbrella Rank: 27525
3 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
21 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
83 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
2 KB
26 6
Domain Requested by
12 down-to-earth.co.uk 1 redirects down-to-earth.co.uk
10 fonts.gstatic.com fonts.googleapis.com
4 sp-ao.shortpixel.ai 4 redirects
3 www.google-analytics.com down-to-earth.co.uk
www.google-analytics.com
www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
1 fonts.googleapis.com down-to-earth.co.uk
26 6

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com
dexterous-designs.co.uk
Subject Issuer Validity Valid
down-to-earth.co.uk
Cloudflare Inc ECC CA-3		 2023-10-01 -
2024-09-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396
Frame ID: B670520F3710C684DD27B8B1580088E1
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page not found - Down to Earth

Page URL History Show full URLs

  1. http://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396 HTTP 301
    https://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • jquery\.flexslider(?:\.min)?\.js$
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

85 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

5
IPs

1
Countries

626 kB
Transfer

1893 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396 HTTP 301
    https://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_314,h_48/https://down-to-earth.co.uk/wp-content/uploads/2018/08/down-to-earth-logo-2.jpg HTTP 302
  • https://down-to-earth.co.uk/wp-content/uploads/2018/08/down-to-earth-logo-2.jpg
Request Chain 5
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://down-to-earth.co.uk/wp-content/uploads/2018/08/down-to-earth-logo-2.jpg HTTP 302
  • https://down-to-earth.co.uk/wp-content/uploads/2018/08/down-to-earth-logo-2.jpg
Request Chain 6
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://down-to-earth.co.uk/wp-content/plugins/email-subscribers/lite/public/images/spinner.gif HTTP 302
  • https://down-to-earth.co.uk/wp-content/plugins/email-subscribers/lite/public/images/spinner.gif
Request Chain 9
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://down-to-earth.co.uk/wp-content/uploads/2018/08/down-to-earth-logo-2.jpg HTTP 302
  • https://down-to-earth.co.uk/wp-content/uploads/2018/08/down-to-earth-logo-2.jpg

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 0.3599803468105396
down-to-earth.co.uk/travel/great-brazilian-plants/
Redirect Chain
  • http://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396
  • https://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396
33 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
d41b8138cf926774ce1041cd70eaafffa7ab1c5fa4f1260d690bcf52511530f2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
863f9af9f9520fe7-LAX
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 13 Mar 2024 22:54:22 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://down-to-earth.co.uk/wp-json/>; rel="https://api.w.org/"
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding
x-cache
HIT: 1
x-cache-group
normal
x-cacheable
non200
x-powered-by
WP Engine

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
863f9af6cf3e7ed8-LAX
Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Wed, 13 Mar 2024 22:54:21 GMT
Location
https://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396
Server
cloudflare
alt-svc
h3=":443"; ma=86400
autoptimize_0038ec150f51279eff9ec1545915e085.css
down-to-earth.co.uk/wp-content/cache/autoptimize/css/ 		749 KB
113 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://down-to-earth.co.uk/wp-content/cache/autoptimize/css/autoptimize_0038ec150f51279eff9ec1545915e085.css
Requested by
Host: down-to-earth.co.uk
URL: https://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
949c6007f646293aff78d2939bc1dd45dc6d90aa95fcedfb32964f352d9ed72a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 22:54:23 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 28 Feb 2024 15:57:57 GMT
server
cloudflare
etag
W/"65df5805-bb4ad"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
863f9afe3f130fe7-LAX
alt-svc
h3=":443"; ma=86400
autoptimize_single_85091db3c3d16f364ded561d27a2d02b.css
down-to-earth.co.uk/wp-content/cache/autoptimize/css/ 		35 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://down-to-earth.co.uk/wp-content/cache/autoptimize/css/autoptimize_single_85091db3c3d16f364ded561d27a2d02b.css?ver=1710241193
Requested by
Host: down-to-earth.co.uk
URL: https://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c427895d0937c0e81d7a6c47c2c488cf6f1fd006f29f2bf27041de5c00a24562

Request headers

accept-language
en-US,en;q=0.9
Referer
https://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 22:54:23 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 22 Aug 2023 07:44:20 GMT
server
cloudflare
etag
W/"64e46754-8c6f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
863f9afe3f160fe7-LAX
alt-svc
h3=":443"; ma=86400
autoptimize_single_bcf9be088a972a25eb7587b15a8f6c1f.js
down-to-earth.co.uk/wp-content/cache/autoptimize/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://down-to-earth.co.uk/wp-content/cache/autoptimize/js/autoptimize_single_bcf9be088a972a25eb7587b15a8f6c1f.js?ver=6.4.3
Requested by
Host: down-to-earth.co.uk
URL: https://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b27207a9be07f277536f75bcc995a0921d86c9895bdd2d5f17f3e16ee192e50

Request headers

accept-language
en-US,en;q=0.9
Referer
https://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 22:54:23 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 22 Aug 2023 07:44:20 GMT
server
cloudflare
etag
W/"64e46754-3082"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
863f9afe3f170fe7-LAX
alt-svc
h3=":443"; ma=86400
jquery.min.js
down-to-earth.co.uk/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://down-to-earth.co.uk/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: down-to-earth.co.uk
URL: https://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 22:54:23 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
server
cloudflare
etag
W/"64ecd5ef-15601"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
863f9afe3f180fe7-LAX
alt-svc
h3=":443"; ma=86400
down-to-earth-logo-2.jpg
down-to-earth.co.uk/wp-content/uploads/2018/08/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_314,h_48/https://down-to-earth.co.uk/wp-content/uploads/2018/08/down-to-earth-logo-2.jpg
  • https://down-to-earth.co.uk/wp-content/uploads/2018/08/down-to-earth-logo-2.jpg
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://down-to-earth.co.uk/wp-content/uploads/2018/08/down-to-earth-logo-2.jpg
Requested by
Host: down-to-earth.co.uk
URL: https://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396
Protocol
H3
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
08ffb73ce64ef5c577c5b0a864a066a1455b1330aa193566ced1eebb9c89ad14

Request headers

accept-language
en-US,en;q=0.9
Referer
https://down-to-earth.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 22:54:23 GMT
cf-cache-status
HIT
age
0
cf-polished
origSize=4067
alt-svc
h3=":443"; ma=86400
content-length
4016
cf-bgj
imgq:100,h2pri
last-modified
Tue, 24 May 2022 00:24:49 GMT
server
cloudflare
etag
"628c25d1-fe3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
863f9b00f8032b58-LAX

Redirect headers

date
Wed, 13 Mar 2024 22:54:22 GMT
cdn-edgestorageid
1163
xtag-sp-ver
2-ns61
cdn-cachedat
03/13/2024 20:52:01
cdn-pullzone
257218
cdn-tag
0; Domain: down-to-earth.co.uk; 302
content-length
0
pragma
cache
server
BunnyCDN-BO1-1163
cdn-proxyver
1.04
cdn-requestpullcode
302
content-type
text/html; charset=UTF-8
location
https://down-to-earth.co.uk/wp-content/uploads/2018/08/down-to-earth-logo-2.jpg
access-control-allow-origin
*
cdn-uid
ceac3dab-9909-4315-8d54-a27751b54dd0
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-cache
HIT
cdn-requestid
dfc38e5b52beea021c415a2bc892d06b
x-robots-tag
noindex
link
<https://down-to-earth.co.uk/wp-content/uploads/2018/08/down-to-earth-logo-2.jpg>; rel="canonical"
cdn-requestcountrycode
US
cdn-status
302
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess
True
down-to-earth-logo-2.jpg
down-to-earth.co.uk/wp-content/uploads/2018/08/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://down-to-earth.co.uk/wp-content/uploads/2018/08/down-to-earth-logo-2.jpg
  • https://down-to-earth.co.uk/wp-content/uploads/2018/08/down-to-earth-logo-2.jpg
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://down-to-earth.co.uk/wp-content/uploads/2018/08/down-to-earth-logo-2.jpg
Requested by
Host: down-to-earth.co.uk
URL: https://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396
Protocol
H3
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdb3b772d215906d9642e9ef605903269a01d41f2f0e9099533db3835efe45fe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://down-to-earth.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 22:54:23 GMT
cf-cache-status
MISS
last-modified
Tue, 24 May 2022 00:24:49 GMT
server
cloudflare
etag
"628c25d1-fe3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
863f9b00fff52b58-LAX
alt-svc
h3=":443"; ma=86400
content-length
4067

Redirect headers

date
Wed, 13 Mar 2024 22:54:22 GMT
cdn-edgestorageid
1163
xtag-sp-ver
2-ns61
cdn-cachedat
03/13/2024 20:52:01
cdn-pullzone
257218
cdn-tag
0; Domain: down-to-earth.co.uk; 302
content-length
0
pragma
cache
server
BunnyCDN-BO1-1163
cdn-proxyver
1.04
cdn-requestpullcode
302
content-type
text/html; charset=UTF-8
location
https://down-to-earth.co.uk/wp-content/uploads/2018/08/down-to-earth-logo-2.jpg
access-control-allow-origin
*
cdn-uid
ceac3dab-9909-4315-8d54-a27751b54dd0
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-cache
HIT
cdn-requestid
e4fafdf6c1ff1e3560b90a5257d7b395
x-robots-tag
noindex
link
<https://down-to-earth.co.uk/wp-content/uploads/2018/08/down-to-earth-logo-2.jpg>; rel="canonical"
cdn-requestcountrycode
US
cdn-status
302
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess
True
spinner.gif
down-to-earth.co.uk/wp-content/plugins/email-subscribers/lite/public/images/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://down-to-earth.co.uk/wp-content/plugins/email-subscribers/lite/public/images/spinner.gif
  • https://down-to-earth.co.uk/wp-content/plugins/email-subscribers/lite/public/images/spinner.gif
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://down-to-earth.co.uk/wp-content/plugins/email-subscribers/lite/public/images/spinner.gif
Requested by
Host: down-to-earth.co.uk
URL: https://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396
Protocol
H3
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7837e876f1eef549b3250b78380ec2df00ad6da4da6c27667424b1636854df3c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://down-to-earth.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 22:54:24 GMT
cf-cache-status
MISS
last-modified
Wed, 06 Mar 2024 13:10:16 GMT
server
cloudflare
etag
"65e86b38-c88"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
863f9b05eeef2b58-LAX
alt-svc
h3=":443"; ma=86400
content-length
3208

Redirect headers

date
Wed, 13 Mar 2024 22:54:23 GMT
cdn-edgestorageid
1163
xtag-sp-ver
2-ns62
cdn-cachedat
03/13/2024 20:52:02
cdn-pullzone
257218
cdn-tag
0; Domain: down-to-earth.co.uk; 302
content-length
0
pragma
cache
server
BunnyCDN-BO1-1163
cdn-proxyver
1.04
cdn-requestpullcode
302
content-type
text/html; charset=UTF-8
location
https://down-to-earth.co.uk/wp-content/plugins/email-subscribers/lite/public/images/spinner.gif
access-control-allow-origin
*
cdn-uid
ceac3dab-9909-4315-8d54-a27751b54dd0
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-cache
HIT
cdn-requestid
f6bbaa7f0f109818cc154b7bb1cf4b4c
x-robots-tag
noindex
link
<https://down-to-earth.co.uk/wp-content/plugins/email-subscribers/lite/public/images/spinner.gif>; rel="canonical"
cdn-requestcountrycode
US
cdn-status
302
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess
True
autoptimize_1b16b3978b1a61c34d5865230b3ee89d.js
down-to-earth.co.uk/wp-content/cache/autoptimize/js/ 		399 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://down-to-earth.co.uk/wp-content/cache/autoptimize/js/autoptimize_1b16b3978b1a61c34d5865230b3ee89d.js
Requested by
Host: down-to-earth.co.uk
URL: https://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa617a14c7f535fe0b7a20499e3baa11731eec60856343861341f2f14f6af7c8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 22:54:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 28 Feb 2024 16:29:47 GMT
server
cloudflare
etag
W/"65df5f7b-63b78"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
863f9b04dd932b58-LAX
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		32 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather+Sans:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900%7CMerriweather:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900%7CMerriweather+Sans:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900
Requested by
Host: down-to-earth.co.uk
URL: https://down-to-earth.co.uk/wp-content/cache/autoptimize/js/autoptimize_single_bcf9be088a972a25eb7587b15a8f6c1f.js?ver=6.4.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.170 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f10.1e100.net
Software
ESF /
Resource Hash
ac4df6289a671e45ae545fb68c83e52c777367696b2f5dab58170249fdd90e36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://down-to-earth.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 13 Mar 2024 22:54:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 13 Mar 2024 22:54:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Mar 2024 22:54:23 GMT
down-to-earth-logo-2.jpg
down-to-earth.co.uk/wp-content/uploads/2018/08/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://down-to-earth.co.uk/wp-content/uploads/2018/08/down-to-earth-logo-2.jpg
  • https://down-to-earth.co.uk/wp-content/uploads/2018/08/down-to-earth-logo-2.jpg
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://down-to-earth.co.uk/wp-content/uploads/2018/08/down-to-earth-logo-2.jpg
Requested by
Host: down-to-earth.co.uk
URL: https://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396
Protocol
H3
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
08ffb73ce64ef5c577c5b0a864a066a1455b1330aa193566ced1eebb9c89ad14

Request headers

accept-language
en-US,en;q=0.9
Referer
https://down-to-earth.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 22:54:23 GMT
cf-cache-status
HIT
age
0
cf-polished
origSize=4067
alt-svc
h3=":443"; ma=86400
content-length
4016
cf-bgj
imgq:100,h2pri
last-modified
Tue, 24 May 2022 00:24:49 GMT
server
cloudflare
etag
"628c25d1-fe3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
863f9b05ff022b58-LAX

Redirect headers

date
Wed, 13 Mar 2024 22:54:23 GMT
cdn-edgestorageid
1163
xtag-sp-ver
2-ns61
cdn-cachedat
03/13/2024 20:52:01
cdn-pullzone
257218
cdn-tag
0; Domain: down-to-earth.co.uk; 302
content-length
0
pragma
cache
server
BunnyCDN-BO1-1163
cdn-proxyver
1.04
cdn-requestpullcode
302
content-type
text/html; charset=UTF-8
location
https://down-to-earth.co.uk/wp-content/uploads/2018/08/down-to-earth-logo-2.jpg
access-control-allow-origin
*
cdn-uid
ceac3dab-9909-4315-8d54-a27751b54dd0
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-cache
HIT
cdn-requestid
c4e942337c0b9257852dbfe30c379ec7
x-robots-tag
noindex
link
<https://down-to-earth.co.uk/wp-content/uploads/2018/08/down-to-earth-logo-2.jpg>; rel="canonical"
cdn-requestcountrycode
US
cdn-status
302
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess
True
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: down-to-earth.co.uk
URL: https://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://down-to-earth.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 13 Mar 2024 21:55:40 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3523
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 13 Mar 2024 23:55:40 GMT
collect
www.google-analytics.com/j/ 		15 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=423116999&t=pageview&_s=1&dl=https%3A%2F%2Fdown-to-earth.co.uk%2Ftravel%2Fgreat-brazilian-plants%2F0.3599803468105396&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Down%20to%20Earth&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1035122710&gjid=568001034&cid=1511913840.1710370464&tid=UA-144047257-1&_gid=549239584.1710370464&_r=1&_slc=1&z=764306837
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6856b3af6e3b04ce2f544ed4c699551d2b5583a99e9d60c65e7b0ac556a8fcb7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://down-to-earth.co.uk/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Mar 2024 22:54:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://down-to-earth.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		230 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LZNDXDYQPN&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6bbbc463b1fa9f82697afff51577a8569eb652e57828d1c0f357e69cd920cd4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://down-to-earth.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 22:54:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84556
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 13 Mar 2024 22:54:25 GMT
2-c79IRs1JiJN1FRAMjTN5zd9vgsFHXwcjfj9w.woff2
fonts.gstatic.com/s/merriweathersans/v26/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweathersans/v26/2-c79IRs1JiJN1FRAMjTN5zd9vgsFHXwcjfj9w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather+Sans:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900%7CMerriweather:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900%7CMerriweather+Sans:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
2736d55a4da2c1d7e1cec02b86d6432aabe15a41f5f86803b5fa5fbe3cae8a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://down-to-earth.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 20:48:44 GMT
x-content-type-options
nosniff
age
7541
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37848
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 00:30:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 20:48:44 GMT
2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
fonts.gstatic.com/s/merriweathersans/v26/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweathersans/v26/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather+Sans:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900%7CMerriweather:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900%7CMerriweather+Sans:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
a8a4a852dedcc7e3b6bb2c6acffac1a82a31828a00749ce2a8c2d6dd5f268dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://down-to-earth.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:01:53 GMT
x-content-type-options
nosniff
age
6752
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38268
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 00:13:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 21:01:53 GMT
u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather+Sans:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900%7CMerriweather:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900%7CMerriweather+Sans:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
75ca7c01eaa8136d970bde6ea6ae0896d2fe30febf82e7679257df6e1f8a7496
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://down-to-earth.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:11:31 GMT
x-content-type-options
nosniff
age
6174
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19720
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:47:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 21:11:31 GMT
u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather+Sans:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900%7CMerriweather:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900%7CMerriweather+Sans:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://down-to-earth.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 20:55:59 GMT
x-content-type-options
nosniff
age
7106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19780
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 20:55:59 GMT
u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather+Sans:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900%7CMerriweather:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900%7CMerriweather+Sans:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://down-to-earth.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 08:52:46 GMT
x-content-type-options
nosniff
age
50499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19900
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:46:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 08:52:46 GMT
u-4l0qyriQwlOrhSvowK_l5-eR7NWPf4jvw.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7NWPf4jvw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather+Sans:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900%7CMerriweather:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900%7CMerriweather+Sans:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
0418dffa2bed9a6300fed9d918f688e7f195b08f4c6f016a07f62ae48fe9609e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://down-to-earth.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 20:53:00 GMT
x-content-type-options
nosniff
age
7285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19844
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 20:53:00 GMT
u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather+Sans:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900%7CMerriweather:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900%7CMerriweather+Sans:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://down-to-earth.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 09:00:17 GMT
x-content-type-options
nosniff
age
50048
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19752
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:46:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 09:00:17 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather+Sans:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900%7CMerriweather:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900%7CMerriweather+Sans:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://down-to-earth.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 06:52:24 GMT
x-content-type-options
nosniff
age
576121
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20028
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 07 Mar 2025 06:52:24 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather+Sans:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900%7CMerriweather:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900%7CMerriweather+Sans:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://down-to-earth.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 09:00:30 GMT
x-content-type-options
nosniff
age
50035
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 09:00:30 GMT
u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather+Sans:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900%7CMerriweather:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900%7CMerriweather+Sans:100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://down-to-earth.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 20:43:46 GMT
x-content-type-options
nosniff
age
7839
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19816
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:08:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 20:43:46 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-LZNDXDYQPN&gtm=45je43b0v9112212357za200&_p=1710370463932&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-us&sr=1600x1200&cid=1511913840.1710370464&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fdown-to-earth.co.uk%2Ftravel%2Fgreat-brazilian-plants%2F0.3599803468105396&dt=Page%20not%20found%20-%20Down%20to%20Earth&sid=1710370465&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4968
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LZNDXDYQPN&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://down-to-earth.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Mar 2024 22:54:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://down-to-earth.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery.flexslider.js
down-to-earth.co.uk/wp-content/themes/jupiter/assets/js/plugins/async/min/ 		22 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://down-to-earth.co.uk/wp-content/themes/jupiter/assets/js/plugins/async/min/jquery.flexslider.js
Requested by
Host: down-to-earth.co.uk
URL: https://down-to-earth.co.uk/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f449ac138905f9cc7902e7d2822364a8032ee512441e4eaa3ca570a651fa6313

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 22:54:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 31 Aug 2023 12:34:29 GMT
server
cloudflare
etag
W/"64f088d5-56b4"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
863f9b14dd562b58-LAX
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| ajaxurl undefined| mk_header_parallax undefined| mk_banner_parallax undefined| mk_page_parallax undefined| mk_footer_parallax undefined| mk_body_parallax string| mk_images_dir string| mk_theme_js_path string| mk_theme_dir string| mk_captcha_placeholder string| mk_captcha_invalid_txt string| mk_captcha_correct_txt number| mk_responsive_nav_width string| mk_vertical_header_back string| mk_vertical_header_anim boolean| mk_check_rtl number| mk_grid_width string| mk_ajax_search_option string| mk_preloader_bg_color string| mk_accent_color string| mk_go_to_top string| mk_smooth_scroll string| mk_show_background_video string| mk_preloader_bar_color string| mk_preloader_logo object| abb object| php object| PHP string| mk_typekit_id object| mk_google_fonts boolean| mk_global_lazyload object| WebFont object| WebFontConfig undefined| $ function| jQuery boolean| isTest string| sbiajaxurl object| es_data object| jupiterDonutVars string| GoogleAnalyticsObject function| ga object| get object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| MK function| ResizeSensor function| ElementQueries function| addResizeListener function| removeResizeListener object| html5 object| Placeholders object| Modernizr function| ajaxInit function| ajaxDelayedInit function| debounce function| EvEmitter function| imagesLoaded object| $allLayers object| $allImages object| google_tag_manager

5 Cookies

Domain/Path Name / Value
.down-to-earth.co.uk/ Name: __cf_bm
Value: H0pCH8sgsZS6Wf8X9du.htZOso0BPnE2HT6uZxATPIg-1710370462-1.0.1.1-9a5UGuw2b_ocDNSHJR1L1nKLNXZJjd34w.oBjv3fdPqiW6_bl_eivIrDmJyc_TLRklNSft3wSZRGsGV9vFB3_Q
.down-to-earth.co.uk/ Name: _ga
Value: GA1.3.1511913840.1710370464
.down-to-earth.co.uk/ Name: _gid
Value: GA1.3.549239584.1710370464
.down-to-earth.co.uk/ Name: _gat
Value: 1
.down-to-earth.co.uk/ Name: _ga_LZNDXDYQPN
Value: GS1.3.1710370465.1.0.1710370465.0.0.0

1 Console Messages

Source Level URL
Text
network error URL: https://down-to-earth.co.uk/travel/great-brazilian-plants/0.3599803468105396
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

down-to-earth.co.uk
fonts.googleapis.com
fonts.gstatic.com
sp-ao.shortpixel.ai
www.google-analytics.com
www.googletagmanager.com
109.61.86.193
141.193.213.10
141.193.213.11
142.250.176.200
142.251.40.131
142.251.40.170
216.239.32.178
0418dffa2bed9a6300fed9d918f688e7f195b08f4c6f016a07f62ae48fe9609e
08ffb73ce64ef5c577c5b0a864a066a1455b1330aa193566ced1eebb9c89ad14
2736d55a4da2c1d7e1cec02b86d6432aabe15a41f5f86803b5fa5fbe3cae8a64
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
6856b3af6e3b04ce2f544ed4c699551d2b5583a99e9d60c65e7b0ac556a8fcb7
6b27207a9be07f277536f75bcc995a0921d86c9895bdd2d5f17f3e16ee192e50
6bbbc463b1fa9f82697afff51577a8569eb652e57828d1c0f357e69cd920cd4d
75ca7c01eaa8136d970bde6ea6ae0896d2fe30febf82e7679257df6e1f8a7496
7837e876f1eef549b3250b78380ec2df00ad6da4da6c27667424b1636854df3c
949c6007f646293aff78d2939bc1dd45dc6d90aa95fcedfb32964f352d9ed72a
a8a4a852dedcc7e3b6bb2c6acffac1a82a31828a00749ce2a8c2d6dd5f268dd9
aa617a14c7f535fe0b7a20499e3baa11731eec60856343861341f2f14f6af7c8
ac4df6289a671e45ae545fb68c83e52c777367696b2f5dab58170249fdd90e36
c427895d0937c0e81d7a6c47c2c488cf6f1fd006f29f2bf27041de5c00a24562
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d41b8138cf926774ce1041cd70eaafffa7ab1c5fa4f1260d690bcf52511530f2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f449ac138905f9cc7902e7d2822364a8032ee512441e4eaa3ca570a651fa6313
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
fdb3b772d215906d9642e9ef605903269a01d41f2f0e9099533db3835efe45fe