act.ewg.org Open in urlscan Pro
45.60.33.183 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.everyaction.com/k/39576543/320446579/-1375064231?sourceid=1020345
Effective URL:
https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345
Submission: On December 13 via api (December 13th 2021, 1:44:50 pm UTC) from US — Scanned from DE

Summary HTTP 70 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 21 domains to perform 70 HTTP transactions. The main IP is 45.60.33.183, located in United States and belongs to INCAPSULA, US. The main domain is act.ewg.org.
TLS certificate: Issued by SSL.com RSA SSL subCA on July 23rd 2021. Valid for: a year.

This is the only time act.ewg.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	45.60.33.183 45.60.33.183	19551 (INCAPSULA) (INCAPSULA)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:452d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	52.239.157.138 52.239.157.138	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2600:9000:206... 2600:9000:206f:c000:12:303c:8700:21	16509 (AMAZON-02) (AMAZON-02)
1	65.9.68.93 65.9.68.93	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
14	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2606:4700::68... 2606:4700::6810:50a5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	20.40.202.0 20.40.202.0	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.236.186.217 52.236.186.217	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
70	22

13 45.60.33.183 (United States) 1 redirects

ASN19551 (INCAPSULA, US)

click.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
act.ewg.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
profile.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fastaction.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:452d (United States)

ASN13335 (CLOUDFLARENET, US)

c.shpg.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.239.157.138 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

nvlupin.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:206f:c000:12:303c:8700:21 (United States)

ASN16509 (AMAZON-02, US)

d3rse9xjbp8270.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.68.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-68-93.fra56.r.cloudfront.net

js.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:50a5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

1071783566.privacysandbox.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lightboxapi.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.236.186.217 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	google-analytics.com www.google-analytics.com	75 KB
5	lightboxcdn.com www.lightboxcdn.com	152 KB
5	cloudfront.net d3rse9xjbp8270.cloudfront.net	375 KB
5	windows.net nvlupin.blob.core.windows.net	531 KB
5	ewg.org act.ewg.org	28 KB
4	facebook.com www.facebook.com	562 B
4	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	2 KB
4	ngpvan.com profile.ngpvan.com fastaction.ngpvan.com secure.ngpvan.com	4 KB
4	everyaction.com 1 redirects click.everyaction.com secure.everyaction.com	9 KB
3	facebook.net connect.facebook.net	200 KB
3	bing.com bat.bing.com	11 KB
3	googleadservices.com www.googleadservices.com 1071783566.privacysandbox.googleadservices.com	16 KB
3	googletagmanager.com www.googletagmanager.com	158 KB
2	visualstudio.com dc.services.visualstudio.com	306 B
2	google.de www.google.de	612 B
2	google.com 1 redirects www.google.com	572 B
1	azurewebsites.net lightboxapi.azurewebsites.net	584 B
1	msecnd.net az416426.vo.msecnd.net	40 KB
1	verygoodvault.com js.verygoodvault.com	24 KB
1	shpg.org c.shpg.org	7 KB
1	googleapis.com ajax.googleapis.com	30 KB
70	21

	Domain	Requested by
14	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com act.ewg.org az416426.vo.msecnd.net
5	www.lightboxcdn.com	act.ewg.org www.lightboxcdn.com
5	d3rse9xjbp8270.cloudfront.net	act.ewg.org d3rse9xjbp8270.cloudfront.net
5	nvlupin.blob.core.windows.net	act.ewg.org
5	act.ewg.org	act.ewg.org az416426.vo.msecnd.net
4	www.facebook.com	act.ewg.org
3	secure.everyaction.com	az416426.vo.msecnd.net act.ewg.org
3	connect.facebook.net	act.ewg.org connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com act.ewg.org
3	www.googletagmanager.com	act.ewg.org d3rse9xjbp8270.cloudfront.net
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	www.google.de	act.ewg.org
2	www.google.com	1 redirects act.ewg.org
2	stats.g.doubleclick.net	az416426.vo.msecnd.net
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	profile.ngpvan.com	d3rse9xjbp8270.cloudfront.net az416426.vo.msecnd.net
1	secure.ngpvan.com	az416426.vo.msecnd.net
1	lightboxapi.azurewebsites.net	www.lightboxcdn.com
1	fastaction.ngpvan.com	d3rse9xjbp8270.cloudfront.net
1	1071783566.privacysandbox.googleadservices.com	act.ewg.org
1	az416426.vo.msecnd.net	act.ewg.org
1	js.verygoodvault.com	act.ewg.org
1	c.shpg.org	act.ewg.org
1	ajax.googleapis.com	act.ewg.org
1	click.everyaction.com	1 redirects
70	26

This site contains links to these domains. Also see Links.

Domain
fastaction.ngpvan.com
www.ewg.org

Subject Issuer	Validity	Valid
clusteroa-mcghe.ngpvanapp.com SSL.com RSA SSL subCA	`2021-07-23` - `2022-07-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2021-11-17` - `2022-11-17`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.verygoodvault.com Amazon	`2021-03-19` - `2022-04-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
sni1e6ffgl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
*.ngpvan.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-01-14` - `2022-01-14`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-21` - `2021-12-20`	3 months	crt.sh
*.everyaction.com RapidSSL TLS RSA CA G1	`2020-05-28` - `2022-05-28`	2 years	crt.sh
ssl1029400.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-06` - `2022-06-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.privacysandbox.googleadservices.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.azurewebsites.net Microsoft RSA TLS CA 02	`2021-07-07` - `2022-07-07`	a year	crt.sh
in.applicationinsights.azure.com Microsoft RSA TLS CA 01	`2021-07-22` - `2022-07-22`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345
Frame ID: 6E3187F8874ACF6B582DD08028C0B234
Requests: 69 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/lightbox.js?mb=1639403083461&lv=1
Frame ID: 47A9735E20D0EFF47667048C7D6E92CF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Get bee-killing pesticides out of grocery stores!

Page URL History Show full URLs

https://click.everyaction.com/k/39576543/320446579/-1375064231?sourceid=1020345 HTTP 302
https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345 Page URL

Page Statistics

70
Requests

99 %
HTTPS

67 %
IPv6

21
Domains

26
Subdomains

22
IPs

4
Countries

1664 kB
Transfer

4528 kB
Size

31
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://fastaction.ngpvan.com/##whats-this
Title: ?

Search URL Search Domain Scan URL

URL: https://www.ewg.org/support-our-work/ways-to-donate/stay-touch
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.ewg.org/about/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.ewg.org/disclaimer
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid_signup
Title: Sign up with your email address

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/facebook
Title: Facebook

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/twitter
Title: Twitter

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/terms
Title: terms of service

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/privacy
Title: privacy policy.

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid
Title: Log in with your email address

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.everyaction.com/k/39576543/320446579/-1375064231?sourceid=1020345 HTTP 302
https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071783566/?random=1137441900&cv=9&fst=1639403083453&num=1&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fact.ewg.org%2Fp1BK3DB_cUe-MshcwzS5sg2%3Fsourceid%3D1020345&tiba=Get%20bee-killing%20pesticides%20out%20of%20grocery%20stores!&auid=1098656230.1639403083&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=S063YYXYHdyF9fgPks-KqAU&sscte=1&crd=&eitems=ChEIgPvbjQYQypr7-r-FucnlARIdAAaFet5V53Ha1Jw4sUkaGoslqbxbLUXcfV8HDbs HTTP 302
https://www.google.com/pagead/1p-conversion/1071783566/?random=1137441900&cv=9&fst=1639403083453&num=1&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fact.ewg.org%2Fp1BK3DB_cUe-MshcwzS5sg2%3Fsourceid%3D1020345&tiba=Get%20bee-killing%20pesticides%20out%20of%20grocery%20stores!&auid=1098656230.1639403083&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=S063YYXYHdyF9fgPks-KqAU&cid=CAQSKQCNIrLMIoSSkPs5fF_8y8mAjsDDySySPUVQoJCoDUOrLJ5RQMa3wKUe&eitems=ChEIgPvbjQYQypr7-r-FucnlARIdAAaFet7-UASnrLOhMZXS7Yzmk3MEvqOT77bz3co&random=2093906182&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/1071783566/?random=1137441900&cv=9&fst=1639403083453&num=1&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fact.ewg.org%2Fp1BK3DB_cUe-MshcwzS5sg2%3Fsourceid%3D1020345&tiba=Get%20bee-killing%20pesticides%20out%20of%20grocery%20stores!&auid=1098656230.1639403083&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=S063YYXYHdyF9fgPks-KqAU&cid=CAQSKQCNIrLMIoSSkPs5fF_8y8mAjsDDySySPUVQoJCoDUOrLJ5RQMa3wKUe&eitems=ChEIgPvbjQYQypr7-r-FucnlARIdAAaFet7-UASnrLOhMZXS7Yzmk3MEvqOT77bz3co&random=2093906182&resp=GooglemKTybQhCsO&ipr=y&prhg=0

70 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request p1BK3DB_cUe-MshcwzS5sg2 Show response
act.ewg.org/
Redirect Chain

https://click.everyaction.com/k/39576543/320446579/-1375064231?sourceid=1020345
https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345

13 KB
5 KB

404ms
386ms

Document
text/html

45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

63b8d8d7804469684b10ca3037d354eb8cc6a3b8d4cad3322ee92db701c4c18c

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: public, max-age=10
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Access-Control-Expose-Headers: Request-Context
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Date: Mon, 13 Dec 2021 13:44:42 GMT
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 13-3718254-3718257 NNNN CT(88 177 0) RT(1639403080811 11) q(0 0 2 1) r(4 4) U18

Redirect headers

Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Location: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Access-Control-Expose-Headers: Request-Context
X-Robots-Tag: noindex
Date: Mon, 13 Dec 2021 13:44:41 GMT
Content-Length: 0
X-CDN: Imperva
X-Iinfo: 14-4071145-4071148 NNNY CT(88 179 0) RT(1639403080680 11) q(0 0 0 1) r(1 1) U11

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:55:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Dec 2022 21:55:29 GMT

GET
H2 200 sp.js Show response
c.shpg.org/278/ 26 KB
7 KB 44ms
23ms Script
text/javascript 2606:4700:20::ac43:452d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.shpg.org/278/sp.js

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:452d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26c9ab85507efa237afbc7dd5ec24dcaafbd0ffb72720ff3e85f48b1cb796d1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:44:42 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7
cf-polished: origSize=35082
content-encoding: br
last-modified: Mon, 13 Dec 2021 13:44:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7AuA3KaQtwWfVYEb%2FmJiaviIZSLRgQ27%2BgyeH3S8w2PbE8oumdsSClufPclWvkPy57kpf8jQi77RDNZk67hmyXO5YyekJXgP0NSzaGwJjJVXELAUdrDzn1XtSnhewwG2b8KrKu8F6A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: max-age=1800
cf-ray: 6bcfa0ef3ed00631-FRA
cf-bgj: minify

GET
H/1.1 200
OK ga.js Show response
nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/ 45 KB
46 KB 398ms
102ms Script
application/x-javascript 52.239.157.138
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/ga.js
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 13 Dec 2021 13:44:41 GMT
Last-Modified: Mon, 05 Aug 2019 21:46:13 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D719EE5622AE57
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
x-ms-request-id: d8c07026-001e-00d9-6e27-f0b7d4000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 46274

GET
H/1.1 200
OK jquery.mailcheck.min.js Show response
nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/ 2 KB
3 KB 402ms
104ms Script
application/x-javascript 52.239.157.138
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/jquery.mailcheck.min.js
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b3b360dc7d412894d4772b986c10a6cfdf06ad89a522135fadf757aa7434ed02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 13 Dec 2021 13:44:42 GMT
Last-Modified: Mon, 05 Aug 2019 21:46:36 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D719EE63CA579A
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
x-ms-request-id: a0cf24f8-601e-00c9-5f27-f08132000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 2041

GET
H2 200 at.js Show response
d3rse9xjbp8270.cloudfront.net/ 828 KB
234 KB 28ms
8ms Script
application/javascript 2600:9000:206f:c000:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:c000:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47a6c8a36ff5423411aab2ae06bcce02e65370b6391ab79c794ecc0a2a03203f

Request headers

Referer: https://act.ewg.org/
Origin: https://act.ewg.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 03:55:44 GMT
content-encoding: gzip
age: 35489
x-cache: Hit from cloudfront
content-length: 239107
access-control-allow-origin: *
last-modified: Tue, 07 Dec 2021 15:33:47 GMT
server: AmazonS3
etag: "99140247d855e276ae2bc8dd0693c17e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: ZKce5l-2OdfXc7CeTRpCkYoRorCBlu0gKVCX4Z5VB4EOpyfWe9IzFg==

GET
H2 200 at.min.css
d3rse9xjbp8270.cloudfront.net/ 111 KB
21 KB 28ms
8ms Stylesheet
text/css 2600:9000:206f:c000:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:c000:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e364e5ddeeadabdaf4491ac8f05ec984a422b1a2b4253f202a277cbe35d71d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:54:30 GMT
content-encoding: gzip
age: 42613
x-cache: Hit from cloudfront
content-length: 20669
access-control-allow-origin: *
last-modified: Tue, 07 Dec 2021 15:33:47 GMT
server: AmazonS3
etag: "48de344e8cfa8c95d8cd70b97b953830"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: 1vMWwPCf6K1sP1B--QEq5fdUB_sh6Kgshj0WbFMtCA1wPXSm_1Gcjw==

GET
H/1.1 200
OK script-error Show response
act.ewg.org/js/ 246 B
536 B 10ms
9ms Script
text/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://act.ewg.org/js/script-error?v=LR3iM4M7kAES0Kfs-kdOEFlJ6eRhSmwTVMRMKnRLIxs1
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: b8492fb2692042df038f6ed3a0f874e72125916c0cbe1570f59b991c78039f3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 13:44:41 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Sep 2021 03:56:41 GMT
X-CDN: Imperva
Content-Type: text/javascript; charset=utf-8
X-Iinfo: 13-3718254-0 0CNN RT(1639403080811 418) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=24502320, public
Content-Length: 174
Expires: Fri, 23 Sep 2022 03:56:41 GMT

GET
H/1.1 200
OK EWG_Logo_green.png
nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/ 123 KB
123 KB 101ms
100ms Image
image/png 52.239.157.138
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/EWG_Logo_green.png
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 85112008f74106bf7dc8348c58a5585b6349daa95b0508f818c9482623389958

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 13 Dec 2021 13:44:42 GMT
Last-Modified: Thu, 21 Mar 2019 13:17:40 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D6ADFF984217C0
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: d8c0703b-001e-00d9-0227-f0b7d4000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 125671

GET
H/1.1 200
OK email-checker-embed.js Show response
nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/ 1 KB
2 KB 101ms
101ms Script
application/x-javascript 52.239.157.138
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/email-checker-embed.js
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 09c09240791dd7620b5353be9461a38903e62d4f3a9c877480eb286f312ac87b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 13 Dec 2021 13:44:42 GMT
Last-Modified: Wed, 07 Aug 2019 21:09:04 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D71B7B7A97FEB6
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
x-ms-request-id: a0cf24fd-601e-00c9-6427-f08132000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 1172

GET
H/1.1 200
OK AC2nt8erbFu3svSWxmyTZr1b.js Show response
js.verygoodvault.com/vgs-collect/1/ 76 KB
24 KB 29ms
9ms Script
application/javascript 65.9.68.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-93.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d2219782bf808672e486c65601b5bd41e52041c592ba9bfde1030a820f257baf

Request headers

Referer: https://act.ewg.org/
Origin: https://act.ewg.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: MIiZqsZIbmUuLBPCQnATi6p_MgrmaU_3
Content-Encoding: gzip
ETag: W/"f3cecf4193fb217244937c56bee4b1b6"
Age: 26017
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 3000
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Fri, 13 Dec 2019 10:03:51 GMT
Server: AmazonS3
Date: Mon, 13 Dec 2021 06:31:05 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Via: 1.1 f58d1aa3b3b084adbea41c7523e2047f.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: UTluYJiOha76gZDgA9ALwGuVtr1jokEf1f226T-IZEWRu7lscdfhqg==

GET
H/1.1 200
OK _Incapsula_Resource Show response
act.ewg.org/ 147 KB
21 KB 15ms
14ms Script
application/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://act.ewg.org/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=2117017698
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 16a0949591ce3d9afbb50d85060d630579ad930aff6919a3ef28604a4717f301

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Encoding: gzip
Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 21331
Content-Type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 213 KB
71 KB 38ms
15ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f05a0683f3f18c98c9c18092947b9dedd1945085c9419f4e4b44e7d74205f4d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:44:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72339
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Dec 2021 13:44:42 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 124 KB
44 KB 49ms
27ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PM473M

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f563d41f2969741f22c3945c5483476911808248f5733da29fb78630cf09d1fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:44:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45285
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Dec 2021 13:44:42 GMT

GET
H/1.1 200
OK Bees_Background.jpg
nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/ 357 KB
358 KB 110ms
103ms Image
image/jpeg 52.239.157.138
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/Bees_Background.jpg
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 326104020fa17528808dcb4889518e502fd47ad7228ab10d726aab5307a63e37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 13 Dec 2021 13:44:42 GMT
Last-Modified: Tue, 10 Mar 2020 19:32:06 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D7C529B816A68B
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-ms-request-id: a0cf250a-601e-00c9-6f27-f08132000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 366070

GET
H2 200 ai.2.min.js Show response
az416426.vo.msecnd.net/scripts/b/ 119 KB
40 KB 31ms
7ms Script
text/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F5B) /
Resource Hash: f9fa2bbbf048b49dca5b1207cf03a3d5867924372252df0196167810cea88780

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 13 Dec 2021 13:44:42 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-07 00:07:47
content-md5: eo/NA/cIfC8rvfmGvcVN1w==
age: 1364
x-cache: HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.7.2.min.js
content-length: 40058
x-ms-lease-status: unlocked
last-modified: Wed, 08 Dec 2021 18:03:24 GMT
server: ECAcc (frc/8F5B)
x-ms-meta-aijssdkver: 2.7.2
etag: 0x8D9BA750718AE66
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 5b523458-001e-007a-7324-f0f535000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19
expires: Mon, 13 Dec 2021 14:14:42 GMT

GET
H/1.1 200
OK _Incapsula_Resource
act.ewg.org/ 1 B
123 B 10ms
9ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://act.ewg.org/_Incapsula_Resource?SWKMTFSR=1&e=0.05479985033187362
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 1
Content-Type: text/plain

GET
H2 200 identity Show response
profile.ngpvan.com/ 72 B
1 KB 800ms
100ms Script
text/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.ngpvan.com/identity?callback=_jqjsp

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Express, ASP.NET

Resource Hash

0c328086605e4d878b0628b8daeffa5fddda38cd5b69d66895893311ff5ee4f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-powered-by: Express, ASP.NET
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-iinfo: 14-4071448-4071449 PNNN RT(1639403082539 0) q(0 0 0 -1) r(1 1) U5
x-cdn: Imperva
content-type: text/javascript; charset=utf-8
content-length: 193
etag: W/"48-85GUP+A52rAmZXwXW0nB2359f48"
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 118 KB
42 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

432acf77fd8461b7923dee1dfdbfb687ad6697329d2c90d0cdf622bea2c13f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:44:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43194
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Dec 2021 13:44:42 GMT

GET
H2 200 extra.min.css
d3rse9xjbp8270.cloudfront.net/ 93 KB
16 KB 8ms
8ms Stylesheet
text/css 2600:9000:206f:c000:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:c000:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad47985f28dacf71ba22058d9bdaaf225c4426cb9efeeb9ac68976f5a8fd9225

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 04:39:24 GMT
content-encoding: gzip
age: 32758
x-cache: Hit from cloudfront
content-length: 15866
access-control-allow-origin: *
last-modified: Tue, 07 Dec 2021 15:33:47 GMT
server: AmazonS3
etag: "2dc1e7f1e71dcff0223e6e7cc953ff72"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: Htu038ZYTbNppuIb1iB5yLmQ0XHqbFbBAPRby9nGcOz42fHPN6TH9A==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 702ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 589
date: Mon, 13 Dec 2021 13:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 13 Dec 2021 15:34:54 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 706ms
21ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 13:44:43 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 721ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:44:43 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DC140AA8C1674123ABB3EEFB4C8D1A30 Ref B: FRAEDGE1417 Ref C: 2021-12-13T13:44:43Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 696ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: AqL7hlwCMcmZps7EnM5AvSeyJVSsM+KT6PxkKJf3gD0a2vaHEM+og1HUaBGcJjL4VyEY1/aVKt267RFUC/8xgw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 13 Dec 2021 13:44:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK p1BK3DB_cUe-MshcwzS5sg2 Show response
secure.everyaction.com/v1/Forms/ 13 KB
7 KB 786ms
126ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/v1/Forms/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

eafce006c6c4740b12cf39f704dd3544a091ea461405e26d329e844bdbfa4c54

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://act.ewg.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
X-Iinfo: 5-2050765-2050832 NNNY CT(87 181 0) RT(1639403081896 652) q(0 0 0 -1) r(1 1) U18
Content-Length: 5210
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
X-Frame-Options: SAMEORIGIN
Date: Mon, 13 Dec 2021 13:44:42 GMT
Vary: Origin,Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://act.ewg.org
Access-Control-Expose-Headers: Request-Context
Cache-Control: public, max-age=10
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:

GET
H2 200 lightbox_inline.js Show response
www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/ 2 KB
1 KB 224ms
35ms Script
application/javascript 2606:4700::6810:50a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/lightbox_inline.js?mb=1639403083227
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f793d0ef8e7b2b0a2f5271e63c4be9cfaefcf746af1b849d353bf75e420d20d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 13 Dec 2021 13:44:43 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: o+td2hMqqGlNUrKlAG8B3A==
age: 41
cf-polished: origSize=2379
x-ms-lease-status: unlocked
last-modified: Fri, 10 Dec 2021 21:32:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 67626e8e-501e-0038-1b0d-ee5969000000
x-ms-version: 2009-09-19
cf-ray: 6bcfa0f759895b74-FRA
cf-bgj: minify

GET
H3 200 431673573640385 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/431673573640385?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4200e26c2ff2fc480078c8952ca44d0d2dcd2dec4d4902330a938518b4febefb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88923
x-xss-protection: 0
pragma: public
x-fb-debug: QdBHTdWqUkjNOPbbUolEDk5KrmZOwarlt5XV7e+EQYJkiGp1Ves2RBLQhjBEo1p8UrkSUh5zoPYUKHqdwDnsFw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 13 Dec 2021 13:44:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 89 KB
35 KB 33ms
16ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-PMD7D89&t=gtm4&cid=513818480.1639403083

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

69ea948e847b9a12ce86e43762512b1eb7719a86c681483e36eef29ff8c0e8bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:44:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36119
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Dec 2021 13:44:43 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108002/ 2 KB
2 KB 46ms
19ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108002/?random=1639403083451&cv=9&fst=1639403083451&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fact.ewg.org%2Fp1BK3DB_cUe-MshcwzS5sg2%3Fsourceid%3D1020345&tiba=Get%20bee-killing%20pesticides%20out%20of%20grocery%20stores!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a101f683293d644cd9d9c18673b97b08ee6d29aadbd862075b52acaeaf333ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1059
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/1071783566/ 2 KB
1 KB 38ms
19ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1071783566/?random=1639403083453&cv=9&fst=1639403083453&num=1&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fact.ewg.org%2Fp1BK3DB_cUe-MshcwzS5sg2%3Fsourceid%3D1020345&tiba=Get%20bee-killing%20pesticides%20out%20of%20grocery%20stores!&auid=1098656230.1639403083&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

79131e85eecce214ea5421293e3a2afe8c0a9b00bdbcb241d79a98323267b4b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1266
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
1071783566.privacysandbox.googleadservices.com/pagead/privacysandbox/conversion/1071783566/ 0
0 40ms
17ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1071783566.privacysandbox.googleadservices.com/pagead/privacysandbox/conversion/1071783566/?random=1639403083453&cv=9&fst=1639403083453&num=1&fmt=3&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fact.ewg.org%2Fp1BK3DB_cUe-MshcwzS5sg2%3Fsourceid%3D1020345&tiba=Get%20bee-killing%20pesticides%20out%20of%20grocery%20stores!&auid=1098656230.1639403083&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/ Frame 47A9 326 B
308 B 19ms
18ms Script
application/javascript 2606:4700::6810:50a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/lightbox.js?mb=1639403083461&lv=1
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 090fbdd5bb7d69b9fe2ef7c654ec1d87cffe57e7fb23ccbbbf004e283550a708

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:44:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 13 Dec 2021 13:44:37 GMT
server: cloudflare
age: 6
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 6bcfa0f7ba5f5b74-FRA
cf-bgj: minify

GET
H2 204 17156808.js Show response
bat.bing.com/p/action/ 0
93 B 31ms
30ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/17156808.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 13 Dec 2021 13:44:43 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6A4B3384B938423A9A15EF178E6DBC09 Ref B: FRAEDGE1417 Ref C: 2021-12-13T13:44:43Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
150 B 32ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=17156808&tm=gtm002&Ver=2&mid=712b3026-d0ca-44b2-9512-06f74bb60f8e&sid=d3d99df05c1a11ecbe18393ba7f42c3d&vid=d3d9c2605c1a11eca54faf2332a6edd2&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Get%20bee-killing%20pesticides%20out%20of%20grocery%20stores!&p=https%3A%2F%2Fact.ewg.org%2Fp1BK3DB_cUe-MshcwzS5sg2%3Fsourceid%3D1020345&r=&lt=1103&evt=pageLoad&msclkid=N&sv=1&rn=236764
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:44:43 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 40F21B11B8634A96A50ABDF96BA94193 Ref B: FRAEDGE1417 Ref C: 2021-12-13T13:44:43Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 367774270429261 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 11ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/367774270429261?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4db07e07aaa58ab850e024de380cb912e4e29a2a68270329b06e13fbaee69746

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88945
x-xss-protection: 0
pragma: public
x-fb-debug: yDPf42FQMj4sdD8wsSA08OPb0CUDjhgLb++DUng05t4jTiYmIQ3/NW2M+DTczJm1b5s06aP3O5xbrkW/GSoTgA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 13 Dec 2021 13:44:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 26ms
9ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=431673573640385&ev=PageView&dl=https%3A%2F%2Fact.ewg.org%2Fp1BK3DB_cUe-MshcwzS5sg2%3Fsourceid%3D1020345&rl=&if=false&ts=1639403083495&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1639403083493.1015858985&it=1639403083437&coo=false&exp=p1&rqm=GET

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:44:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 13 Dec 2021 13:44:43 GMT

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/ Frame 47A9 947 KB
149 KB 36ms
35ms Script
application/javascript 2606:4700::6810:50a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/user.js?cb=637749812433826285
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/lightbox.js?mb=1639403083461&lv=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e69bfb1566b044931f45eb9a957a8176fc399289e95a5521908a35ac1a4a416f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 13 Dec 2021 13:44:43 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: EKgTHANBYEZvy3oNUdvfBw==
age: 18208
cf-polished: origSize=1532845
last-modified: Fri, 10 Dec 2021 21:32:35 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: a10963a8-401e-0041-51fd-ef3023000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 6bcfa0f7eac65b74-FRA
expires: Tue, 13 Dec 2022 13:44:43 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
436 B 51ms
15ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-296149-25&cid=513818480.1639403083&jid=410031181&gjid=976618702&_gid=452119659.1639403083&_u=aGDAiEADRAAAAE~&z=1069574203

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://act.ewg.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 13 Dec 2021 13:44:43 GMT
content-type: text/plain
access-control-allow-origin: https://act.ewg.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=161975324&t=pageview&_s=1&dl=https%3A%2F%2Fact.ewg.org%2Fp1BK3DB_cUe-MshcwzS5sg2%3Fsourceid%3D1020345&ul=en-us&de=UTF-8&dt=Get%20bee-killing%20pesticides%20out%20of%20grocery%20stores!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEADR~&jid=410031181&gjid=976618702&cid=513818480.1639403083&tid=UA-296149-25&_gid=452119659.1639403083&gtm=2wgc10PPNMZJ&cg2=p1BK3DB_cUe-MshcwzS5sg2%3Fsourceid%3D1020345&cg3=act.ewg.org&z=24306492

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 01:02:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45707
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
9ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=161975324&t=event&ni=1&_s=1&dl=https%3A%2F%2Fact.ewg.org%2Fp1BK3DB_cUe-MshcwzS5sg2%3Fsourceid%3D1020345&ul=en-us&de=UTF-8&dt=Get%20bee-killing%20pesticides%20out%20of%20grocery%20stores!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%20Tracking&ea=0%25&el=https%3A%2F%2Fact.ewg.org%2Fp1BK3DB_cUe-MshcwzS5sg2%3Fsourceid%3D1020345&_u=aGDAiEADRAAAAE~&jid=&gjid=&cid=513818480.1639403083&tid=UA-296149-25&_gid=452119659.1639403083&gtm=2wgc10PPNMZJ&z=170988875

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 01:02:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45707
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/698108002/ 42 B
548 B 76ms
50ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698108002/?random=1639403083451&cv=9&fst=1639400400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fact.ewg.org%2Fp1BK3DB_cUe-MshcwzS5sg2%3Fsourceid%3D1020345&tiba=Get%20bee-killing%20pesticides%20out%20of%20grocery%20stores!&async=1&fmt=3&is_vtc=1&random=4033555700&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:44:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/698108002/ 42 B
548 B 45ms
19ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/698108002/?random=1639403083451&cv=9&fst=1639400400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fact.ewg.org%2Fp1BK3DB_cUe-MshcwzS5sg2%3Fsourceid%3D1020345&tiba=Get%20bee-killing%20pesticides%20out%20of%20grocery%20stores!&async=1&fmt=3&is_vtc=1&random=4033555700&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:44:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1071783566/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071783566/?random=1137441900&cv=9&fst=1639403083453&num=1&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
https://www.google.com/pagead/1p-conversion/1071783566/?random=1137441900&cv=9&fst=1639403083453&num=1&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
https://www.google.de/pagead/1p-conversion/1071783566/?random=1137441900&cv=9&fst=1639403083453&num=1&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...

42 B
64 B

41ms
23ms

Image
image/gif

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1071783566/?random=1137441900&cv=9&fst=1639403083453&num=1&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fact.ewg.org%2Fp1BK3DB_cUe-MshcwzS5sg2%3Fsourceid%3D1020345&tiba=Get%20bee-killing%20pesticides%20out%20of%20grocery%20stores!&auid=1098656230.1639403083&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=S063YYXYHdyF9fgPks-KqAU&cid=CAQSKQCNIrLMIoSSkPs5fF_8y8mAjsDDySySPUVQoJCoDUOrLJ5RQMa3wKUe&eitems=ChEIgPvbjQYQypr7-r-FucnlARIdAAaFet7-UASnrLOhMZXS7Yzmk3MEvqOT77bz3co&random=2093906182&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:44:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:44:43 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1071783566/?random=1137441900&cv=9&fst=1639403083453&num=1&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fact.ewg.org%2Fp1BK3DB_cUe-MshcwzS5sg2%3Fsourceid%3D1020345&tiba=Get%20bee-killing%20pesticides%20out%20of%20grocery%20stores!&auid=1098656230.1639403083&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=S063YYXYHdyF9fgPks-KqAU&cid=CAQSKQCNIrLMIoSSkPs5fF_8y8mAjsDDySySPUVQoJCoDUOrLJ5RQMa3wKUe&eitems=ChEIgPvbjQYQypr7-r-FucnlARIdAAaFet7-UASnrLOhMZXS7Yzmk3MEvqOT77bz3co&random=2093906182&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nvtag Show response
profile.ngpvan.com/v2/data/xKj7vHZtzxdr5Y0rXUkz2zpv/ 2 B
955 B 386ms
367ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://profile.ngpvan.com/v2/data/xKj7vHZtzxdr5Y0rXUkz2zpv/nvtag
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://act.ewg.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:44:43 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: Express, ASP.NET
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://act.ewg.org
x-iinfo: 7-1761807-1761809 NNNN CT(-1 -1 2) RT(1639403082677 0) q(0 0 3 -1) r(4 4) U5
access-control-allow-credentials: true
content-length: 123
x-cdn: Imperva
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 18ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=367774270429261&ev=PageView&dl=https%3A%2F%2Fact.ewg.org%2Fp1BK3DB_cUe-MshcwzS5sg2%3Fsourceid%3D1020345&rl=&if=false&ts=1639403083536&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1639403083493.1015858985&it=1639403083437&coo=false&exp=p1&rqm=GET

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:44:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 13 Dec 2021 13:44:43 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=161975324&t=timing&_s=1&dl=https%3A%2F%2Fact.ewg.org%2Fp1BK3DB_cUe-MshcwzS5sg2%3Fsourceid%3D1020345&ul=en-us&de=UTF-8&dt=Get%20bee-killing%20pesticides%20out%20of%20grocery%20stores!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Downloading&utt=794&_u=aGDACEADRAAAAG~&jid=60365132&gjid=359301401&cid=513818480.1639403083&tid=UA-28243511-22&_gid=452119659.1639403083&_r=1&gtm=2wgc105L2FSL&z=668707583

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://act.ewg.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:44:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://act.ewg.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 589
date: Mon, 13 Dec 2021 13:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 13 Dec 2021 15:34:54 GMT

GET
H2 200 identity Show response
fastaction.ngpvan.com/api/v1/ 182 B
723 B 104ms
102ms Script
text/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://fastaction.ngpvan.com/api/v1/identity?callback=_jqjsp&_1639403083561=

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Cowboy / Express

Resource Hash

8e3d1e6d617a3cffae7e6ef753647c79f64ba030b12c9871a5f5b84f45a07338

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
via: 1.1 vegur
x-content-type-options: nosniff
server: Cowboy
content-encoding: gzip
x-powered-by: Express
vary: Accept-Encoding
p3p: CP="NOI ADM DEV COM NAV OUR STP"
x-iinfo: 14-4071494-4071495 NNYY CT(91 93 0) RT(1639403082695 0) q(0 0 0 -1) r(0 1) U18
cache-control: max-age=0
date: Mon, 13 Dec 2021 13:44:43 GMT
etag: W/"b6-iMAgcEflkPXXKyHApkgchTLSTu8"
content-type: text/javascript; charset=utf-8
x-cdn: Imperva
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=FastAction

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 glyphicons-regular.woff2
d3rse9xjbp8270.cloudfront.net/assets/fonts/ 94 KB
95 KB 9ms
7ms Font
application/font-woff2 2600:9000:206f:c000:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/fonts/glyphicons-regular.woff2
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:c000:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591

Request headers

Referer: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Origin: https://act.ewg.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 05:21:47 GMT
via: 1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
age: 30177
x-cache: Hit from cloudfront
content-length: 96388
last-modified: Thu, 03 Oct 2019 17:12:45 GMT
server: AmazonS3
etag: "aca35251952e72d9e32d41217f0f97ab"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: 2btlxtn4Kr_ua1eOw53SpYIfEM1T5zVWAhieNoJnxOHKSLtr9rly9A==

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 33ms
15ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-28243511-23&cid=513818480.1639403083&jid=1406427664&gjid=1378058986&_gid=452119659.1639403083&_u=aGDAiEADRAAAAG~&z=2130819069

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://act.ewg.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 13 Dec 2021 13:44:43 GMT
content-type: text/plain
access-control-allow-origin: https://act.ewg.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 784 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=161975324&t=pageview&_s=1&dl=https%3A%2F%2Fact.ewg.org%2Fp1BK3DB_cUe-MshcwzS5sg2%3Fsourceid%3D1020345&ul=en-us&de=UTF-8&dt=Get%20bee-killing%20pesticides%20out%20of%20grocery%20stores!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEADRAAAAG~&jid=1406427664&gjid=1378058986&cid=513818480.1639403083&tid=UA-28243511-23&_gid=452119659.1639403083&gtm=2wgc105L2FSL&cd4=1020345&cd2=ngpvan%3A%2F%2Fvan%2FEWG%2FEWG%2F1%2F71381&cd3=4895905%2C4507037%2C4507052%2C4592316%2C4507079%2C4507050&cd5=2021%20-%20Neonic%20Retailers%20Action%20-%20Email%20-%20Donors&cd6=p1BK3DB_cUe-MshcwzS5sg2&z=877229554

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 01:02:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45707
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
13ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=161975324&t=event&ni=1&_s=1&dl=https%3A%2F%2Fact.ewg.org%2Fp1BK3DB_cUe-MshcwzS5sg2%3Fsourceid%3D1020345&ul=en-us&de=UTF-8&dt=Get%20bee-killing%20pesticides%20out%20of%20grocery%20stores!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=PetitionForm&ea=Form%20Load&el=Minimal&ev=4&_u=aGDAiEADRAAAAG~&jid=&gjid=&cid=513818480.1639403083&tid=UA-28243511-23&_gid=452119659.1639403083&gtm=2wgc105L2FSL&cd4=1020345&cd2=ngpvan%3A%2F%2Fvan%2FEWG%2FEWG%2F1%2F71381&cd3=4895905%2C4507037%2C4507052%2C4592316%2C4507079%2C4507050&cd5=2021%20-%20Neonic%20Retailers%20Action%20-%20Email%20-%20Donors&cd6=p1BK3DB_cUe-MshcwzS5sg2&z=1332245444

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 01:02:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45707
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 01:02:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45707
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=161975324&t=timing&_s=1&dl=https%3A%2F%2Fact.ewg.org%2Fp1BK3DB_cUe-MshcwzS5sg2%3Fsourceid%3D1020345&ul=en-us&de=UTF-8&dt=Get%20bee-killing%20pesticides%20out%20of%20grocery%20stores!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Processing&utt=57&_u=aGDACEADRAAAAG~&jid=&gjid=&cid=513818480.1639403083&tid=UA-28243511-22&_gid=452119659.1639403083&gtm=2wgc105L2FSL&z=2025741745

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 01:02:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45707
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK p1BK3DB_cUe-MshcwzS5sg2
secure.everyaction.com/v1/Track/ 0
925 B 110ms
109ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.everyaction.com/v1/Track/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345&formSessionId=a24e015e-1722-4a21-8459-2cc0b93d65bb

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Imperva
Date: Mon, 13 Dec 2021 13:44:42 GMT
X-Frame-Options: SAMEORIGIN
X-Iinfo: 5-2050765-2050832 SNNy RT(1639403081896 947) q(0 0 0 -1) r(1 1) U2
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H2 200 fast-action.svg
d3rse9xjbp8270.cloudfront.net/assets/images/ 9 KB
9 KB 12ms
11ms Image
image/svg+xml 2600:9000:206f:c000:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/images/fast-action.svg
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:c000:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 06:30:12 GMT
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
age: 26085
x-cache: Hit from cloudfront
content-length: 9203
last-modified: Wed, 08 Jan 2020 18:06:45 GMT
server: AmazonS3
etag: "babd47dc25531a9faeadc04f1afa1910"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: FV2yqnFCuZHdZVwwu1C95hxRm9XxCsKeHykMKox08ZuU9JN8mLBcRQ==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 12ms
12ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=161975324&t=timing&_s=1&dl=https%3A%2F%2Fact.ewg.org%2Fp1BK3DB_cUe-MshcwzS5sg2%3Fsourceid%3D1020345&ul=en-us&de=UTF-8&dt=Get%20bee-killing%20pesticides%20out%20of%20grocery%20stores!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Render&utt=42&_u=aGDACEADRAAAAG~&jid=&gjid=&cid=513818480.1639403083&tid=UA-28243511-22&_gid=452119659.1639403083&gtm=2wgc105L2FSL&z=1562565680

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 01:02:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45707
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
12ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=161975324&t=timing&_s=1&dl=https%3A%2F%2Fact.ewg.org%2Fp1BK3DB_cUe-MshcwzS5sg2%3Fsourceid%3D1020345&ul=en-us&de=UTF-8&dt=Get%20bee-killing%20pesticides%20out%20of%20grocery%20stores!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Fill&utt=2&_u=aGDACEADRAAAAG~&jid=&gjid=&cid=513818480.1639403083&tid=UA-28243511-22&_gid=452119659.1639403083&gtm=2wgc105L2FSL&z=2060710575

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 01:02:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45707
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
12ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=161975324&t=timing&_s=1&dl=https%3A%2F%2Fact.ewg.org%2Fp1BK3DB_cUe-MshcwzS5sg2%3Fsourceid%3D1020345&ul=en-us&de=UTF-8&dt=Get%20bee-killing%20pesticides%20out%20of%20grocery%20stores!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Form&utt=946&_u=aGDACEADRAAAAG~&jid=&gjid=&cid=513818480.1639403083&tid=UA-28243511-22&_gid=452119659.1639403083&gtm=2wgc105L2FSL&z=1827927229

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 01:02:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45707
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
12ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=161975324&t=timing&_s=1&dl=https%3A%2F%2Fact.ewg.org%2Fp1BK3DB_cUe-MshcwzS5sg2%3Fsourceid%3D1020345&ul=en-us&de=UTF-8&dt=Get%20bee-killing%20pesticides%20out%20of%20grocery%20stores!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Total&utt=996&_u=aGDACEADRAAAAG~&jid=&gjid=&cid=513818480.1639403083&tid=UA-28243511-22&_gid=452119659.1639403083&gtm=2wgc105L2FSL&z=426645161

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 01:02:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45707
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 4 KB
1 KB 17ms
17ms Stylesheet
text/css 2606:4700::6810:50a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637747687549122179
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/user.js?cb=637749812433826285
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 13 Dec 2021 13:44:43 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: q4B4xYJoZwx9ikt94o1nCA==
age: 230999
cf-polished: origSize=6016
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: 713e6011-d01e-0029-020d-ee6e72000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 6bcfa0f97e435b74-FRA
expires: Tue, 13 Dec 2022 13:44:43 GMT

GET
H/1.1 200
OK z Show response
lightboxapi.azurewebsites.net/z9gd/42018/act.ewg.org/jsonp/ 291 B
584 B 515ms
128ms Script
application/javascript 20.40.202.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://lightboxapi.azurewebsites.net/z9gd/42018/act.ewg.org/jsonp/z?cb=1639403083783&callback=jQuery171020018810776376061_1639403083750&_=1639403083784
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/user.js?cb=637749812433826285
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e8418e83f7f66afe74bfb6eb45a15d2d1907b052a5aa9cbe6cf3f4f25c99fd30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 13:44:44 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
259 B 21ms
21ms Image
image/gif 2606:4700::6810:50a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1639403083757&h=act.ewg.org&e=p&u=42018
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 13 Dec 2021 13:44:43 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 645854
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
content-length: 35
x-ms-lease-status: unlocked
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: af63abe9-a01e-0081-2a45-a8f796000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6bcfa0f9bea65b74-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 204
No Content xKj7vHZtzxdr5Y0rXUkz2zpv Show response
secure.everyaction.com/Databag/Profile/ 0
1 KB 103ms
103ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/Databag/Profile/xKj7vHZtzxdr5Y0rXUkz2zpv

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://act.ewg.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Imperva
Date: Mon, 13 Dec 2021 13:44:43 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: https://act.ewg.org
X-Iinfo: 5-2050765-2050832 SNNy RT(1639403081896 1155) q(0 0 0 -1) r(1 1) U11
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 204 xKj7vHZtzxdr5Y0rXUkz2zpv Show response
secure.ngpvan.com/Databag/Profile/ 0
868 B 117ms
116ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/Databag/Profile/xKj7vHZtzxdr5Y0rXUkz2zpv

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://act.ewg.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cdn: Imperva
date: Mon, 13 Dec 2021 13:44:43 GMT
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://act.ewg.org
x-iinfo: 14-4071571-4070577 PNNN RT(1639403083052 0) q(0 0 0 -1) r(1 1) U11
access-control-expose-headers: Request-Context
cache-control: private
access-control-allow-credentials: true
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H/1.1 204
No Content xKj7vHZtzxdr5Y0rXUkz2zpv Show response
act.ewg.org/Databag/Profile/ 0
804 B 107ms
107ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://act.ewg.org/Databag/Profile/xKj7vHZtzxdr5Y0rXUkz2zpv

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345
Request-Id: |ef3fe30679f14fbda379fb9f09f2fddf.fcb29f5cf2564409
traceparent: 00-ef3fe30679f14fbda379fb9f09f2fddf-fcb29f5cf2564409-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Imperva
Date: Mon, 13 Dec 2021 13:44:43 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
X-Iinfo: 13-3718254-3718257 SNNN RT(1639403080811 2245) q(0 0 0 -1) r(1 1) U11
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=431673573640385&ev=Microdata&dl=https%3A%2F%2Fact.ewg.org%2Fp1BK3DB_cUe-MshcwzS5sg2%3Fsourceid%3D1020345&rl=&if=false&ts=1639403084003&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Get%20bee-killing%20pesticides%20out%20of%20grocery%20stores!%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Get%20bee-killing%20pesticides%20out%20of%20grocery%20stores!%22%2C%22og%3Adescription%22%3A%22We%20need%2050%2C000%20signatures%20to%20compel%20grocery%20stores%20to%20do%20the%20right%20thing%20and%20ban%20neonics!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fnvlupin.blob.core.windows.net%2Fimages%2Fvan%2FEWG%2FEWG%2F1%2F71381%2Fimages%2FBees_Background.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1639403083493.1015858985&it=1639403083437&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:44:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 13 Dec 2021 13:44:44 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=367774270429261&ev=Microdata&dl=https%3A%2F%2Fact.ewg.org%2Fp1BK3DB_cUe-MshcwzS5sg2%3Fsourceid%3D1020345&rl=&if=false&ts=1639403084037&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Get%20bee-killing%20pesticides%20out%20of%20grocery%20stores!%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Get%20bee-killing%20pesticides%20out%20of%20grocery%20stores!%22%2C%22og%3Adescription%22%3A%22We%20need%2050%2C000%20signatures%20to%20compel%20grocery%20stores%20to%20do%20the%20right%20thing%20and%20ban%20neonics!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fnvlupin.blob.core.windows.net%2Fimages%2Fvan%2FEWG%2FEWG%2F1%2F71381%2Fimages%2FBees_Background.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1639403083493.1015858985&it=1639403083437&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/p1BK3DB_cUe-MshcwzS5sg2?sourceid=1020345

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:44:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 13 Dec 2021 13:44:44 GMT

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 60ms
15ms Preflight 52.236.186.217
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.236.186.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://act.ewg.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Mon, 13 Dec 2021 13:44:43 GMT
content-length: 0

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 98 B
306 B 684ms
683ms XHR
application/json 52.236.186.217
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.236.186.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b5390ef8e50ab8b1d4f74a533f7dfb326dac614de4faa2915bd5363374a9201b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://act.ewg.org/
Accept-Language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: D0B6AE63-CEA0-42D6-89D3-A2923687CF9F
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Mon, 13 Dec 2021 13:44:44 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 98

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.everyaction.com/	1970-01-20 08:08:41	Name: visid_incap_1392949 Value: WEUKancsQTiJCmatYgCjA0JOt2EAAAAAQUIPAAAAAADJmGliWqOVK8FW/0MhrXNg
.everyaction.com/	1969-12-31 23:59:59	Name: nlbi_1392949 Value: CQc6fsW/W2NQajQ7c8ry4wAAAAAjiD9KzShaRhqV+2/tnPva
.everyaction.com/	1969-12-31 23:59:59	Name: incap_ses_878_1392949 Value: S0uPDOeCTjP1yxoGikgvDEhOt2EAAAAA35lrna0frnWrGW8kHQgliA==
.ewg.org/	1970-01-20 08:08:41	Name: visid_incap_1852917 Value: iPMef5FiT0m96prErJ/zt0hOt2EAAAAAQUIPAAAAAADVZr228vbNr5ixNYcnIsr1
.ewg.org/	1969-12-31 23:59:59	Name: nlbi_1852917 Value: VfsZc+7LRAGIaLl7KIaUhgAAAABUoMb5T+BwrOdxYknmSR5b
.ewg.org/	1969-12-31 23:59:59	Name: incap_ses_878_1852917 Value: KIXiLL7u/18d0xoGikgvDElOt2EAAAAAM8PNt8lAaVDb7/b8wnftYw==
.act.ewg.org/	1970-01-19 23:23:26	Name: TiPMix Value: 65.6367108531467
.act.ewg.org/	1970-01-19 23:23:26	Name: x-ms-routing-name Value: self
act.ewg.org/	1970-01-20 08:08:59	Name: ai_user Value: VLNok0/AApPxHS8Xzdb0+o\|2021-12-13T13:44:42.686Z
.ewg.org/	1970-01-20 01:32:59	Name: _gcl_au Value: 1.1.1098656230.1639403083
act.ewg.org/	1970-01-19 23:23:24	Name: ai_session Value: UYuy4McghPh0oqv2B3SjYa\|1639403082819\|1639403082819
.ewg.org/	1970-01-20 16:54:35	Name: _ga Value: GA1.2.513818480.1639403083
.ewg.org/	1970-01-19 23:24:49	Name: _gid Value: GA1.2.452119659.1639403083
.bing.com/	1970-01-20 08:44:59	Name: MUID Value: 280B0E70D1B166DC3C101F7CD0DA67F2
.ewg.org/	1970-01-19 23:24:49	Name: _uetsid Value: d3d99df05c1a11ecbe18393ba7f42c3d
.ewg.org/	1970-01-20 08:44:59	Name: _uetvid Value: d3d9c2605c1a11eca54faf2332a6edd2
.ewg.org/	1970-01-20 01:32:59	Name: _fbp Value: fb.1.1639403083493.1015858985
.profile.ngpvan.com/	1970-01-19 23:23:26	Name: TiPMix Value: 31.1193348519128
.profile.ngpvan.com/	1970-01-19 23:23:26	Name: x-ms-routing-name Value: self
profile.ngpvan.com/	1970-01-23 15:02:15	Name: ngpvanuser Value: xKj7vHZtzxdr5Y0rXUkz2zpv
.ewg.org/	1970-01-19 23:23:23	Name: _dc_gtm_UA-296149-25 Value: 1
.secure.everyaction.com/	1970-01-19 23:23:26	Name: TiPMix Value: 75.0647926121321
.secure.everyaction.com/	1970-01-19 23:23:26	Name: x-ms-routing-name Value: self
.ewg.org/	1970-01-19 23:23:23	Name: _gat_UA-28243511-22 Value: 1
.doubleclick.net/	1970-01-20 08:44:59	Name: IDE Value: AHWqTUl1CrzRpqNasz3eMMxSc_qWiw7mzqOHsSVAVGFHAKtgCJZxSUNc4KfHwm17
.ewg.org/	1970-01-19 23:23:23	Name: _dc_gtm_UA-28243511-23 Value: 1
.everyaction.com/	1970-01-23 15:02:15	Name: ProfileDatabagId Value: xKj7vHZtzxdr5Y0rXUkz2zpv
.act.ewg.org/	1970-01-23 15:02:15	Name: ProfileDatabagId Value: xKj7vHZtzxdr5Y0rXUkz2zpv
.secure.ngpvan.com/	1970-01-19 23:23:26	Name: TiPMix Value: 65.2813533625013
.secure.ngpvan.com/	1970-01-19 23:23:26	Name: x-ms-routing-name Value: self
.ngpvan.com/	1970-01-23 15:02:15	Name: ProfileDatabagId Value: xKj7vHZtzxdr5Y0rXUkz2zpv

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1071783566.privacysandbox.googleadservices.com
act.ewg.org
ajax.googleapis.com
az416426.vo.msecnd.net
bat.bing.com
c.shpg.org
click.everyaction.com
connect.facebook.net
d3rse9xjbp8270.cloudfront.net
dc.services.visualstudio.com
fastaction.ngpvan.com
googleads.g.doubleclick.net
js.verygoodvault.com
lightboxapi.azurewebsites.net
nvlupin.blob.core.windows.net
profile.ngpvan.com
secure.everyaction.com
secure.ngpvan.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.lightboxcdn.com
142.250.186.162
142.250.74.194
20.40.202.0
2600:9000:206f:c000:12:303c:8700:21
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:20::ac43:452d
2606:4700::6810:50a5
2620:1ec:c11::200
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:828::2002
2a00:1450:4001:829::200a
2a00:1450:400c:c06::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
45.60.33.183
52.236.186.217
52.239.157.138
65.9.68.93
090fbdd5bb7d69b9fe2ef7c654ec1d87cffe57e7fb23ccbbbf004e283550a708
09c09240791dd7620b5353be9461a38903e62d4f3a9c877480eb286f312ac87b
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0c328086605e4d878b0628b8daeffa5fddda38cd5b69d66895893311ff5ee4f7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16a0949591ce3d9afbb50d85060d630579ad930aff6919a3ef28604a4717f301
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756
26c9ab85507efa237afbc7dd5ec24dcaafbd0ffb72720ff3e85f48b1cb796d1f
326104020fa17528808dcb4889518e502fd47ad7228ab10d726aab5307a63e37
4200e26c2ff2fc480078c8952ca44d0d2dcd2dec4d4902330a938518b4febefb
432acf77fd8461b7923dee1dfdbfb687ad6697329d2c90d0cdf622bea2c13f0f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47a6c8a36ff5423411aab2ae06bcce02e65370b6391ab79c794ecc0a2a03203f
4db07e07aaa58ab850e024de380cb912e4e29a2a68270329b06e13fbaee69746
5f793d0ef8e7b2b0a2f5271e63c4be9cfaefcf746af1b849d353bf75e420d20d
63b8d8d7804469684b10ca3037d354eb8cc6a3b8d4cad3322ee92db701c4c18c
69ea948e847b9a12ce86e43762512b1eb7719a86c681483e36eef29ff8c0e8bc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
79131e85eecce214ea5421293e3a2afe8c0a9b00bdbcb241d79a98323267b4b5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85112008f74106bf7dc8348c58a5585b6349daa95b0508f818c9482623389958
8e3d1e6d617a3cffae7e6ef753647c79f64ba030b12c9871a5f5b84f45a07338
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a101f683293d644cd9d9c18673b97b08ee6d29aadbd862075b52acaeaf333ab1
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ad47985f28dacf71ba22058d9bdaaf225c4426cb9efeeb9ac68976f5a8fd9225
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b3b360dc7d412894d4772b986c10a6cfdf06ad89a522135fadf757aa7434ed02
b5390ef8e50ab8b1d4f74a533f7dfb326dac614de4faa2915bd5363374a9201b
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985
b8492fb2692042df038f6ed3a0f874e72125916c0cbe1570f59b991c78039f3c
d2219782bf808672e486c65601b5bd41e52041c592ba9bfde1030a820f257baf
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e364e5ddeeadabdaf4491ac8f05ec984a422b1a2b4253f202a277cbe35d71d79
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69bfb1566b044931f45eb9a957a8176fc399289e95a5521908a35ac1a4a416f
e8418e83f7f66afe74bfb6eb45a15d2d1907b052a5aa9cbe6cf3f4f25c99fd30
eafce006c6c4740b12cf39f704dd3544a091ea461405e26d329e844bdbfa4c54
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05a0683f3f18c98c9c18092947b9dedd1945085c9419f4e4b44e7d74205f4d1
f563d41f2969741f22c3945c5483476911808248f5733da29fb78630cf09d1fa
f9fa2bbbf048b49dca5b1207cf03a3d5867924372252df0196167810cea88780
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

act.ewg.org Open in urlscan Pro 45.60.33.183 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

70 Requests

99 %HTTPS

67 %IPv6

21 Domains

26 Subdomains

22 IPs

4 Countries

1664 kBTransfer

4528 kBSize

31 Cookies

10 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

act.ewg.org Open in urlscan Pro
45.60.33.183 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

99 %
HTTPS

67 %
IPv6

21
Domains

26
Subdomains

22
IPs

4
Countries

1664 kB
Transfer

4528 kB
Size

31
Cookies

70 HTTP transactions
2 data transactions