www.ewg.org Open in urlscan Pro
2606:4700:10::6816:174b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cosmeticsdatabase.com/
Effective URL:
https://www.ewg.org/skindeep/
Submission Tags: tranco_l324
Submission: On November 25 via api (November 25th 2021, 10:58:20 am UTC) from DE — Scanned from DE

Summary HTTP 123 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 25 domains to perform 123 HTTP transactions. The main IP is 2606:4700:10::6816:174b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ewg.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 3rd 2021. Valid for: a year.

This is the only time www.ewg.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.152.147 3.33.152.147	16509 (AMAZON-02) (AMAZON-02)
36	2606:4700:10:... 2606:4700:10::6816:174b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
4	2600:9000:215... 2600:9000:2156:800:12:303c:8700:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
4	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
7	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
8	45.60.33.183 45.60.33.183	19551 (INCAPSULA) (INCAPSULA)
1	2600:9000:215... 2600:9000:2156:6600:14:79be:a380:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	143.204.101.152 143.204.101.152	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6810:50a5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	20.40.202.0 20.40.202.0	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
123	26

1 3.33.152.147 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com

cosmeticsdatabase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700:10::6816:174b (United States)

ASN13335 (CLOUDFLARENET, US)

www.ewg.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
phorcys-static.ewg.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.ewg.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:800:12:303c:8700:21 (United States)

ASN16509 (AMAZON-02, US)

d3rse9xjbp8270.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)

profile.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
actions.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:6600:14:79be:a380:93a1 (United States)

ASN16509 (AMAZON-02, US)

js2.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.152 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-152.fra50.r.cloudfront.net

d1aqhv4sn5kxtx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

1071783566.privacysandbox.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

ewg.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:50a5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jsapi.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lightboxapi.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	ewg.org www.ewg.org phorcys-static.ewg.org static.ewg.org	878 KB
19	google-analytics.com www.google-analytics.com	40 KB
7	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	19 KB
7	zdassets.com static.zdassets.com ekr.zdassets.com	328 KB
6	lightboxcdn.com www.lightboxcdn.com jsapi.lightboxcdn.com	153 KB
5	everyaction.com actions.everyaction.com secure.everyaction.com	14 KB
5	cloudfront.net d3rse9xjbp8270.cloudfront.net d1aqhv4sn5kxtx.cloudfront.net	739 KB
4	zendesk.com ewg.zendesk.com	2 KB
4	facebook.com www.facebook.com	562 B
3	facebook.net connect.facebook.net	200 KB
3	bing.com bat.bing.com	11 KB
3	googleadservices.com www.googleadservices.com 1071783566.privacysandbox.googleadservices.com	16 KB
3	ngpvan.com profile.ngpvan.com secure.ngpvan.com	3 KB
3	addthis.com s7.addthis.com m.addthis.com	141 KB
3	gstatic.com fonts.gstatic.com	69 KB
2	google.de www.google.de	612 B
2	google.com 1 redirects www.google.com	1 KB
2	googletagmanager.com www.googletagmanager.com	113 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	azurewebsites.net lightboxapi.azurewebsites.net	738 B
1	addthisedge.com v1.addthisedge.com	371 B
1	moatads.com z.moatads.com	1 KB
1	verygoodvault.com js2.verygoodvault.com	24 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	cosmeticsdatabase.com 1 redirects cosmeticsdatabase.com	288 B
123	25

	Domain	Requested by
24	phorcys-static.ewg.org	www.ewg.org phorcys-static.ewg.org
19	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
6	static.zdassets.com	www.ewg.org static.zdassets.com
6	static.ewg.org	www.ewg.org phorcys-static.ewg.org
6	www.ewg.org	www.ewg.org static.cloudflareinsights.com
5	www.lightboxcdn.com	www.ewg.org www.lightboxcdn.com
5	stats.g.doubleclick.net	www.ewg.org www.google-analytics.com
4	ewg.zendesk.com	static.zdassets.com
4	www.facebook.com
4	actions.everyaction.com	d3rse9xjbp8270.cloudfront.net
4	d3rse9xjbp8270.cloudfront.net	www.ewg.org d3rse9xjbp8270.cloudfront.net
3	connect.facebook.net	www.ewg.org connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	fonts.gstatic.com	fonts.googleapis.com
2	www.google.de
2	www.google.com	1 redirects
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	profile.ngpvan.com	d3rse9xjbp8270.cloudfront.net
2	www.googletagmanager.com	www.ewg.org d3rse9xjbp8270.cloudfront.net
2	s7.addthis.com	www.ewg.org s7.addthis.com
2	fonts.googleapis.com	www.ewg.org phorcys-static.ewg.org
1	jsapi.lightboxcdn.com	www.lightboxcdn.com
1	secure.ngpvan.com	d3rse9xjbp8270.cloudfront.net
1	secure.everyaction.com	d3rse9xjbp8270.cloudfront.net
1	lightboxapi.azurewebsites.net	www.lightboxcdn.com
1	1071783566.privacysandbox.googleadservices.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	ekr.zdassets.com	static.zdassets.com
1	z.moatads.com	s7.addthis.com
1	d1aqhv4sn5kxtx.cloudfront.net	www.googletagmanager.com
1	js2.verygoodvault.com	d3rse9xjbp8270.cloudfront.net
1	static.cloudflareinsights.com	www.ewg.org
1	cosmeticsdatabase.com	1 redirects
123	35

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
twitter.com
www.amazon.com
www.youtube.com
act.ewg.org
play.google.com
itunes.apple.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-08` - `2022-07-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.ngpvan.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-01-14` - `2022-01-14`	a year	crt.sh
*.verygoodvault.com Amazon	`2021-03-19` - `2022-04-17`	a year	crt.sh
*.everyaction.com RapidSSL TLS RSA CA G1	`2020-05-28` - `2022-05-28`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-03` - `2021-12-02`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.privacysandbox.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
ewg.zendesk.com Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh
ssl1029400.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-06` - `2022-06-30`	a year	crt.sh
*.azurewebsites.net Microsoft RSA TLS CA 02	`2021-07-07` - `2022-07-07`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.ewg.org/skindeep/
Frame ID: B1C15E6FCB06F756BE53112A14C491B3
Requests: 111 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: DDE5AE73FBA360A986554C271E79BD99
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 071DE0884B5CB9C2B1BA442A1DC6F569
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-54fcf98b94cda999a694.js
Frame ID: AC2B7F440691A4BE6F3F559274812836
Requests: 9 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/lightbox.js?mb=1637837895979&lv=1
Frame ID: 81ED561779CA078923DE794BAE1D9EF8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

EWG Skin Deep® Cosmetics Database

Page URL History Show full URLs

http://cosmeticsdatabase.com/ HTTP 301
https://www.ewg.org/skindeep/ Page URL

Page Statistics

123
Requests

98 %
HTTPS

62 %
IPv6

25
Domains

35
Subdomains

26
IPs

4
Countries

2761 kB
Transfer

7938 kB
Size

34
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/ewg.org

Search URL Search Domain Scan URL

URL: https://www.instagram.com/environmentalworkinggroup

Search URL Search Domain Scan URL

URL: https://twitter.com/ewg

Search URL Search Domain Scan URL

URL: https://www.amazon.com/?_encoding=UTF8&camp=1789&creative=390957&linkCode=ur2&tag=wwwewgorg-20

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/EnvironmentalWG

Search URL Search Domain Scan URL

URL: https://act.ewg.org/onlineactions/hiU4DG2LikWIylNrpCTlBw2?sourceid=1016803
Title: DONATE

Search URL Search Domain Scan URL

URL: https://act.ewg.org/onlineactions/qRKdI-XRb0-5uhcms39oQg2?sourceid=1012020&ms=WEB_SkinDeep_9998_NAV
Title: SIGN UP

Search URL Search Domain Scan URL

URL: https://act.ewg.org/a/2021-verified-box-b?sourceid=1020635

Search URL Search Domain Scan URL

URL: https://act.ewg.org/a/2021-verified-box-b?sourceid=1020634

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.skindeep.mobile&hl=en
Title: Android

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/skin-deep/id703155791?mt=8
Title: Apple

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cosmeticsdatabase.com/ HTTP 301
https://www.ewg.org/skindeep/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 97

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071783566/?random=1450458224&cv=9&fst=1637837895660&num=1&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&tiba=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&auid=1175026193.1637837895&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=R2yfYdv8Kc_Bx_AP5_qKoAc&sscte=1&crd=&eitems=ChAIgIX9jAYQjKiyzIeJt5JBEh0AByrlGU0wtFSn6C1ISoT-0C3DkltGURdGmaryjA HTTP 302
https://www.google.com/pagead/1p-conversion/1071783566/?random=1450458224&cv=9&fst=1637837895660&num=1&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&tiba=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&auid=1175026193.1637837895&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=R2yfYdv8Kc_Bx_AP5_qKoAc&cid=CAQSKQCNIrLMvavsA3uT_HboFlOkGH9_gONN3QO2PYSfeZlUlylysncm6Utq&eitems=ChAIgIX9jAYQjKiyzIeJt5JBEh0AByrlGRZviMVtX2JavyqdXKymoy9r3bgS6QZDAg&random=4069985766&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/1071783566/?random=1450458224&cv=9&fst=1637837895660&num=1&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&tiba=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&auid=1175026193.1637837895&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=R2yfYdv8Kc_Bx_AP5_qKoAc&cid=CAQSKQCNIrLMvavsA3uT_HboFlOkGH9_gONN3QO2PYSfeZlUlylysncm6Utq&eitems=ChAIgIX9jAYQjKiyzIeJt5JBEh0AByrlGRZviMVtX2JavyqdXKymoy9r3bgS6QZDAg&random=4069985766&resp=GooglemKTybQhCsO&ipr=y&prhg=0

123 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ewg.org/skindeep/
Redirect Chain

http://cosmeticsdatabase.com/
https://www.ewg.org/skindeep/

56 KB
11 KB

147ms
119ms

Document
text/html

2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewg.org/skindeep/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

f57e7be36045409ccad0d3d5eece561c50f5aa9d257c207894322e31d68de8fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 25 Nov 2021 10:58:14 GMT
content-type: text/html; charset=utf-8
cf-ray: 6b3a5c5a59ba701b-FRA
age: 418
cache-control: private, max-age=1800, must-revalidate
vary: Accept-Encoding
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer-when-downgrade
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-powered-by: Non-Partisan Mallards
x-request-id: 4f4197dc-9316-4fcd-b0fb-32522ef436cb
x-runtime: 0.187846
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Thu, 25 Nov 2021 10:58:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 64
Connection: keep-alive
Location: https://www.ewg.org/skindeep/
Server: ip-10-123-122-109.ec2.internal
X-Request-Id: a44c11e8-e50f-4a17-89c7-b7406bac4545

GET
H2 200 bLMY4IbeO5Zdzi60Vrh0H1RYRxE.js Show response
www.ewg.org/cdn-cgi/apps/head/ 4 KB
2 KB 19ms
19ms Script
application/javascript 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ewg.org/cdn-cgi/apps/head/bLMY4IbeO5Zdzi60Vrh0H1RYRxE.js
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46954197136ba6c46bc950e1bdc5f339be1718a510cb5b9508cb3a965d2a5d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 592810
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 1BA09SCSVTZESX14
x-amz-id-2: 4X+efEK2fQgCBYUsoiQXlFnRvqka0vgU3ZPGjBNXDhujBeFg4jBCW1aqR61nDRyUuNXUQ5YUXdI=
last-modified: Thu, 14 Oct 2021 17:06:05 GMT
server: cloudflare
etag: W/"98eaf1726317685cb6a43f5317a6ca2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: wp7SUUs.0.poIRmklCesq40qE0JL87zU
cf-ray: 6b3a5c5b4be7701b-FRA

GET
H2 200 css
fonts.googleapis.com/ 14 KB
2 KB 38ms
17ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900|Zilla+Slab+Highlight|Slabo+27px|Permanent+Marker|Open+Sans:300,400,700&display=swap

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/skindeep/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

91885bbd6130590bdf6d2d9df816bc6d034d1e4c593e3e5aba96fe44c261dc97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 10:58:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Nov 2021 10:58:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Nov 2021 10:58:14 GMT

GET
H2 200 application-8e0f5cbc6e6115c089736591dab058d021d1748f3d08efb7dc5b757c8264bf4c.css
phorcys-static.ewg.org/skindeep_rails/ 174 KB
33 KB 54ms
44ms Stylesheet
text/css 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://phorcys-static.ewg.org/skindeep_rails/application-8e0f5cbc6e6115c089736591dab058d021d1748f3d08efb7dc5b757c8264bf4c.css
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f61e85ce22003fd361d3c76000e409300261da8072380da0eb300ff0ba278676

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 592781
cf-polished: origSize=179765
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: P1KA5CZ62MZKZEMV
x-amz-id-2: uX9z9e7ftq9X990bEkFHxnIsGR+WY+cuXq84H/etKN3M20Au+7tySxqUUyuDb8tXnqbkrn35zYA=
last-modified: Wed, 29 Sep 2021 18:05:45 GMT
server: cloudflare
etag: W/"0205507b4b06fe22349aa6f108621a94"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
cf-ray: 6b3a5c5b5c16701b-FRA
expires: Fri, 30 Sep 2022 00:05:44 GMT

GET
H3 200 api.js Show response
www.ewg.org/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 15ms
13ms Script
text/javascript 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewg.org/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/skindeep/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6b3a5c5b6a300625-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 EWGV_SD_HP_Banner-Res_Holiday-2021-B_C01.jpg
static.ewg.org/skindeep/img/ 40 KB
41 KB 52ms
42ms Image
image/webp 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/EWGV_SD_HP_Banner-Res_Holiday-2021-B_C01.jpg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2deb90c9096c22fbd6c2ca65f597aec5bd0ad4c15d6265d129c1a93018aa879

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:14 GMT
cf-cache-status: HIT
age: 1899
cf-polished: qual=85, origFmt=jpeg, origSize=184162
content-disposition: inline; filename="EWGV_SD_HP_Banner-Res_Holiday-2021-B_C01.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: A7AQ8N4M64G6YKGV
x-amz-id-2: 3v6bJMUjVYVRDDJFoA11pP9/BbMBY/iEB/Db8ljmO20JKViVfUyleNLhXqJ33SDSJ0zhhD4qJWU=
accept-ranges: bytes
last-modified: Tue, 16 Nov 2021 21:37:03 GMT
server: cloudflare
etag: "16d7f500e75d41f593aa9ce61e63c11d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=2073600
x-amz-version-id: null
content-length: 41240
cf-ray: 6b3a5c5b7c79701b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 EWGV_SD_Holiday-2021-B_C01.jpg
static.ewg.org/skindeep/img/ 69 KB
70 KB 53ms
42ms Image
image/webp 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/EWGV_SD_Holiday-2021-B_C01.jpg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be6a8fc5a5a8cc74872a3feae2101beb1059c24d3d79374ebfba31c5bed97084

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:14 GMT
cf-cache-status: HIT
age: 1899
cf-polished: qual=85, origFmt=jpeg, origSize=248268
content-disposition: inline; filename="EWGV_SD_Holiday-2021-B_C01.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: D9G1SATCBSZJ255S
x-amz-id-2: oaZXGYjNl9TI9OekHZzPmV4cPTd4xQ4ipqzloh4XrhLWysbvmSInn1q/O4fUTgzwh2MqcS2Hm0Q=
accept-ranges: bytes
last-modified: Tue, 16 Nov 2021 21:37:03 GMT
server: cloudflare
etag: "23a8f63600c53dae380ba4e3d0e72bf9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=2073600
x-amz-version-id: null
content-length: 71042
cf-ray: 6b3a5c5b7c75701b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 ewg-header-logo-39a6a9acc6dccd9eab9812530e650335de2830b5ffc760f7ae96f1016da8580d.svg
phorcys-static.ewg.org/skindeep_rails/ 1 KB
724 B 41ms
38ms Image
image/svg+xml 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phorcys-static.ewg.org/skindeep_rails/ewg-header-logo-39a6a9acc6dccd9eab9812530e650335de2830b5ffc760f7ae96f1016da8580d.svg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39a6a9acc6dccd9eab9812530e650335de2830b5ffc760f7ae96f1016da8580d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 592740
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: EMBSY36B1P45PY51
x-amz-id-2: 78l3WkMaSlOu8VC2lQORs6MaHHpfZww5ABfB31mLmUQnPlYVyeJCfH2JLte3wZSmanM/sivOXGo=
last-modified: Fri, 01 Dec 2017 16:21:58 GMT
server: cloudflare
etag: W/"2f582c3ebe25dba9ad59463e400d88f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31557600
cf-ray: 6b3a5c5b6c4f701b-FRA
expires: Sat, 01 Dec 2018 22:21:57 GMT

GET
H2 200 header-menu-7c64c5e393304161a61095476132739dcd9543504f5c57767fc325ff10eb3f06.svg
phorcys-static.ewg.org/skindeep_rails/ 468 B
490 B 36ms
33ms Image
image/svg+xml 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phorcys-static.ewg.org/skindeep_rails/header-menu-7c64c5e393304161a61095476132739dcd9543504f5c57767fc325ff10eb3f06.svg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c64c5e393304161a61095476132739dcd9543504f5c57767fc325ff10eb3f06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 592740
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: EMBKWDZ8J548PS4C
x-amz-id-2: fYEt2nvv+eT687n6PF1zvC+E4F5cOwkmvOf+hpCjEP65FhnoKOdS4Inuw8JVRug4MlUDLlbfYqs=
last-modified: Fri, 01 Dec 2017 16:22:03 GMT
server: cloudflare
etag: W/"e2cc28ac4bd681a80e941a499057fedd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31557600
cf-ray: 6b3a5c5b6c52701b-FRA
expires: Sat, 01 Dec 2018 22:22:02 GMT

GET
H2 200 close-black-069bc33438b91d0069d9b0eeaea165c081bd2d3f2314fb1366786add13b4504b.svg
phorcys-static.ewg.org/skindeep_rails/ 599 B
683 B 41ms
39ms Image
image/svg+xml 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phorcys-static.ewg.org/skindeep_rails/close-black-069bc33438b91d0069d9b0eeaea165c081bd2d3f2314fb1366786add13b4504b.svg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 069bc33438b91d0069d9b0eeaea165c081bd2d3f2314fb1366786add13b4504b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 592740
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: EMBSHP85448F2J1X
x-amz-id-2: sKgTJy2eKnpLfxFZUnZL5Gs7AO4dI1IE66axnapqSoWwqbGI8BA3mDQ/YRSdpoA0/u0hOzL0BWA=
last-modified: Wed, 23 Oct 2019 17:37:08 GMT
server: cloudflare
etag: W/"16c1b5bc1d7948132a0fe6a7c2b99057"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31557600
cf-ray: 6b3a5c5b6c53701b-FRA
expires: Thu, 22 Oct 2020 23:37:07 GMT

GET
H2 200 plus-19e009118ac3179c7cd9f83a2b1c9623f4eea2ccf8dfd3105c6c3fb615ac072c.svg
phorcys-static.ewg.org/skindeep_rails/ 387 B
441 B 41ms
39ms Image
image/svg+xml 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phorcys-static.ewg.org/skindeep_rails/plus-19e009118ac3179c7cd9f83a2b1c9623f4eea2ccf8dfd3105c6c3fb615ac072c.svg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19e009118ac3179c7cd9f83a2b1c9623f4eea2ccf8dfd3105c6c3fb615ac072c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 592740
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: EMBNX09R97J5KP7B
x-amz-id-2: 0zcHfoEQ3sJ4xXS4uXTevAJf4f9k2WDPfhYoONQzu6zqafYS2WCd53wkA1g8cQAn5eEyzu7d2Y4=
last-modified: Fri, 01 Dec 2017 16:22:01 GMT
server: cloudflare
etag: W/"1dc2967d999d9f87454c1a0bd3be1d6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31557600
cf-ray: 6b3a5c5b6c55701b-FRA
expires: Sat, 01 Dec 2018 22:22:00 GMT

GET
H2 200 minus-b38527e810dde501e66666fde1aded193fd7fb44f52918a10150dcf1165296f8.svg
phorcys-static.ewg.org/skindeep_rails/ 305 B
513 B 51ms
48ms Image
image/svg+xml 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phorcys-static.ewg.org/skindeep_rails/minus-b38527e810dde501e66666fde1aded193fd7fb44f52918a10150dcf1165296f8.svg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b38527e810dde501e66666fde1aded193fd7fb44f52918a10150dcf1165296f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 592740
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: EMBJ1W944199W9BY
x-amz-id-2: Bw71+0n6P1cjw0DLk4PtBPqTGvbdbcBf8r8eIktgUA7W/6a3OOMvaG4Z7aZXAxMndVbirpbmCc8=
last-modified: Fri, 01 Dec 2017 16:21:55 GMT
server: cloudflare
etag: W/"920feada9637580f1bedebc47c2ce3ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31557600
cf-ray: 6b3a5c5b6c58701b-FRA
expires: Sat, 01 Dec 2018 22:21:54 GMT

GET
H3 200 ewg-verified-white-f8aeac4e914652a3bd33be1ad8f09682ac64ea3a18b3338c52d7e354f43a3c6e.svg
phorcys-static.ewg.org/skindeep_rails/ 8 KB
3 KB 59ms
56ms Image
image/svg+xml 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phorcys-static.ewg.org/skindeep_rails/ewg-verified-white-f8aeac4e914652a3bd33be1ad8f09682ac64ea3a18b3338c52d7e354f43a3c6e.svg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8aeac4e914652a3bd33be1ad8f09682ac64ea3a18b3338c52d7e354f43a3c6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
content-encoding: br
cf-cache-status: HIT
age: 592731
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 7V81T477C1V6EDN8
x-amz-id-2: TYB31DRRTXtke2g1S8930XiUJf5f6ey8ll0P5Z5xxFd4Y8H43hMn0HzHM70Y2TCyd5IKYmqQaIg=
last-modified: Wed, 16 Oct 2019 13:56:33 GMT
server: cloudflare
etag: W/"07ce8a031a23ad176d26bc69c6a06e48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31557600
cf-ray: 6b3a5c5baa9d0625-FRA
expires: Thu, 15 Oct 2020 19:56:32 GMT

GET
H3 200 healthynest-logo-white-cdf1d2ae009da38395cbecaf9fe719ef5c6d8d1de7b95ff2dd6b510384ddeed6.png
phorcys-static.ewg.org/skindeep_rails/ 7 KB
7 KB 66ms
63ms Image
image/webp 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phorcys-static.ewg.org/skindeep_rails/healthynest-logo-white-cdf1d2ae009da38395cbecaf9fe719ef5c6d8d1de7b95ff2dd6b510384ddeed6.png
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d014917a20fa24c355d8ae7bf0d77f7bd92961ee103b38f059afee144f21ddea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
cf-cache-status: HIT
age: 592731
cf-polished: origFmt=png, origSize=16763
content-disposition: inline; filename="healthynest-logo-white-cdf1d2ae009da38395cbecaf9fe719ef5c6d8d1de7b95ff2dd6b510384ddeed6.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 7V87E4GQVEYD681M
x-amz-id-2: qtWlO60O5GZSv5hZvMSzUnEx3D/YGA1FaOvF6+2umiVizjOjU0mmEyd/pp2KLAd4cB+/Bg9bfZM=
accept-ranges: bytes
last-modified: Mon, 05 Apr 2021 13:31:25 GMT
server: cloudflare
etag: "ebf0d46b7001afd4ecad4accdd16cc52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31557600
content-length: 7002
cf-ray: 6b3a5c5baaa00625-FRA
expires: Tue, 05 Apr 2022 19:31:24 GMT

GET
H3 200 research-magnify-d72099aff5844bb616127eeb41b61b28c273122cb4cb5a45cb59325d4ad97cfc.svg
phorcys-static.ewg.org/skindeep_rails/ 616 B
818 B 60ms
57ms Image
image/svg+xml 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phorcys-static.ewg.org/skindeep_rails/research-magnify-d72099aff5844bb616127eeb41b61b28c273122cb4cb5a45cb59325d4ad97cfc.svg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d72099aff5844bb616127eeb41b61b28c273122cb4cb5a45cb59325d4ad97cfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
content-encoding: br
cf-cache-status: HIT
age: 592731
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 7V8404FMPD17KNYN
x-amz-id-2: LzqFs3O3olGzhjoYbpXOBusqJczz/FCM4TDfJl8pp8coPvv+GkiPSE+dxtkuzl0djaqvyWlWeqA=
last-modified: Fri, 05 Oct 2018 13:41:37 GMT
server: cloudflare
etag: W/"b1942c45fd26854683ed5786820a4c4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31557600
cf-ray: 6b3a5c5baaa20625-FRA
expires: Sat, 05 Oct 2019 19:41:36 GMT

GET
H3 200 research-PGSkinDeepHP-45db240b4fcf5c91eb354bfd3978cf036a2621661ee1b811bdd0c8deab2eb052.jpg
phorcys-static.ewg.org/skindeep_rails/ 1 KB
2 KB 66ms
63ms Image
image/jpeg 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phorcys-static.ewg.org/skindeep_rails/research-PGSkinDeepHP-45db240b4fcf5c91eb354bfd3978cf036a2621661ee1b811bdd0c8deab2eb052.jpg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9863eca6e490b3ede1c4bdf8e9fc216ed15b2a23e925af704a50bcf7f300bc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
cf-cache-status: HIT
age: 592731
cf-polished: degrade=85, origSize=6634, status=webp_bigger
cf-bgj: imgq:85,h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 7V846T6KGKEQZYA5
x-amz-id-2: BAO2yuhq3WGK6ncTKB8nNfhHxpj0sQqV3nVhij/ejVMCa3OyVbGx8vipzkUxSuXxfi/ifEJofis=
accept-ranges: bytes
last-modified: Fri, 05 Oct 2018 13:41:37 GMT
server: cloudflare
etag: "ba3e4280dab238bd01a25e8c23075b95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31557600
content-length: 1502
cf-ray: 6b3a5c5baaa30625-FRA
expires: Sat, 05 Oct 2019 19:41:36 GMT

GET
H3 200 research-TeflonSkinDeepHP-da702bb160a23eacedf3988568613cc524851c153e6119f6254b0d637bcd95bd.png
phorcys-static.ewg.org/skindeep_rails/ 7 KB
8 KB 59ms
56ms Image
image/webp 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phorcys-static.ewg.org/skindeep_rails/research-TeflonSkinDeepHP-da702bb160a23eacedf3988568613cc524851c153e6119f6254b0d637bcd95bd.png
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dd7605b43e128f4a23bd876295fdd57b739a73453dd9e87c07189283a470dfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
cf-cache-status: HIT
age: 592731
cf-polished: origFmt=png, origSize=10417
content-disposition: inline; filename="research-TeflonSkinDeepHP-da702bb160a23eacedf3988568613cc524851c153e6119f6254b0d637bcd95bd.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 7V80BDR2VQGAAZ7N
x-amz-id-2: JpqLXc1W31aEEWwuEbVBsUp0mViHLsjC6kNfMBPGS5tOq3bWmhf0otZJ/6mZDohyq05Xldc5GHw=
accept-ranges: bytes
last-modified: Fri, 05 Oct 2018 13:41:37 GMT
server: cloudflare
etag: "a094547f7971cb59585b1e8920e4db8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31557600
content-length: 7474
cf-ray: 6b3a5c5baaa60625-FRA
expires: Sat, 05 Oct 2019 19:41:36 GMT

GET
H3 200 research-BWCSkinDeepHP-809346adf32f1dfa4980672becc8ff867ffbb01b53e6fa31d1b23b759b6a9c73.png
phorcys-static.ewg.org/skindeep_rails/ 5 KB
6 KB 65ms
61ms Image
image/webp 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phorcys-static.ewg.org/skindeep_rails/research-BWCSkinDeepHP-809346adf32f1dfa4980672becc8ff867ffbb01b53e6fa31d1b23b759b6a9c73.png
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 933bb4527575f8840282dd8f20e7f8d4eaa2ef1bc682ac9dd79d96cd81537ff9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
cf-cache-status: HIT
age: 234699
cf-polished: origFmt=png, origSize=8998
content-disposition: inline; filename="research-BWCSkinDeepHP-809346adf32f1dfa4980672becc8ff867ffbb01b53e6fa31d1b23b759b6a9c73.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: BGJR4G593GY11TEZ
x-amz-id-2: ZmN3Z7N7JEFOkCCuCIy9u0EWISp90h2+fUg+y/tCPp0L7mfMcFJpVpd4l625kMRCUBiFt3Z3Jd4=
accept-ranges: bytes
last-modified: Fri, 05 Oct 2018 13:41:37 GMT
server: cloudflare
etag: "c697c4084501fe514b50128a9832810b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31557600
content-length: 5388
cf-ray: 6b3a5c5baaa70625-FRA
expires: Sat, 05 Oct 2019 19:41:36 GMT

GET
H3 200 research-UnileverSkinDeepHP-996eaaa65446815ecd56497e8be055beb6e7f1da8dbd50b18e300223ac5e6b7a.png
phorcys-static.ewg.org/skindeep_rails/ 6 KB
6 KB 60ms
57ms Image
image/webp 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phorcys-static.ewg.org/skindeep_rails/research-UnileverSkinDeepHP-996eaaa65446815ecd56497e8be055beb6e7f1da8dbd50b18e300223ac5e6b7a.png
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7482894ecd8e63a41f552adbed383435bbd3c98afed18b426200ce53333e557

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
cf-cache-status: HIT
age: 592731
cf-polished: origFmt=png, origSize=9617
content-disposition: inline; filename="research-UnileverSkinDeepHP-996eaaa65446815ecd56497e8be055beb6e7f1da8dbd50b18e300223ac5e6b7a.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 7V890HS7CF8NWBKE
x-amz-id-2: ojKi/JyHz9kP4SzrJl4asjbNCHZJY1YaDeRR1rpnQcJr8C+CygxjImaDznooWjWrUTLCWN+gRyU=
accept-ranges: bytes
last-modified: Fri, 05 Oct 2018 13:41:39 GMT
server: cloudflare
etag: "4c1ea4fccea2cfdf50a71bcdc55a7667"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31557600
content-length: 5894
cf-ray: 6b3a5c5baaaa0625-FRA
expires: Sat, 05 Oct 2019 19:41:38 GMT

GET
H2 200 at.js Show response
d3rse9xjbp8270.cloudfront.net/ 827 KB
234 KB 35ms
7ms Script
application/javascript 2600:9000:2156:800:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 967d1593d85f590d30ae1d96e2555fe0abe98a6088ac82f34b6f4bd9fc0507b1

Request headers

Referer: https://www.ewg.org/skindeep/
Origin: https://www.ewg.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 15:32:48 GMT
content-encoding: gzip
age: 69927
x-cache: Hit from cloudfront
content-length: 238998
access-control-allow-origin: *
last-modified: Tue, 23 Nov 2021 15:32:19 GMT
server: AmazonS3
etag: "09591c5ffa5ee16e7b05af108573f47c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 1HMTgsykxssjBfXOVnobv4Z-Q3Y_EwoQK6wBn-icaw81ZGMHeoZX6w==

GET
H2 200 at.min.css
d3rse9xjbp8270.cloudfront.net/ 111 KB
21 KB 35ms
7ms Stylesheet
text/css 2600:9000:2156:800:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2eb969816b021169af5e58f6e90175ea3619d63c707d92afd22ddc16d15527cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 15:32:48 GMT
content-encoding: gzip
age: 69927
x-cache: Hit from cloudfront
content-length: 20669
access-control-allow-origin: *
last-modified: Tue, 23 Nov 2021 15:32:19 GMT
server: AmazonS3
etag: "afb30299e4269038ebb2ae9d3ae9a733"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: EneMQkQRwD3FGBlZXnDR--6p9z4KqAc4CD9C_YC0lskeHBke1LUItw==

GET
H3 200 SD_FoodScores-Img_C03-3a423e5bcbb48385ea314973ba5784c19caf680f2c339cfc3b93ea698b4128ac.jpg
phorcys-static.ewg.org/skindeep_rails/ 29 KB
29 KB 72ms
67ms Image
image/jpeg 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phorcys-static.ewg.org/skindeep_rails/SD_FoodScores-Img_C03-3a423e5bcbb48385ea314973ba5784c19caf680f2c339cfc3b93ea698b4128ac.jpg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a423e5bcbb48385ea314973ba5784c19caf680f2c339cfc3b93ea698b4128ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
cf-cache-status: HIT
age: 592741
cf-polished: status=not_needed
cf-bgj: imgq:85,h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: EMBNWGGE1Q585S7Y
x-amz-id-2: ohchHI3dq7WLXbfE+lp7GJxfyyIa4UU/jgDfmCkaJyIKUGni0acjK4MTq32ttB6qZTk6nOzl8Fg=
accept-ranges: bytes
last-modified: Wed, 16 Oct 2019 15:55:48 GMT
server: cloudflare
etag: "eaca7b575712aa3e85d2dae012ca4397"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31557600
content-length: 29347
cf-ray: 6b3a5c5baaac0625-FRA
expires: Thu, 15 Oct 2020 21:55:47 GMT

GET
H3 200 SD_Cleaners-Img_C02-20bee61f116cca750a6360cc9bfeb7aef0b8cb369b767194e616b743065320ec.jpg
phorcys-static.ewg.org/skindeep_rails/ 35 KB
36 KB 65ms
60ms Image
image/jpeg 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phorcys-static.ewg.org/skindeep_rails/SD_Cleaners-Img_C02-20bee61f116cca750a6360cc9bfeb7aef0b8cb369b767194e616b743065320ec.jpg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f12733a6c38b7b68342353522af5c0fcbbf9bb9a28f39ed203513bd7876f6d55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
cf-cache-status: HIT
age: 592741
cf-polished: origSize=36328, status=webp_bigger
cf-bgj: imgq:85,h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: EMBJTYS5CKAXZ9ZM
x-amz-id-2: 3/PKsLgIASsdSsjFFHYhi5RzE6bXlN0sdO2DNc0iTcysAcDf2TW4p8FPweDCB397suXMzf/P3dM=
accept-ranges: bytes
last-modified: Wed, 16 Oct 2019 15:55:47 GMT
server: cloudflare
etag: "1bc61c185755cc25804d0412e4a21a8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31557600
content-length: 36319
cf-ray: 6b3a5c5baaae0625-FRA
expires: Thu, 15 Oct 2020 21:55:46 GMT

GET
H3 200 SD_Sunscreens-Img-7baffe965b4b3560807a8dda1d9471870d09300f7892d15979b463d2aa7a1c49.jpg
phorcys-static.ewg.org/skindeep_rails/ 29 KB
30 KB 73ms
68ms Image
image/webp 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phorcys-static.ewg.org/skindeep_rails/SD_Sunscreens-Img-7baffe965b4b3560807a8dda1d9471870d09300f7892d15979b463d2aa7a1c49.jpg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc4752775f5c65a15c50f2d30a96ac825fbd720f238c19c794339cf512bc035d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
cf-cache-status: HIT
age: 592741
cf-polished: qual=85, origFmt=jpeg, origSize=55978
content-disposition: inline; filename="SD_Sunscreens-Img-7baffe965b4b3560807a8dda1d9471870d09300f7892d15979b463d2aa7a1c49.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: EMBPGPWSFBQ68KWK
x-amz-id-2: 0gNXZkqzv1CtmqTXzEtnJu5m84a0d42q2I6xyvAAICtNdvAoA/wThiZUymh/0LWYMW2brSHS8KU=
accept-ranges: bytes
last-modified: Wed, 16 Oct 2019 13:56:32 GMT
server: cloudflare
etag: "932e9423e47de6735886af7709ac4d8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31557600
content-length: 29944
cf-ray: 6b3a5c5baab20625-FRA
expires: Thu, 15 Oct 2020 19:56:31 GMT

GET
H3 200 carousel-ewg-verified-ee162012b2d9ff44cafba329a6e42eea0f33271fca8971460ea0aa55dd3197e0.jpg
phorcys-static.ewg.org/skindeep_rails/ 15 KB
16 KB 62ms
57ms Image
image/webp 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phorcys-static.ewg.org/skindeep_rails/carousel-ewg-verified-ee162012b2d9ff44cafba329a6e42eea0f33271fca8971460ea0aa55dd3197e0.jpg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce0e516fe9a9b0bd7734e7e9de25e52b635e2c4440bc8c0072c7ab821c0149a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
cf-cache-status: HIT
age: 592741
cf-polished: qual=85, origFmt=jpeg, origSize=28225
content-disposition: inline; filename="carousel-ewg-verified-ee162012b2d9ff44cafba329a6e42eea0f33271fca8971460ea0aa55dd3197e0.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: EMBH6TJA4Y58WX23
x-amz-id-2: HRxkx2kWpvHg949o90SEpNGoP+ZhFww6+OaVieRjyCMVzsiW3ShW5DHxmA68jA9PzEUUVZhPb78=
accept-ranges: bytes
last-modified: Tue, 28 Aug 2018 22:28:00 GMT
server: cloudflare
etag: "6769eaba8882ed8d9218396a74126ad9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31557600
content-length: 15510
cf-ray: 6b3a5c5baab40625-FRA
expires: Thu, 29 Aug 2019 04:27:59 GMT

GET
H3 200 SD_HealthyLiv-Img_C02-9afc012352d7e03e73cd4574c48eeafb82e0e3317cf5daeb05b57deafe06320a.jpg
phorcys-static.ewg.org/skindeep_rails/ 27 KB
27 KB 81ms
76ms Image
image/webp 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phorcys-static.ewg.org/skindeep_rails/SD_HealthyLiv-Img_C02-9afc012352d7e03e73cd4574c48eeafb82e0e3317cf5daeb05b57deafe06320a.jpg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1905d26a35fbd5d1cc0e4099c3cc78191b783da1b65e1fde5bd387f238b4ce94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
cf-cache-status: HIT
age: 232145
cf-polished: qual=85, origFmt=jpeg, origSize=27822
content-disposition: inline; filename="SD_HealthyLiv-Img_C02-9afc012352d7e03e73cd4574c48eeafb82e0e3317cf5daeb05b57deafe06320a.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: AK7TEDVHAS4FGEDA
x-amz-id-2: Jjdk/MnrwF2Y5HZ4KLMgxR042ry+52HVcnztaGiVZiRyOyIPNxmnkbXWc1+d2cuDB0+QwD1UV/4=
accept-ranges: bytes
last-modified: Wed, 16 Oct 2019 15:55:47 GMT
server: cloudflare
etag: "1796bebbf0c115a7e1b231e10c2d832a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31557600
content-length: 27140
cf-ray: 6b3a5c5baab70625-FRA
expires: Thu, 15 Oct 2020 21:55:46 GMT

GET
H3 200 carousel-pesticides-53d0e27eda12275d463237aea7b1048c62d73c5442fcbbe06d3952b90bca2ed0.jpg
phorcys-static.ewg.org/skindeep_rails/ 32 KB
32 KB 132ms
126ms Image
image/webp 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phorcys-static.ewg.org/skindeep_rails/carousel-pesticides-53d0e27eda12275d463237aea7b1048c62d73c5442fcbbe06d3952b90bca2ed0.jpg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a46db86d408da6ade237e945d2a6e0f635d1d18622fd04d9228a9ab2049c90a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
cf-cache-status: HIT
age: 592741
cf-polished: qual=85, origFmt=jpeg, origSize=36852
content-disposition: inline; filename="carousel-pesticides-53d0e27eda12275d463237aea7b1048c62d73c5442fcbbe06d3952b90bca2ed0.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: EMBTYK2K524RW6FG
x-amz-id-2: Ys+U5RfnNOWWuJGZFVnogMCvgd+6ICP5GUCFLP5+dOniZ55SeDibjHI4jC2LloGnDbcISAPmoHc=
accept-ranges: bytes
last-modified: Tue, 28 Aug 2018 22:28:00 GMT
server: cloudflare
etag: "5598d3022bd0dc06ab2e6aa3057f4fcb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31557600
content-length: 32540
cf-ray: 6b3a5c5baabb0625-FRA
expires: Thu, 29 Aug 2019 04:27:59 GMT

GET
H2 200 HL-App-PopUp_C02.jpg
static.ewg.org/reports/2017/sunscreens/img/ 27 KB
28 KB 86ms
77ms Image
image/webp 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/reports/2017/sunscreens/img/HL-App-PopUp_C02.jpg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49a020f82b17a6a6542563ac67191ea3a75defc3d45336309b0d2c20b885a372

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
cf-cache-status: HIT
age: 1899
cf-polished: qual=85, origFmt=jpeg, origSize=103716
content-disposition: inline; filename="HL-App-PopUp_C02.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: J86VYVEJFTCHSBDX
x-amz-id-2: zlmGggIR1dsSeEUknU9IUbSxe1wCceluWyephPVsCy1KW+3NP2uKE0J5TOyKEy13KO8RqhWv45g=
accept-ranges: bytes
last-modified: Mon, 09 Apr 2018 16:48:35 GMT
server: cloudflare
etag: "0fa166cd919b3631f0fa5dd1995173e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=2073600
x-amz-version-id: null
content-length: 27784
cf-ray: 6b3a5c5b7c78701b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 EWG_Logo_White.png
static.ewg.org/reports/2017/tap-water/img/ 9 KB
9 KB 42ms
42ms Image
image/webp 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/reports/2017/tap-water/img/EWG_Logo_White.png
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d6a593ed349f8afe1533a957cc9d82cd7453bee687835b2700a606711de306c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:14 GMT
cf-cache-status: HIT
age: 4275
cf-polished: origFmt=png, origSize=35151
content-disposition: inline; filename="EWG_Logo_White.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 02T5E5C9XPEHZNZS
x-amz-id-2: bf02V0lZl3d3ASus3hdOs9OqT4RSR6+ba7ted4MnU9iPK+H815XsS5FS67HI54splwjWYotCM6E=
accept-ranges: bytes
last-modified: Thu, 20 Jul 2017 19:56:47 GMT
server: cloudflare
etag: "7476810b5f83734fac9d6286180bd9bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=2073600
x-amz-version-id: null
content-length: 8828
cf-ray: 6b3a5c5b8c96701b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 EWG-logo-white-400.png
static.ewg.org/reports/2017/tap-water/img/ 10 KB
11 KB 42ms
42ms Image
image/webp 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/reports/2017/tap-water/img/EWG-logo-white-400.png
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bb7b510fdc83ec64e533c3840348193fda7e2ea08c205b27b46bbfe8092bdbb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:14 GMT
cf-cache-status: HIT
age: 4290
cf-polished: origFmt=png, origSize=38669
content-disposition: inline; filename="EWG-logo-white-400.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: A7ATJ9J1VNHSGBYC
x-amz-id-2: Ge96z1TKbjS+RNnLxhLRpICq+bAZOD68BN+WMfJgZst1ys6UxiM3psvBeffkomXUwD4ktmrUJNI=
accept-ranges: bytes
last-modified: Thu, 20 Jul 2017 20:44:48 GMT
server: cloudflare
etag: "62ed055244f280a7e111b40f8f6e44dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=2073600
x-amz-version-id: null
content-length: 10642
cf-ray: 6b3a5c5b8c97701b-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 rocket-loader.min.js Show response
www.ewg.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 13ms
12ms Script
application/javascript 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewg.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/skindeep/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Nov 2021 17:32:49 GMT
server: cloudflare
etag: W/"619bd441-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6b3a5c5b6a330625-FRA
vary: Accept-Encoding
expires: Sat, 27 Nov 2021 10:58:14 GMT

GET
H2 200 v64f9daad31f64f81be21cbef6184a5e31634941392597 Show response
static.cloudflareinsights.com/beacon.min.js/ 13 KB
5 KB 74ms
52ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bf0a170ae91f1bb8d0c94381a74ab8b85f938bf31bf18a9c8e3b835250d3be6

Request headers

Referer: https://www.ewg.org/skindeep/
Origin: https://www.ewg.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 22:23:12 GMT
server: cloudflare
etag: W/2021.10.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6b3a5c5bca22691f-FRA

GET
H3 200 css
fonts.googleapis.com/ 695 B
367 B 31ms
15ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Economica

Requested by

Host: phorcys-static.ewg.org
URL: https://phorcys-static.ewg.org/skindeep_rails/application-8e0f5cbc6e6115c089736591dab058d021d1748f3d08efb7dc5b757c8264bf4c.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9caaa568a5b47fc914aa25d45b9a88d39ff8275806154ce34db7d57b7ab4dd6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://phorcys-static.ewg.org/skindeep_rails/application-8e0f5cbc6e6115c089736591dab058d021d1748f3d08efb7dc5b757c8264bf4c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 10:08:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Nov 2021 10:58:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Nov 2021 10:58:15 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
24 KB 30ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900|Zilla+Slab+Highlight|Slabo+27px|Permanent+Marker|Open+Sans:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ewg.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:26:28 GMT
x-content-type-options: nosniff
age: 221507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 22 Nov 2022 21:26:28 GMT

GET
H3 200 EWG_SD-App-Ad-2017-a1aeb3f1a9f809f7e9b0b66d79c23eff1ad48c3527eaf982c2f66e5dda2ef956.png
phorcys-static.ewg.org/skindeep_rails/ 138 KB
138 KB 52ms
51ms Image
image/webp 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phorcys-static.ewg.org/skindeep_rails/EWG_SD-App-Ad-2017-a1aeb3f1a9f809f7e9b0b66d79c23eff1ad48c3527eaf982c2f66e5dda2ef956.png
Requested by: Host: phorcys-static.ewg.org
URL: https://phorcys-static.ewg.org/skindeep_rails/application-8e0f5cbc6e6115c089736591dab058d021d1748f3d08efb7dc5b757c8264bf4c.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a64e2327313e6ebd5bbacf97644219f49cdeeb357b2340f9a9c9337c682e211a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://phorcys-static.ewg.org/skindeep_rails/application-8e0f5cbc6e6115c089736591dab058d021d1748f3d08efb7dc5b757c8264bf4c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
cf-cache-status: HIT
age: 592731
cf-polished: origFmt=png, origSize=165683
content-disposition: inline; filename="EWG_SD-App-Ad-2017-a1aeb3f1a9f809f7e9b0b66d79c23eff1ad48c3527eaf982c2f66e5dda2ef956.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 7V80E6PA233MWZS3
x-amz-id-2: F5iJfLtZA1BYpLilsDClVj+aw+Vw83w4frmQr9bx+nFUysBIYf0RlsX8OiWP+BSaHgcP61yZxoE=
accept-ranges: bytes
last-modified: Fri, 01 Dec 2017 16:22:04 GMT
server: cloudflare
etag: "91cf73971f862636c000066a8006a42b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31557600
content-length: 141026
cf-ray: 6b3a5c5c0b930625-FRA
expires: Sat, 01 Dec 2018 22:22:03 GMT

GET
H3 200 EWG_ChildrensHealth-9af6373e79e6025af877f47d01ca74295d726b4f6611f8ffbb05323125569cd5.jpg
phorcys-static.ewg.org/skindeep_rails/ 22 KB
22 KB 50ms
50ms Image
image/webp 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phorcys-static.ewg.org/skindeep_rails/EWG_ChildrensHealth-9af6373e79e6025af877f47d01ca74295d726b4f6611f8ffbb05323125569cd5.jpg
Requested by: Host: phorcys-static.ewg.org
URL: https://phorcys-static.ewg.org/skindeep_rails/application-8e0f5cbc6e6115c089736591dab058d021d1748f3d08efb7dc5b757c8264bf4c.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93e57b35638c58f456274e849ab3cd78c8d767d008c5292cfbe104195e490f95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://phorcys-static.ewg.org/skindeep_rails/application-8e0f5cbc6e6115c089736591dab058d021d1748f3d08efb7dc5b757c8264bf4c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
cf-cache-status: HIT
age: 592731
cf-polished: qual=85, origFmt=jpeg, origSize=27230
content-disposition: inline; filename="EWG_ChildrensHealth-9af6373e79e6025af877f47d01ca74295d726b4f6611f8ffbb05323125569cd5.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 7V84DQTZ7K6E5RHQ
x-amz-id-2: VQuyeyPZ2KVMOAcLmwV+chx1URhzeSxE6yYoPGjeHDx8rMhoS75rIOEJn3Dn8X0EguMc/V5XCAg=
accept-ranges: bytes
last-modified: Fri, 05 Oct 2018 13:41:38 GMT
server: cloudflare
etag: "faadf9cc0265810fbbabb675ccf9db4d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31557600
content-length: 22358
cf-ray: 6b3a5c5c0b950625-FRA
expires: Sat, 05 Oct 2019 19:41:37 GMT

GET
H3 200 SD_New_TapWater-Ad-43f7cac9a9ce700ae1b689cb1684aed9d5ca9369d823714dbfdee0b8dbe9f5db.png
phorcys-static.ewg.org/skindeep_rails/ 147 KB
148 KB 32ms
31ms Image
image/webp 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phorcys-static.ewg.org/skindeep_rails/SD_New_TapWater-Ad-43f7cac9a9ce700ae1b689cb1684aed9d5ca9369d823714dbfdee0b8dbe9f5db.png
Requested by: Host: phorcys-static.ewg.org
URL: https://phorcys-static.ewg.org/skindeep_rails/application-8e0f5cbc6e6115c089736591dab058d021d1748f3d08efb7dc5b757c8264bf4c.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc01c64a3730a7d5c7edc33769a6dbeac72629a16fb24a90b69db2a5a7e31677

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://phorcys-static.ewg.org/skindeep_rails/application-8e0f5cbc6e6115c089736591dab058d021d1748f3d08efb7dc5b757c8264bf4c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
cf-cache-status: HIT
age: 592731
cf-polished: origFmt=png, origSize=170151
content-disposition: inline; filename="SD_New_TapWater-Ad-43f7cac9a9ce700ae1b689cb1684aed9d5ca9369d823714dbfdee0b8dbe9f5db.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 7V899HDSWVDWM9A9
x-amz-id-2: w0sM33WdJD0t1TQ0kY89yjuGYLd2U/N6ljLy8BxdURA1UqrJI2hdTxAVd73o1lXz7JMaugrewcc=
accept-ranges: bytes
last-modified: Fri, 18 Oct 2019 20:28:40 GMT
server: cloudflare
etag: "ea5c27d31ae6d5c44f3d2a8712414eac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31557600
content-length: 151034
cf-ray: 6b3a5c5c0b970625-FRA
expires: Sun, 18 Oct 2020 02:28:39 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 33ms
16ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900|Zilla+Slab+Highlight|Slabo+27px|Permanent+Marker|Open+Sans:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ewg.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 02:43:26 GMT
x-content-type-options: nosniff
age: 116089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23248
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:53 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 02:43:26 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 23ms
11ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900|Zilla+Slab+Highlight|Slabo+27px|Permanent+Marker|Open+Sans:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ewg.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:27:49 GMT
x-content-type-options: nosniff
age: 541826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 04:27:49 GMT

GET
H3 200 fontawesome-webfont.woff2
static.ewg.org/fonts/ 75 KB
76 KB 143ms
129ms Font
application/octet-stream 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ewg.org/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: phorcys-static.ewg.org
URL: https://phorcys-static.ewg.org/skindeep_rails/application-8e0f5cbc6e6115c089736591dab058d021d1748f3d08efb7dc5b757c8264bf4c.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://phorcys-static.ewg.org/
Origin: https://www.ewg.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
cf-cache-status: HIT
age: 1934
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: MHV976J4KV4DBVTC
x-amz-id-2: +nZPRRml/hDCG6N01znRtxLn1hU9jsObj51EfaWP8uAyUzL/yXTvWWCAsgvlOjSHAu38G+3ck+I=
accept-ranges: bytes
last-modified: Fri, 01 Dec 2017 17:06:13 GMT
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.ewg.org
cache-control: max-age=2073600
access-control-allow-credentials: true
x-amz-version-id: null
content-length: 77160
cf-ray: 6b3a5c5c2f614eb5-FRA

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 60ms
37ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Thu, 25 Nov 2021 10:58:15 GMT
x-host: s7.addthis.com
content-length: 116382

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 20 KB
6 KB 48ms
22ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=ddae71b0-53e4-4646-9859-d51edea50265

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 6BEK968C0FJD9VY0
x-amz-id-2: EhFBfPrBL1qCfq6WfDKB/2I1Ba+lGOPlMeKTiniZTgERrqBU3wnlkZYQ2wmYJcAGdQdT3OqWA9E=
last-modified: Wed, 09 Jun 2021 00:08:59 GMT
server: cloudflare
etag: W/"cc904f41324148b571599b3b02fdec0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gy0GMkscxpjYDvOMLKyXIoax%2BkvW4zZKCiVX4AKDCEDm0IwIxu4yD%2FwsFIOWmbkKzHbLxm3S0ZVIR7obvG5m6M%2F3ex4%2FI39W%2B5cydtxV2eaomKG%2BcL7dQp0XGYqhblBlu2mmvsk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: VFukQxfz8SFs4LT0u8yzm_CAm2zq09sT
cf-ray: 6b3a5c5c8fd5690a-FRA

GET
H3 200 application-cf1e044ecd3a63e7a8cd5e4d642ed475a550f552beb363511e7963e508dd75db.js Show response
phorcys-static.ewg.org/skindeep_rails/ 194 KB
61 KB 31ms
30ms Script
application/javascript 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://phorcys-static.ewg.org/skindeep_rails/application-cf1e044ecd3a63e7a8cd5e4d642ed475a550f552beb363511e7963e508dd75db.js
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0be0a73502696f9582887c3269b2d6adb4a1fe505189b2f00a720ccd78a4c1db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
content-encoding: br
cf-cache-status: HIT
age: 592782
cf-polished: origSize=198552
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: P1K2Y9TAKK2Z0FN4
x-amz-id-2: slXjvDFu5IhJXflMRNJKYL/viod9NwvBhrm21tpHpFr2+zndaH1p1jc3QUfgk87vwhjrkPvq984=
last-modified: Mon, 01 Mar 2021 19:33:15 GMT
server: cloudflare
etag: W/"73bff0be9eeb59c476ccab3ea40a9031"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
cf-ray: 6b3a5c5c5c390625-FRA
expires: Wed, 02 Mar 2022 01:33:14 GMT

POST
H3 204 result Show response
www.ewg.org/cdn-cgi/bm/cv/ 0
449 B 12ms
12ms XHR
text/plain 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ewg.org/cdn-cgi/bm/cv/result?req_id=6b3a5c5a59ba701b
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/cdn-cgi/bm/cv/669835187/api.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ewg.org/skindeep/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
server: cloudflare
cf-ray: 6b3a5c5d0d720625-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 212 KB
71 KB 52ms
31ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/skindeep/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b2edf205504b3d3526228e755a6e6d8ded4d8f08b8356d60ecbe9c5d58d986c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72165
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Nov 2021 10:58:15 GMT

GET
H2 200 at.js Show response
d3rse9xjbp8270.cloudfront.net/ 827 KB
234 KB 7ms
7ms Script
application/javascript 2600:9000:2156:800:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 967d1593d85f590d30ae1d96e2555fe0abe98a6088ac82f34b6f4bd9fc0507b1

Request headers

Referer: https://www.ewg.org/skindeep/
Origin: https://www.ewg.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 15:32:48 GMT
content-encoding: gzip
age: 69928
x-cache: Hit from cloudfront
content-length: 238998
access-control-allow-origin: *
last-modified: Tue, 23 Nov 2021 15:32:19 GMT
server: AmazonS3
etag: "09591c5ffa5ee16e7b05af108573f47c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: m_DEG5SfF5Jh63o-d0qwyL8xzMJ7MdjMNAGzdMN7g4CcSuwZ-AGIUQ==

GET
H2 200 identity Show response
profile.ngpvan.com/ 72 B
1 KB 446ms
404ms Script
text/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.ngpvan.com/identity?callback=_jqjsp

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Express, ASP.NET

Resource Hash

dc0af7c7484b805bdd8d1f28e8a9d423ee920bf490114129c0c755af290b932f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-powered-by: Express, ASP.NET
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-iinfo: 3-66929174-66929176 NNNN CT(-1 -1 2) RT(1637837895121 0) q(0 0 3 0) r(4 4) U5
x-cdn: Imperva
content-type: text/javascript; charset=utf-8
content-length: 193
etag: W/"48-zXtiYGk56ODtawZ40du6H0RM8t8"
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 118 KB
42 KB 59ms
45ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f72117e611b8f7e7a3aac02f8735a20b3f5dd8710d01c034c1289edb82ca0251

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43222
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Nov 2021 10:58:15 GMT

GET
H2 200 extra.min.css
d3rse9xjbp8270.cloudfront.net/ 93 KB
16 KB 7ms
7ms Stylesheet
text/css 2600:9000:2156:800:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab7d6a00ed144388c18ab2aa2af38b75498734abf2ac3e407dba3c01c5f0510c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 13:51:06 GMT
content-encoding: gzip
age: 76030
x-cache: Hit from cloudfront
content-length: 15867
access-control-allow-origin: *
last-modified: Tue, 23 Nov 2021 15:32:19 GMT
server: AmazonS3
etag: "7a24d1be4710bc30d71b2f96b20997b0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: SuqUDmLwXnRFED3HME_95bThyrl03KI7q8211VwPOa4zfas9vNq28g==

GET
H/1.1 200
OK AC2nt8erbFu3svSWxmyTZr1b.js Show response
js2.verygoodvault.com/vgs-collect/1/ 76 KB
24 KB 63ms
9ms Script
application/javascript 2600:9000:2156:6600:14:79be:a380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js2.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6600:14:79be:a380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18c7974cdab32e0e913639d2a48b6b5015677b61e6a6c92abbfaeae341b37799

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: s108w9ESk9MsUpkYVuIVY.XmC2guOF28
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 24 Apr 2020 20:22:27 GMT
Server: AmazonS3
Age: 40
ETag: W/"9b953aa54ddcf3f41bc5a40e25cf8452"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Thu, 25 Nov 2021 10:57:46 GMT
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: 3B1dFINEpgUrXN_5ITNMXv5QReKTbiNB92xBnOUzpdfCMFrGZ8jwMw==

GET
H/1.1 200
OK gMjcaaeQ-0e6o3ILAo_yrw2 Show response
actions.everyaction.com/v1/Forms/ 12 KB
6 KB 210ms
168ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://actions.everyaction.com/v1/Forms/gMjcaaeQ-0e6o3ILAo_yrw2

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9469eff73ae5811f36972e1bebd2c124ceb5789751dc82d116309b51745edd40

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ewg.org/skindeep/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
X-Iinfo: 3-66929184-66926739 2NNN RT(1637837895162 10) q(0 0 0 4) r(2 2)
Content-Length: 4238
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
X-Frame-Options: SAMEORIGIN
Date: Thu, 25 Nov 2021 10:58:14 GMT
Vary: Origin,Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.ewg.org
Access-Control-Expose-Headers: Request-Context
Cache-Control: public, max-age=10
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:

GET
H/1.1 200
OK dMOFRtWCQkCiIrGVS0TCFw2 Show response
actions.everyaction.com/v1/Forms/ 12 KB
6 KB 169ms
132ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://actions.everyaction.com/v1/Forms/dMOFRtWCQkCiIrGVS0TCFw2

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

bdafc3c34e2a25a4d2a978594c660949dfc6d0e7833b3750b4427d1f72ba101f

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ewg.org/skindeep/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
X-Iinfo: 2-43126072-43124657 2NNN RT(1637837895162 9) q(0 0 0 2) r(1 1)
Content-Length: 4232
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
X-Frame-Options: SAMEORIGIN
Date: Thu, 25 Nov 2021 10:58:15 GMT
Vary: Origin,Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.ewg.org
Access-Control-Expose-Headers: Request-Context
Cache-Control: public, max-age=10
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 46ms
14ms Script
text/javascript 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/skindeep/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1117
date: Thu, 25 Nov 2021 10:39:38 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Thu, 25 Nov 2021 12:39:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 7028
date: Thu, 25 Nov 2021 09:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 25 Nov 2021 11:01:07 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 50ms
27ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14378
x-xss-protection: 0
server: cafe
etag: 684346926396516684
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:58:15 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 58ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9223e6eb171099c0a8d26458e61a9219ebacc0107853337cac5a69dd821d819b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
content-encoding: gzip
last-modified: Sat, 13 Nov 2021 03:55:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D24CC947B74E4879864465717AE525C0 Ref B: FRAEDGE1419 Ref C: 2021-11-25T10:58:15Z
etag: "80dc6f5342d8d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10451

GET
H/1.1 200
OK at.js Show response
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 827 KB
234 KB 47ms
18ms Script
application/javascript 143.204.101.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-152.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 455c34b8cc706de7bca628c9ec199c132fe0639e72fcc3bdf65d102bc0262420

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 15:32:34 GMT
Content-Encoding: gzip
Age: 69941
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 239005
Access-Control-Allow-Origin: *
Last-Modified: Tue, 23 Nov 2021 15:32:19 GMT
Server: AmazonS3
ETag: "ca5051011a7e1a821a081e50c7740a2d"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
Cache-Control: max-age=900, s-maxage=86400, public
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: AM9xkMeKqbUOXgWiKfzaTh4HBRabibk5U14PtlRQa7JPFOH6VuQLPw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/skindeep/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: fbIm/UC9JZbvTEi6tCIl7JH31ElMINEEJVlYDy4bldhFjKqQDCGhHTlWrqjXWubieLEiK5e7to8rb2J8IwntlQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 25 Nov 2021 10:58:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 22ms
7ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=57443
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 ddae71b0-53e4-4646-9859-d51edea50265 Show response
ekr.zdassets.com/compose/ 350 B
980 B 200ms
175ms XHR
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/ddae71b0-53e4-4646-9859-d51edea50265

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=ddae71b0-53e4-4646-9859-d51edea50265

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0d66d060c0cfe08754ff524315a23eac7d6a67847886f795d666677dabaf473

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
status: 200 OK
access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=0
x-request-id: 7ff7228a-b06d-4bde-a465-e01029ab997b
x-runtime: 0.002347
server: cloudflare
etag: W/"a0d66d060c0cfe08754ff524315a23ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qxJjlyblDWfcbyaJHCuF5V7QjQqYphm%2FbvVbSQjRcvsrKcO%2F6a53pKtNISHjxFIRho9v11emn4TEbFLT5%2BY4L%2FYgV1FP7RI%2BpZRF3AksneVyA0vHp12mcLLp4TPLLKK5490%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 6b3a5c5eedb46987-FRA

POST
H3 200 rum Show response
www.ewg.org/cdn-cgi/ 0
164 B 12ms
11ms XHR
text/plain 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewg.org/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.ewg.org/skindeep/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.ewg.org
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6b3a5c5ec8cd0625-FRA
vary: Origin

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-4e31767a3587c42e/ 254 B
371 B 55ms
52ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-4e31767a3587c42e/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 79e59f1ee98e5b26faef53643753293a6faf3c12b5529d43f0d45f9d0025e788

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
content-encoding: gzip
etag: 1586729406
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=16, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 199

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 91 B
251 B 172ms
171ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=619f6c479dd97108&bkl=0&bl=3&pdt=547&sid=619f6c479dd97108&pub=ra-4e31767a3587c42e&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.ewg.org&fp=skindeep%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=1&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1637837895499&jsl=33&uvs=619f6c478bc692f3000&skipb=1&callback=addthis.cbs.jsonp__0299351897259239050
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44030b1c37925f65f6bb14441f5d6959623f5e1322aa5030b83d420d492d8162

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 10:58:15 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 91
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame DDE5 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 071D 71 KB
26 KB 17ms
17ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Thu, 25 Nov 2021 10:58:15 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 7028
date: Thu, 25 Nov 2021 09:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 25 Nov 2021 11:01:07 GMT

GET
DATA 200
OK truncated
/ 784 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK dMOFRtWCQkCiIrGVS0TCFw2
actions.everyaction.com/v1/Track/ 0
939 B 425ms
425ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://actions.everyaction.com/v1/Track/dMOFRtWCQkCiIrGVS0TCFw2?formSessionId=35427228-11e0-4e92-bf64-79b1892e16f7

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Imperva
Date: Thu, 25 Nov 2021 10:58:15 GMT
X-Frame-Options: SAMEORIGIN
X-Iinfo: 3-66929184-66929227 NNNN CT(95 208 0) RT(1637837895162 246) q(0 0 3 1) r(4 4) U2
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: -1

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 31ms
15ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-296149-25&cid=792241750.1637837896&jid=1262636463&gjid=1414103481&_gid=1463659336.1637837896&_u=YGBAiEABBAAAAE~&z=636217973

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ewg.org/skindeep/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 25 Nov 2021 10:58:15 GMT
content-type: text/plain
access-control-allow-origin: https://www.ewg.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1140475255&t=timing&_s=1&dl=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&ul=en-us&de=UTF-8&dt=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Downloading&utl=v1&utt=183&_u=YGDACEABBAAAAG~&jid=346861851&gjid=238335309&cid=792241750.1637837896&tid=UA-28243511-22&_gid=1463659336.1637837896&_r=1&gtm=2wgba15L2FSL&z=825427868

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ewg.org/skindeep/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 10:58:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ewg.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 21ms
15ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-28243511-23&cid=792241750.1637837896&jid=1572460152&gjid=524903263&_gid=1463659336.1637837896&_u=YGDAiEABBAAAAG~&z=731438034

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ewg.org/skindeep/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 25 Nov 2021 10:58:15 GMT
content-type: text/plain
access-control-allow-origin: https://www.ewg.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 11:41:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83809
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 11:41:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83809
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
6ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1140475255&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&ul=en-us&de=UTF-8&dt=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiEABBAAAAG~&jid=1572460152&gjid=524903263&cid=792241750.1637837896&tid=UA-28243511-23&_gid=1463659336.1637837896&gtm=2wgba15L2FSL&cd4=1019241&cd2=ngpvan%3A%2F%2Fvan%2FEWG%2FEWG%2F1%2F71381&cd3=4532323&cd5=2020%20-%20%20Skin%20Deep%20Footer%20Embed%20PDF%20-%20Sign%20Up&cd6=dMOFRtWCQkCiIrGVS0TCFw2&z=129494534

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 11:41:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83809
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
6ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1140475255&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&ul=en-us&de=UTF-8&dt=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=SignupForm&ea=Form%20Load&el=Minimal&ev=4&_u=YGDAiEABBAAAAG~&jid=&gjid=&cid=792241750.1637837896&tid=UA-28243511-23&_gid=1463659336.1637837896&gtm=2wgba15L2FSL&cd4=1019241&cd2=ngpvan%3A%2F%2Fvan%2FEWG%2FEWG%2F1%2F71381&cd3=4532323&cd5=2020%20-%20%20Skin%20Deep%20Footer%20Embed%20PDF%20-%20Sign%20Up&cd6=dMOFRtWCQkCiIrGVS0TCFw2&z=75728198

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 11:41:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83809
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 11:41:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83809
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1140475255&t=timing&_s=1&dl=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&ul=en-us&de=UTF-8&dt=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Processing&utl=v1&utt=6&_u=YGDACEABBAAAAG~&jid=&gjid=&cid=792241750.1637837896&tid=UA-28243511-22&_gid=1463659336.1637837896&gtm=2wgba15L2FSL&z=1451790933

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 11:41:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83809
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 11:41:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83809
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
7ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 11:41:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83809
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 11:41:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83809
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 11:41:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83809
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 431673573640385 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 17ms
9ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/431673573640385?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4200e26c2ff2fc480078c8952ca44d0d2dcd2dec4d4902330a938518b4febefb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88923
x-xss-protection: 0
pragma: public
x-fb-debug: 3WxiqyB7dhXcplh1QnsVYBLHnytcMYZOtHT8Ed/4rxAQwUy2+NJKOLnItEHZan2S0dl/inzkOd4kNfA2/IRwrg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 25 Nov 2021 10:58:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 __utm.gif
stats.g.doubleclick.net/r/ 35 B
55 B 15ms
15ms Image
image/gif 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1264094603&utmhn=www.ewg.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&utmhid=1140475255&utmr=-&utmp=%2Fskindeep%2F&utmht=1637837895653&utmac=UA-296149-9&utmcc=__utma%3D232508224.792241750.1637837896.1637837896.1637837896.1%3B%2B__utmz%3D232508224.1637837896.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=129731143&utmredir=3&utmmt=1&utmu=qBAgAAAAAAAAAAAAAAABAAAE~

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 25 Nov 2021 10:58:15 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 __utm.gif
stats.g.doubleclick.net/r/ 35 B
55 B 15ms
15ms Image
image/gif 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=2&utmn=1618779840&utmhn=www.ewg.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&utmhid=1140475255&utmr=-&utmp=%2Fskindeep%2F&utmht=1637837895657&utmac=UA-296149-22&utmcc=__utma%3D232508224.792241750.1637837896.1637837896.1637837896.1%3B%2B__utmz%3D232508224.1637837896.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1266597391&utmredir=3&utmmt=1&utmu=qBAgAAAAAAAAAAAAAAABAAAE~

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 25 Nov 2021 10:58:15 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/1071783566/ 2 KB
1 KB 34ms
18ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1071783566/?random=1637837895660&cv=9&fst=1637837895660&num=1&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&tiba=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&auid=1175026193.1637837895&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

c7cbdcbb33ba171d2751700bbfc6cd962e03b772bd3cd3106115ede64345c4db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 10:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1218
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
1071783566.privacysandbox.googleadservices.com/pagead/privacysandbox/conversion/1071783566/ 0
0 51ms
16ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1071783566.privacysandbox.googleadservices.com/pagead/privacysandbox/conversion/1071783566/?random=1637837895660&cv=9&fst=1637837895660&num=1&fmt=3&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&tiba=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&auid=1175026193.1637837895&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108002/ 2 KB
2 KB 43ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108002/?random=1637837895667&cv=9&fst=1637837895667&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&tiba=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8c0f9fb2d344b392587abf4c133ce72682cd9f1865c712e038ce79f984ff090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 10:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1014
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 EWG_SD_Side-NewCosemticsAds_C03-e3d9ab8caeed3d32cb1922431cc0c9904d2c8d7852b2f60cf3b996681d76c9d3.jpg
phorcys-static.ewg.org/skindeep_rails/ 8 KB
8 KB 38ms
37ms Image
image/webp 2606:4700:10::6816:174b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phorcys-static.ewg.org/skindeep_rails/EWG_SD_Side-NewCosemticsAds_C03-e3d9ab8caeed3d32cb1922431cc0c9904d2c8d7852b2f60cf3b996681d76c9d3.jpg
Requested by: Host: phorcys-static.ewg.org
URL: https://phorcys-static.ewg.org/skindeep_rails/application-8e0f5cbc6e6115c089736591dab058d021d1748f3d08efb7dc5b757c8264bf4c.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:174b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9b3016f30c8dd098efc8d3dfa22391d10a3ac909549817d7951cb555aa6f001

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://phorcys-static.ewg.org/skindeep_rails/application-8e0f5cbc6e6115c089736591dab058d021d1748f3d08efb7dc5b757c8264bf4c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
cf-cache-status: HIT
age: 592729
cf-polished: qual=85, origFmt=jpeg, origSize=28542
content-disposition: inline; filename="EWG_SD_Side-NewCosemticsAds_C03-e3d9ab8caeed3d32cb1922431cc0c9904d2c8d7852b2f60cf3b996681d76c9d3.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: QTMWXE0XT1X92XBE
x-amz-id-2: DkXTN0auO3QI2Y/bx2QdaEQCO6sxNjutLJT19CS286JMtljq1MR7uODTNrOdCsUDGUDB5VlDsyc=
accept-ranges: bytes
last-modified: Fri, 25 Oct 2019 20:22:07 GMT
server: cloudflare
etag: "5763379d234cb0baaf9792278acd2fbb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31557600
content-length: 7926
cf-ray: 6b3a5c602b6c0625-FRA
expires: Sun, 25 Oct 2020 02:22:06 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1140475255&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&ul=en-us&de=UTF-8&dt=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=232508224.792241750.1637837896.1637837896.1637837896.1&_utmz=232508224.1637837896.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1637837895678&_u=aGDCiEABBAAAAG~&jid=&gjid=&cid=792241750.1637837896&tid=UA-28243511-23&_gid=1463659336.1637837896&gtm=2wgba15L2FSL&cd4=1008999&cd2=ngpvan%3A%2F%2Fvan%2FEWG%2FEWG%2F1%2F71381&cd3=4532323&cd5=2019%20-%20%20New%20Skin%20Deep%20HP%20Side%20Bar%20Embed%20PDF%20-%20Sign%20Up&cd6=gMjcaaeQ-0e6o3ILAo_yrw2&z=32331606

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 11:41:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83809
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1140475255&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&ul=en-us&de=UTF-8&dt=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=SignupForm&ea=Form%20Load&el=Minimal&ev=4&_utma=232508224.792241750.1637837896.1637837896.1637837896.1&_utmz=232508224.1637837896.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1637837895683&_u=aGDCiEABBAAAAG~&jid=&gjid=&cid=792241750.1637837896&tid=UA-28243511-23&_gid=1463659336.1637837896&gtm=2wgba15L2FSL&cd4=1008999&cd2=ngpvan%3A%2F%2Fvan%2FEWG%2FEWG%2F1%2F71381&cd3=4532323&cd5=2019%20-%20%20New%20Skin%20Deep%20HP%20Side%20Bar%20Embed%20PDF%20-%20Sign%20Up&cd6=gMjcaaeQ-0e6o3ILAo_yrw2&z=642707674

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 11:41:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83809
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1140475255&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&ul=en-us&de=UTF-8&dt=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=SignupForm&ea=Form%20Load&el=Minimal&ev=4&_utma=232508224.792241750.1637837896.1637837896.1637837896.1&_utmz=232508224.1637837896.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1637837895686&_u=aGDCiEABBAAAAG~&jid=&gjid=&cid=792241750.1637837896&tid=UA-296149-25&_gid=1463659336.1637837896&gtm=2wgba1PPNMZJ&z=1759154427

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 11:41:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83809
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1140475255&t=timing&_s=1&dl=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&ul=en-us&de=UTF-8&dt=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Processing&utl=v1&utt=12&_utma=232508224.792241750.1637837896.1637837896.1637837896.1&_utmz=232508224.1637837896.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1637837895690&_u=aGDCCEABBAAAAG~&jid=&gjid=&cid=792241750.1637837896&tid=UA-28243511-22&_gid=1463659336.1637837896&gtm=2wgba15L2FSL&z=564084842

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 11:41:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83809
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK gMjcaaeQ-0e6o3ILAo_yrw2
actions.everyaction.com/v1/Track/ 0
939 B 412ms
411ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://actions.everyaction.com/v1/Track/gMjcaaeQ-0e6o3ILAo_yrw2?formSessionId=c4e27e32-9b40-44e4-b369-9a1b3cf1298b

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Imperva
Date: Thu, 25 Nov 2021 10:58:16 GMT
X-Frame-Options: SAMEORIGIN
X-Iinfo: 2-43126072-43126122 NNNN CT(95 197 0) RT(1637837895162 373) q(0 0 3 0) r(4 4) U2
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1140475255&t=timing&_s=1&dl=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&ul=en-us&de=UTF-8&dt=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Render&utl=v1&utt=21&_utma=232508224.792241750.1637837896.1637837896.1637837896.1&_utmz=232508224.1637837896.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1637837895717&_u=aGDCCEABBAAAAG~&jid=&gjid=&cid=792241750.1637837896&tid=UA-28243511-22&_gid=1463659336.1637837896&gtm=2wgba15L2FSL&z=1790632481

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 11:41:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83809
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1140475255&t=timing&_s=1&dl=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&ul=en-us&de=UTF-8&dt=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Fill&utl=v1&utt=1&_utma=232508224.792241750.1637837896.1637837896.1637837896.1&_utmz=232508224.1637837896.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1637837895722&_u=aGDCCEABBAAAAG~&jid=&gjid=&cid=792241750.1637837896&tid=UA-28243511-22&_gid=1463659336.1637837896&gtm=2wgba15L2FSL&z=1715506570

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 11:41:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83809
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 17156808.js Show response
bat.bing.com/p/action/ 0
93 B 271ms
271ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/17156808.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Nov 2021 10:58:15 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 212CB8C9AAE8404FB6804BCC0045ECA8 Ref B: FRAEDGE1419 Ref C: 2021-11-25T10:58:15Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
150 B 32ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=17156808&tm=gtm002&Ver=2&mid=dabc0f28-a451-4e28-b34a-43f808209c3d&sid=974158e04dde11eca4586f0b4558bf18&vid=974183c04dde11ec9edf31140afd37b0&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&p=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&r=&lt=671&evt=pageLoad&msclkid=N&sv=1&rn=520443
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 10:58:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7043B884DF2E4701842FD25A459FD3DE Ref B: FRAEDGE1419 Ref C: 2021-11-25T10:58:15Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nvtag Show response
profile.ngpvan.com/v2/data/dM_PgdOTcWrjUAE$fDzwBof$/ 2 B
961 B 417ms
403ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://profile.ngpvan.com/v2/data/dM_PgdOTcWrjUAE$fDzwBof$/nvtag
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ewg.org/skindeep/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: Express, ASP.NET
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ewg.org
x-iinfo: 0-13889324-13889326 NNNN CT(-1 -1 2) RT(1637837895620 0) q(0 0 3 -1) r(4 4) U5
access-control-allow-credentials: true
content-length: 123
x-cdn: Imperva
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H3

200

/
www.google.de/pagead/1p-conversion/1071783566/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071783566/?random=1450458224&cv=9&fst=1637837895660&num=1&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
https://www.google.com/pagead/1p-conversion/1071783566/?random=1450458224&cv=9&fst=1637837895660&num=1&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
https://www.google.de/pagead/1p-conversion/1071783566/?random=1450458224&cv=9&fst=1637837895660&num=1&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...

42 B
64 B

45ms
30ms

Image
image/gif

2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1071783566/?random=1450458224&cv=9&fst=1637837895660&num=1&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&tiba=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&auid=1175026193.1637837895&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=R2yfYdv8Kc_Bx_AP5_qKoAc&cid=CAQSKQCNIrLMvavsA3uT_HboFlOkGH9_gONN3QO2PYSfeZlUlylysncm6Utq&eitems=ChAIgIX9jAYQjKiyzIeJt5JBEh0AByrlGRZviMVtX2JavyqdXKymoy9r3bgS6QZDAg&random=4069985766&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Protocol

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 10:58:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Nov 2021 10:58:15 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1071783566/?random=1450458224&cv=9&fst=1637837895660&num=1&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&tiba=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&auid=1175026193.1637837895&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=R2yfYdv8Kc_Bx_AP5_qKoAc&cid=CAQSKQCNIrLMvavsA3uT_HboFlOkGH9_gONN3QO2PYSfeZlUlylysncm6Utq&eitems=ChAIgIX9jAYQjKiyzIeJt5JBEh0AByrlGRZviMVtX2JavyqdXKymoy9r3bgS6QZDAg&random=4069985766&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/698108002/ 42 B
548 B 62ms
21ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698108002/?random=1637837895667&cv=9&fst=1637834400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&tiba=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&async=1&fmt=3&is_vtc=1&random=1380348394&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 10:58:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/698108002/ 42 B
548 B 41ms
20ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/698108002/?random=1637837895667&cv=9&fst=1637834400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&tiba=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&async=1&fmt=3&is_vtc=1&random=1380348394&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 10:58:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 367774270429261 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/367774270429261?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

32a6ce39081ad9817b415e8fa129a5e51b50c93c2cae1d19027fb7bd90f4f86f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88941
x-xss-protection: 0
pragma: public
x-fb-debug: D7CmFTLg/DdsblifGHuI9hRJc6Z98wUoWgpg7CtdGozhppFSaOyZJDaO4J8Xfrn2C1lFwZxx1v97KxAWVmFsGg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 25 Nov 2021 10:58:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 22ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=431673573640385&ev=PageView&dl=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&rl=&if=false&ts=1637837895822&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637837895820.1720873741&it=1637837895645&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 25 Nov 2021 10:58:15 GMT

GET
H2 200 web-widget-framework-54fcf98b94cda999a694.js Show response
static.zdassets.com/web_widget/latest/ Frame AC2B 240 KB
80 KB 26ms
25ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-54fcf98b94cda999a694.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=ddae71b0-53e4-4646-9859-d51edea50265

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da3e0c3df1cd1caa36a34a9889b0a5701edb885034b9fe20757e0f83576dbcfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 647971
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 51R32KG0E4ZKE926
x-amz-id-2: b9yHdwow0FIMl089+4izjQk2xXTP8QUl+a6IT9N38wibfOQR5TESsBR35UIjGQ7Lx7iA7siYfjQ=
last-modified: Wed, 17 Nov 2021 04:39:20 GMT
server: cloudflare
etag: W/"9ab6da814c3791198f47c2df925b428f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7b4XFIAbrrlx9sejt0y8LLcHt%2FqsKTIPULeMcqSaOAMiwBKZVnfZG11W2e6JUgUlbtve7KN7%2F4z0zGAXa53i2POFQ098cd2GPxBq7vZx4mO6I87Zyklqm8cS5TbCVHuJDqsrFhM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 8mwUb3apHP6XuHVEsgdtjBCS2g.F6clO
cf-ray: 6b3a5c60fac8690a-FRA
expires: Thu, 17 Nov 2022 04:39:18 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 15ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=367774270429261&ev=PageView&dl=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&rl=&if=false&ts=1637837895850&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637837895820.1720873741&it=1637837895645&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 25 Nov 2021 10:58:15 GMT

GET
H2 200 config Show response
ewg.zendesk.com/embeddable/ Frame AC2B 456 B
1 KB 245ms
216ms XHR
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ewg.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-54fcf98b94cda999a694.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b100f63cad2d166efe4e89abe1277243689be58d3d45b99335f0f7abaa3cac17

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-74894d8967-lpzvv
access-control-allow-methods: GET
vary: Origin, Accept-Encoding
x-cached: MISS
x-request-id: 6b3a5c618ae47033-IAD
x-runtime: 0.001327
last-modified: Thu, 25 Nov 2021 10:51:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSXB%2B%2FWqH4R3qV4YfLH6jtLeKepvoA%2BYMIKaEl8aK3s1B72zuxhZEoO3SB99DlC5FKtQJeFmW6p72hLdR5%2FhkFJd3VLQjA5NeXkMnHFwzr%2BzemEexCxhJfdKBq6vGJVPOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 6b3a5c618ae47033-FRA

GET
H2 200 lightbox_inline.js Show response
www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/ 2 KB
1 KB 50ms
21ms Script
application/javascript 2606:4700::6810:50a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/lightbox_inline.js?mb=1637837895926
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f793d0ef8e7b2b0a2f5271e63c4be9cfaefcf746af1b849d353bf75e420d20d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Nov 2021 10:58:15 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: o+td2hMqqGlNUrKlAG8B3A==
age: 93
cf-polished: origSize=2379
x-ms-lease-status: unlocked
last-modified: Mon, 22 Nov 2021 16:04:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 9e8ede6a-301e-0067-05bb-dfab97000000
x-ms-version: 2009-09-19
cf-ray: 6b3a5c61ba966943-FRA
cf-bgj: minify

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/ Frame 81ED 326 B
310 B 16ms
16ms Script
application/javascript 2606:4700::6810:50a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/lightbox.js?mb=1637837895979&lv=1
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 812936b3d7a3af49e78c1111a45d21379821c27225b8ee5820a83092be94c0f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 25 Nov 2021 10:51:29 GMT
server: cloudflare
age: 406
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 6b3a5c61eb076943-FRA
cf-bgj: minify

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/ Frame 81ED 948 KB
149 KB 30ms
30ms Script
application/javascript 2606:4700::6810:50a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/user.js?cb=637731938997113573
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/lightbox.js?mb=1637837895979&lv=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160dbc6467e73b264fe00560cc5a5764ae72cd54c894589d33deb1b017ed9e2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Nov 2021 10:58:16 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: StzrgPEcy7uppFhxGRPDHQ==
age: 240584
cf-polished: origSize=1542191
last-modified: Mon, 22 Nov 2021 16:05:00 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 2b3f86a3-801e-003a-80bb-df5b93000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 6b3a5c620b4f6943-FRA
expires: Fri, 25 Nov 2022 10:58:16 GMT

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 4 KB
1 KB 16ms
16ms Stylesheet
text/css 2606:4700::6810:50a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637731938997113573
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/user.js?cb=637731938997113573
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Nov 2021 10:58:16 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: q4B4xYJoZwx9ikt94o1nCA==
age: 240580
cf-polished: origSize=6016
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: 169dcf7c-901e-0007-7ebb-dfeeb5000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 6b3a5c628c866943-FRA
expires: Fri, 25 Nov 2022 10:58:16 GMT

GET
H/1.1 200
OK z Show response
lightboxapi.azurewebsites.net/z9gd/42018/www.ewg.org/jsonp/ 454 B
738 B 577ms
127ms Script
application/javascript 20.40.202.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://lightboxapi.azurewebsites.net/z9gd/42018/www.ewg.org/jsonp/z?cb=1637837896093&callback=jQuery17106858681495987156_1637837896077&_=1637837896094
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/user.js?cb=637731938997113573
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7f62e12c918129f61cbf83f74eff6e57e1544b162346be3853b943859f0a3251

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 10:58:16 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
260 B 15ms
15ms Image
image/gif 2606:4700::6810:50a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1637837896084&h=www.ewg.org&e=p&u=42018
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Nov 2021 10:58:16 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 1499869
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
content-length: 35
x-ms-lease-status: unlocked
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: af63abe9-a01e-0081-2a45-a8f796000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b3a5c629cb06943-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 web-widget-67799-2adf134350609e966f7b.js Show response
static.zdassets.com/web_widget/latest/ Frame AC2B 354 KB
109 KB 26ms
26ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-67799-2adf134350609e966f7b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-54fcf98b94cda999a694.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5dd23b2673ae42ed5b5ba1bbad427b0588a65075f75e31852560867fba322fbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 138
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 7MMSS4TV3AXFW46F
x-amz-id-2: KyzOjte0DA8gQic+0hvXjNpUCwYR1200vIG/TsN/e2lNeF3F9hQEIu5g1NILSV62OOI+geVIeX4=
last-modified: Mon, 15 Nov 2021 06:33:55 GMT
server: cloudflare
etag: W/"6bf4b1745ee2e4dbb9bfafb394d0d563"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38wrKeb%2F%2F1dzjXqeguyoTj%2Fhz2ASq3a6ok1bTvyaGYJCpKJlTtjzXk%2Ba3yrVyoCeFjYxxW6oB3OAAJd82u19RmMCC00JgCB90HQ0bNN9WbviH5ZowmriHyMIqh%2FuaP5BA3%2Fbnxs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: yVlUGSIWc8ZcDh3TZsHOx69P6xVarFTc
cf-ray: 6b3a5c62eff9690a-FRA
expires: Tue, 15 Nov 2022 06:33:54 GMT

GET
H2 200 web-widget-30479-86fc8c4050324462398a.js Show response
static.zdassets.com/web_widget/latest/ Frame AC2B 85 KB
23 KB 31ms
31ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-30479-86fc8c4050324462398a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-54fcf98b94cda999a694.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0dc631929b37c52e5c8c6756aec7e13ba291b28ef8673fede20ba821c4b4b18

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 823285
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 7MMPMVZWAXW3VFWZ
x-amz-id-2: R6IzhfyzFm+MCkaTu+vYvTViqiM1Y6ngzYNPInn8sbDZbEa8WCtQqR8inkF3B4Q7aEy61Ra64Ls=
last-modified: Mon, 15 Nov 2021 06:33:55 GMT
server: cloudflare
etag: W/"5f57433092f84eafe5fad167b6fe11de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IyMXnvRj6QcJKAnv2vuEGMPET3IZotEmjbjUkuLznY7MvdTUc2L1X1wUcVOn9uLg9xs0d8Okl94hE%2B%2BG3FuZkgU3YO40qgs%2B%2Fh9aBwtGeTA9huHW8dUoR%2FKXUT5UzgA96DR%2BiNE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 7_4378C6vSN9usRNFWJIUzkiaphTq2lP
cf-ray: 6b3a5c62effd690a-FRA
expires: Tue, 15 Nov 2022 06:33:54 GMT

GET
H2 200 web_widget-b209f17f34d9e75cd881.js Show response
static.zdassets.com/web_widget/latest/web-widget-lazy/ Frame AC2B 462 KB
102 KB 23ms
23ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-lazy/web_widget-b209f17f34d9e75cd881.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-54fcf98b94cda999a694.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8db01f3983f59335439f0d1880946e8ce5a9e792859c5f2d2f56f6b32755de7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 528
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: BW6MHJE6V34901N8
x-amz-id-2: Gx2hQ8maUoZn+MRprU4TwjjgfFrRHxDql/hG36s6/sbW+GJvoEXIOukpn4ShZU4VzBMFXwq6mcA=
last-modified: Wed, 17 Nov 2021 04:36:02 GMT
server: cloudflare
etag: W/"c3d44f52a42fa69feaeec5d21b5344d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WrRQu8O3vvKGdlvIxRzag6CW3gaXC7CA1A0mA%2FBlKO0PFEgg0b34bx6AF1a6%2BKkjRjRu8xQG3pCfhB2Alz3pbXOBEbKT%2FL%2BoPK6qW5PPa5e2zTyA4B%2BvJkuOcegW6pboOXGyrGM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: QXWLEYcuaTp.hGS1iR1hvONscz95K9mW
cf-ray: 6b3a5c62e800690a-FRA
expires: Thu, 17 Nov 2022 04:36:01 GMT

GET
H2 200 embeddable_blip Show response
ewg.zendesk.com/ Frame AC2B 0
364 B 117ms
117ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ewg.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTYuMC40NjY0LjQ1IFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2V9LCJhY3Rpb24iOiJsb2NhbGVNaXNtYXRjaCIsImNhdGVnb3J5IjoibG9jYWxlIn0sImJ1aWQiOiJmMTk5ZjE0ZWNjYzdjN2QzNzhlODBhYmZjMDQ0OThjZiIsInN1aWQiOiJkMjhjNGRiMjg3ZDJmZWI3MTQ0MjYyZDMyZGUzOTc5MSIsInZlcnNpb24iOiI3MDcyNGE4IiwidGltZXN0YW1wIjoiMjAyMS0xMS0yNVQxMDo1ODoxNi4yNDVaIiwidXJsIjoiaHR0cHM6Ly93d3cuZXdnLm9yZy9za2luZGVlcC8ifQ%3D%3D

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-54fcf98b94cda999a694.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:16 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 25 Nov 2021 10:58:16 GMT
server: cloudflare
x-zendesk-zorg: yes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mj9alSrtm808wI%2FvvGmrHmiTjof2wot1X5o5FUHBCIRrOQS4xaArIIgzm3fTx%2B9yoYYJH11N%2FWbJA1ggjFtA%2FgVZeABcPLvu0WNU3ygCPYizTCkUy%2BBrdtDGvFuf%2FVLonw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.ewg.org
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b3a5c638fa17033-FRA
vary: Accept-Encoding
content-length: 0
x-request-id: 95364e232773c96152b8a5f52ffc6800

GET
H2 200 embeddable_blip Show response
ewg.zendesk.com/ Frame AC2B 0
282 B 415ms
415ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ewg.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiY2hhdCI6eyJ0YWdzIjpbInNraW5kZWVwIl19LCJjb2xvciI6eyJ0aGVtZSI6IiM4ZTU5YTQifSwiY29udGFjdEZvcm0iOnsiYXR0YWNobWVudHMiOmZhbHNlfSwiekluZGV4IjoxMDAwMjAwOX19LCJidWlkIjoiZjE5OWYxNGVjY2M3YzdkMzc4ZTgwYWJmYzA0NDk4Y2YiLCJzdWlkIjoiZDI4YzRkYjI4N2QyZmViNzE0NDI2MmQzMmRlMzk3OTEiLCJ2ZXJzaW9uIjoiNzA3MjRhOCIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMjVUMTA6NTg6MTYuMjU0WiIsInVybCI6Imh0dHBzOi8vd3d3LmV3Zy5vcmcvc2tpbmRlZXAvIn0%3D

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-54fcf98b94cda999a694.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:16 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 25 Nov 2021 10:58:16 GMT
server: cloudflare
x-zendesk-zorg: yes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5zOw9ExMAYwsUI%2Ba0VLubqE4hjt70J5qo4kuxFfwyJLDcJp3bqg5ZeDOwPnTmgc9yu%2BUZRwmU%2FNDi4zBYkjC9eET%2BtMXTteHsrdnGldLmMu0VVjtay0FgTHZ90o99S1bg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.ewg.org
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b3a5c639fbd7033-FRA
vary: Accept-Encoding
content-length: 0
x-request-id: 887377f9ff37bf362065af93d7d28b1e

GET
H2 200 de-de-json-0e7b9ae3b696a34b6d22.js Show response
static.zdassets.com/web_widget/latest/web-widget-locales/classic/ Frame AC2B 28 KB
7 KB 28ms
28ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-locales/classic/de-de-json-0e7b9ae3b696a34b6d22.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-54fcf98b94cda999a694.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

718e063364ba1c53900110e423987619a8227e1c877c360913658aa88c451c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1845800
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 3TRDR0P6WNWBEPYH
x-amz-id-2: iJsqr8nQkqn7pABNTa6yutDePeG38EWrGJLwokBJeVpjBfBxnou3D/N6r6F272FCUKbHBRPHBlE=
last-modified: Wed, 03 Nov 2021 23:47:17 GMT
server: cloudflare
etag: W/"8fc7b388e5d1886d801f856533dc1ecd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OuqsZFS3W3H7BWsUu%2FqVQaNDZZFurLVcMoxO%2FVdtZnHpiegHNmmCm3uZOy0dsMJso0HZVSJzBnI4q%2Bo%2F9EpMvQRKtno%2FR1%2BgeCbLd6i3eVdNYziVNaqIKOmRwDRncfBkCpW7S%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 6RmU.xLcJA.EQghxyd1xkwY2BBWkSgbD
cf-ray: 6b3a5c6399a2690a-FRA
expires: Thu, 03 Nov 2022 23:47:15 GMT

GET
H/1.1 204
No Content dM_PgdOTcWrjUAE$fDzwBof$ Show response
secure.everyaction.com/Databag/Profile/ 0
1 KB 432ms
403ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/Databag/Profile/dM_PgdOTcWrjUAE$fDzwBof$

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.ewg.org/skindeep/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Imperva
Date: Thu, 25 Nov 2021 10:58:16 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: https://www.ewg.org
X-Iinfo: 3-66929319-66929324 NNNN CT(96 195 0) RT(1637837896104 10) q(0 0 3 1) r(4 4) U11
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 204 dM_PgdOTcWrjUAE$fDzwBof$ Show response
secure.ngpvan.com/Databag/Profile/ 0
909 B 434ms
407ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/Databag/Profile/dM_PgdOTcWrjUAE$fDzwBof$

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.ewg.org/skindeep/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cdn: Imperva
date: Thu, 25 Nov 2021 10:58:16 GMT
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://www.ewg.org
x-iinfo: 3-66929322-66929323 NNNN CT(97 197 0) RT(1637837896113 0) q(0 0 3 1) r(4 4) U11
access-control-expose-headers: Request-Context
cache-control: private
access-control-allow-credentials: true
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 200 embeddable_blip Show response
ewg.zendesk.com/ Frame AC2B 0
281 B 124ms
124ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ewg.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly93d3cuZXdnLm9yZy9za2luZGVlcC8iLCJ0aW1lIjo3MCwibG9hZFRpbWUiOjMyLjgwMDAwMTE0NDQwOTE4LCJuYXZpZ2F0b3JMYW5ndWFnZSI6ImVuLVVTIiwicGFnZVRpdGxlIjoiRVdHIFNraW4gRGVlcMKuIENvc21ldGljcyBEYXRhYmFzZSIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuNDUgU2FmYXJpLzUzNy4zNiIsImlzTW9iaWxlIjpmYWxzZSwiaXNSZXNwb25zaXZlIjp0cnVlLCJ2aWV3cG9ydE1ldGEiOiJ3aWR0aD1kZXZpY2Utd2lkdGgsIGluaXRpYWwtc2NhbGU9MS4wLCBtaW5pbXVtLXNjYWxlPTEuMCwgbWF4aW11bS1zY2FsZT0xLjAsIHVzZXItc2NhbGFibGU9bm8iLCJoZWxwQ2VudGVyRGVkdXAiOmZhbHNlfSwiYnVpZCI6ImYxOTlmMTRlY2NjN2M3ZDM3OGU4MGFiZmMwNDQ5OGNmIiwic3VpZCI6ImQyOGM0ZGIyODdkMmZlYjcxNDQyNjJkMzJkZTM5NzkxIiwidmVyc2lvbiI6IjcwNzI0YTgiLCJ0aW1lc3RhbXAiOiIyMDIxLTExLTI1VDEwOjU4OjE2LjMxNVoiLCJ1cmwiOiJodHRwczovL3d3dy5ld2cub3JnL3NraW5kZWVwLyJ9

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-54fcf98b94cda999a694.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:16 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 25 Nov 2021 10:58:16 GMT
server: cloudflare
x-zendesk-zorg: yes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ib3nOiZttTluyj3qHTUtjiKVvYYSfnKGqcLC5ve%2B0aFAfQXTFve2TV7Mu1AOz68eznT9KtBXC8HVQSHcrH4ZCnuiBQwKsdEmD2e%2Fu4if%2FrLdrCbQ1oRS5ViTlDSm%2B832qg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.ewg.org
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b3a5c63f8b77033-FRA
vary: Accept-Encoding
content-length: 0
x-request-id: 719464a7e77de711f18600f3e4dd639b

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=431673573640385&ev=Microdata&dl=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&rl=&if=false&ts=1637837896336&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database%22%2C%22meta%3Adescription%22%3A%22EWG%E2%80%99s%20Skin%20Deep%C2%AE%20database%20gives%20you%20practical%20solutions%20to%20protect%20yourself%20and%20your%20family%20from%20everyday%20exposures%20to%20chemicals%20in%20personal%20care%20products.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%22EWG%22%2C%22og%3Atitle%22%3A%22EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database%22%2C%22og%3Adescription%22%3A%22EWG%E2%80%99s%20Skin%20Deep%C2%AE%20database%20gives%20you%20practical%20solutions%20to%20protect%20yourself%20and%20your%20family%20from%20everyday%20exposures%20to%20chemicals%20in%20personal%20care%20products.%22%2C%22og%3Aurl%22%3A%22http%3A%2F%2Fwww.ewg.org%2Fskindeep%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fstatic.ewg.org%2Fskindeep%2Fimg%2FEWG_Social_Share_NewSkinDeep_C01.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1637837895820.1720873741&it=1637837895645&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 25 Nov 2021 10:58:16 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=367774270429261&ev=Microdata&dl=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&rl=&if=false&ts=1637837896351&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database%22%2C%22meta%3Adescription%22%3A%22EWG%E2%80%99s%20Skin%20Deep%C2%AE%20database%20gives%20you%20practical%20solutions%20to%20protect%20yourself%20and%20your%20family%20from%20everyday%20exposures%20to%20chemicals%20in%20personal%20care%20products.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%22EWG%22%2C%22og%3Atitle%22%3A%22EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database%22%2C%22og%3Adescription%22%3A%22EWG%E2%80%99s%20Skin%20Deep%C2%AE%20database%20gives%20you%20practical%20solutions%20to%20protect%20yourself%20and%20your%20family%20from%20everyday%20exposures%20to%20chemicals%20in%20personal%20care%20products.%22%2C%22og%3Aurl%22%3A%22http%3A%2F%2Fwww.ewg.org%2Fskindeep%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fstatic.ewg.org%2Fskindeep%2Fimg%2FEWG_Social_Share_NewSkinDeep_C01.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1637837895820.1720873741&it=1637837895645&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 25 Nov 2021 10:58:16 GMT

GET
H2 200 DoubleEmbed Show response
jsapi.lightboxcdn.com/custom8dfehgj6mpfz5h2/v1/customer/ 112 B
249 B 346ms
337ms Script
application/javascript 2606:4700::6810:50a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsapi.lightboxcdn.com/custom8dfehgj6mpfz5h2/v1/customer/DoubleEmbed?uid=42018&platform=d&format=jsonp&dom=www.ewg.org&href=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&top=&dev=Desktop&ip=136.243.198.81&cb=1637837896686&callback=jQuery17106858681495987156_1637837896078&_=1637837896686
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/user.js?cb=637731938997113573
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 41967cc90837facee62ba2d113a56c4b86a5e5058de7d969758a21b7a60dc8f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 25 Nov 2021 10:58:17 GMT
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=30
cf-ray: 6b3a5c665e156943-FRA
expires: Thu, 25 Nov 2021 10:58:47 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ewg.org/	1970-01-19 22:57:19	Name: __cf_bm Value: Th3AUFfoLIowgvHnuvrXhjtwBtdbGtxQ0KdspbmdfYU-1637837895-0-AYoMU08QkRjm540WKnfuyE8FhsZIY6qKd+N8O74p00x00x0iZz4oO+2KwtXYcE1Hk7ZXp0yk3FQn2v64OmU/wysF06sP5Mftptp1wlj71zL5dSyGBfsRsqqeCUZOZ3FCQg==
.ewg.org/	1970-01-20 01:06:53	Name: _gcl_au Value: 1.1.1175026193.1637837895
.bing.com/	1970-01-20 08:18:53	Name: MUID Value: 05682173693169412BB13189685A6882
www.ewg.org/	1970-01-20 08:26:05	Name: __atuvc Value: 1%7C47
www.ewg.org/	1970-01-19 22:57:19	Name: __atuvs Value: 619f6c478bc692f3000
.actions.everyaction.com/	1970-01-19 22:57:21	Name: x-ms-routing-name Value: self
.actions.everyaction.com/	1970-01-19 22:57:21	Name: TiPMix Value: 90.7207925295088
.everyaction.com/	1969-12-31 23:59:59	Name: nlbi_823975 Value: /mx2a+/TJxEhoN8WhUzDSQAAAAA47GMJtR6rpOLLA1BeWTMt
.ewg.org/	1970-01-20 16:28:29	Name: _ga Value: GA1.2.792241750.1637837896
.ewg.org/	1970-01-19 22:58:44	Name: _gid Value: GA1.2.1463659336.1637837896
.ewg.org/	1970-01-19 22:57:17	Name: _dc_gtm_UA-296149-25 Value: 1
.ewg.org/	1970-01-19 22:57:17	Name: _gat_UA-28243511-22 Value: 1
.ewg.org/	1970-01-19 22:57:17	Name: _dc_gtm_UA-28243511-23 Value: 1
.ewg.org/	1970-01-20 16:28:29	Name: __utma Value: 232508224.792241750.1637837896.1637837896.1637837896.1
.ewg.org/	1969-12-31 23:59:59	Name: __utmc Value: 232508224
.ewg.org/	1970-01-20 03:20:05	Name: __utmz Value: 232508224.1637837896.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.ewg.org/	1970-01-19 22:57:18	Name: __utmt Value: 1
.ewg.org/	1970-01-19 22:57:18	Name: __utmt_rollup Value: 1
.ewg.org/	1970-01-19 22:57:19	Name: __utmb Value: 232508224.2.10.1637837896
.profile.ngpvan.com/	1970-01-19 22:57:21	Name: TiPMix Value: 86.7835120236424
.profile.ngpvan.com/	1970-01-19 22:57:21	Name: x-ms-routing-name Value: self
profile.ngpvan.com/	1970-01-23 14:36:10	Name: ngpvanuser Value: dM_PgdOTcWrjUAE%24fDzwBof%24
.ewg.org/	1970-01-19 22:58:44	Name: _uetsid Value: 974158e04dde11eca4586f0b4558bf18
.ewg.org/	1970-01-20 08:18:53	Name: _uetvid Value: 974183c04dde11ec9edf31140afd37b0
.addthis.com/	1970-01-20 08:26:05	Name: uvc Value: 1%7C47
.ewg.org/	1970-01-20 01:06:53	Name: _fbp Value: fb.1.1637837895820.1720873741
.addthis.com/	1970-01-20 08:26:05	Name: loc Value: MDAwMDBFVURFSEUyMzAxMTg4MzAwMzAwMDBDSA==
.doubleclick.net/	1970-01-20 08:18:53	Name: IDE Value: AHWqTUmUjeVMfjPq02dPJ-2sEFNz_lufoLuR-eeq9teJkyoQd98GhCb50Q2TVARx
.secure.everyaction.com/	1970-01-19 22:57:21	Name: TiPMix Value: 29.1150423368043
.secure.everyaction.com/	1970-01-19 22:57:21	Name: x-ms-routing-name Value: self
.everyaction.com/	1970-01-23 14:36:10	Name: ProfileDatabagId Value: dM_PgdOTcWrjUAE$fDzwBof$
.secure.ngpvan.com/	1970-01-19 22:57:21	Name: TiPMix Value: 12.1222745217952
.secure.ngpvan.com/	1970-01-19 22:57:21	Name: x-ms-routing-name Value: self
.ngpvan.com/	1970-01-23 14:36:10	Name: ProfileDatabagId Value: dM_PgdOTcWrjUAE$fDzwBof$

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googleadservices.com/pagead/conversion_async.js(Line 22) Message: Unrecognized feature: 'conversion-measurement'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1071783566.privacysandbox.googleadservices.com
actions.everyaction.com
bat.bing.com
connect.facebook.net
cosmeticsdatabase.com
d1aqhv4sn5kxtx.cloudfront.net
d3rse9xjbp8270.cloudfront.net
ekr.zdassets.com
ewg.zendesk.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js2.verygoodvault.com
jsapi.lightboxcdn.com
lightboxapi.azurewebsites.net
m.addthis.com
phorcys-static.ewg.org
profile.ngpvan.com
s7.addthis.com
secure.everyaction.com
secure.ngpvan.com
static.cloudflareinsights.com
static.ewg.org
static.zdassets.com
stats.g.doubleclick.net
v1.addthisedge.com
www.ewg.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.lightboxcdn.com
z.moatads.com
s7.addthis.com
104.16.51.111
104.18.72.113
104.75.88.126
142.250.185.66
143.204.101.152
172.217.16.130
2.18.235.40
20.40.202.0
2600:9000:2156:6600:14:79be:a380:93a1
2600:9000:2156:800:12:303c:8700:21
2606:4700:10::6816:174b
2606:4700::6810:50a5
2606:4700::6810:5f41
2620:1ec:c11::200
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:811::2003
2a00:1450:4001:829::2003
2a00:1450:4001:830::2008
2a00:1450:4001:830::200e
2a00:1450:400c:c1b::9d
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.33.152.147
45.60.33.183
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
069bc33438b91d0069d9b0eeaea165c081bd2d3f2314fb1366786add13b4504b
0b2edf205504b3d3526228e755a6e6d8ded4d8f08b8356d60ecbe9c5d58d986c
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0be0a73502696f9582887c3269b2d6adb4a1fe505189b2f00a720ccd78a4c1db
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0d6a593ed349f8afe1533a957cc9d82cd7453bee687835b2700a606711de306c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
160dbc6467e73b264fe00560cc5a5764ae72cd54c894589d33deb1b017ed9e2b
16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7
18c7974cdab32e0e913639d2a48b6b5015677b61e6a6c92abbfaeae341b37799
1905d26a35fbd5d1cc0e4099c3cc78191b783da1b65e1fde5bd387f238b4ce94
19e009118ac3179c7cd9f83a2b1c9623f4eea2ccf8dfd3105c6c3fb615ac072c
1a46db86d408da6ade237e945d2a6e0f635d1d18622fd04d9228a9ab2049c90a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9
2eb969816b021169af5e58f6e90175ea3619d63c707d92afd22ddc16d15527cc
32a6ce39081ad9817b415e8fa129a5e51b50c93c2cae1d19027fb7bd90f4f86f
39a6a9acc6dccd9eab9812530e650335de2830b5ffc760f7ae96f1016da8580d
3a423e5bcbb48385ea314973ba5784c19caf680f2c339cfc3b93ea698b4128ac
41967cc90837facee62ba2d113a56c4b86a5e5058de7d969758a21b7a60dc8f1
4200e26c2ff2fc480078c8952ca44d0d2dcd2dec4d4902330a938518b4febefb
44030b1c37925f65f6bb14441f5d6959623f5e1322aa5030b83d420d492d8162
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
455c34b8cc706de7bca628c9ec199c132fe0639e72fcc3bdf65d102bc0262420
46954197136ba6c46bc950e1bdc5f339be1718a510cb5b9508cb3a965d2a5d4f
49a020f82b17a6a6542563ac67191ea3a75defc3d45336309b0d2c20b885a372
4bb7b510fdc83ec64e533c3840348193fda7e2ea08c205b27b46bbfe8092bdbb
5bf0a170ae91f1bb8d0c94381a74ab8b85f938bf31bf18a9c8e3b835250d3be6
5dd23b2673ae42ed5b5ba1bbad427b0588a65075f75e31852560867fba322fbd
5f793d0ef8e7b2b0a2f5271e63c4be9cfaefcf746af1b849d353bf75e420d20d
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dd7605b43e128f4a23bd876295fdd57b739a73453dd9e87c07189283a470dfe
718e063364ba1c53900110e423987619a8227e1c877c360913658aa88c451c4d
79e59f1ee98e5b26faef53643753293a6faf3c12b5529d43f0d45f9d0025e788
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7c64c5e393304161a61095476132739dcd9543504f5c57767fc325ff10eb3f06
7f62e12c918129f61cbf83f74eff6e57e1544b162346be3853b943859f0a3251
812936b3d7a3af49e78c1111a45d21379821c27225b8ee5820a83092be94c0f4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
91885bbd6130590bdf6d2d9df816bc6d034d1e4c593e3e5aba96fe44c261dc97
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
9223e6eb171099c0a8d26458e61a9219ebacc0107853337cac5a69dd821d819b
933bb4527575f8840282dd8f20e7f8d4eaa2ef1bc682ac9dd79d96cd81537ff9
93e57b35638c58f456274e849ab3cd78c8d767d008c5292cfbe104195e490f95
9469eff73ae5811f36972e1bebd2c124ceb5789751dc82d116309b51745edd40
967d1593d85f590d30ae1d96e2555fe0abe98a6088ac82f34b6f4bd9fc0507b1
9caaa568a5b47fc914aa25d45b9a88d39ff8275806154ce34db7d57b7ab4dd6c
a0d66d060c0cfe08754ff524315a23eac7d6a67847886f795d666677dabaf473
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a64e2327313e6ebd5bbacf97644219f49cdeeb357b2340f9a9c9337c682e211a
a9863eca6e490b3ede1c4bdf8e9fc216ed15b2a23e925af704a50bcf7f300bc7
a9b3016f30c8dd098efc8d3dfa22391d10a3ac909549817d7951cb555aa6f001
ab7d6a00ed144388c18ab2aa2af38b75498734abf2ac3e407dba3c01c5f0510c
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b0dc631929b37c52e5c8c6756aec7e13ba291b28ef8673fede20ba821c4b4b18
b100f63cad2d166efe4e89abe1277243689be58d3d45b99335f0f7abaa3cac17
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b38527e810dde501e66666fde1aded193fd7fb44f52918a10150dcf1165296f8
b8c0f9fb2d344b392587abf4c133ce72682cd9f1865c712e038ce79f984ff090
bc4752775f5c65a15c50f2d30a96ac825fbd720f238c19c794339cf512bc035d
bdafc3c34e2a25a4d2a978594c660949dfc6d0e7833b3750b4427d1f72ba101f
be6a8fc5a5a8cc74872a3feae2101beb1059c24d3d79374ebfba31c5bed97084
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c7cbdcbb33ba171d2751700bbfc6cd962e03b772bd3cd3106115ede64345c4db
c8db01f3983f59335439f0d1880946e8ce5a9e792859c5f2d2f56f6b32755de7
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce0e516fe9a9b0bd7734e7e9de25e52b635e2c4440bc8c0072c7ab821c0149a5
d014917a20fa24c355d8ae7bf0d77f7bd92961ee103b38f059afee144f21ddea
d2deb90c9096c22fbd6c2ca65f597aec5bd0ad4c15d6265d129c1a93018aa879
d72099aff5844bb616127eeb41b61b28c273122cb4cb5a45cb59325d4ad97cfc
d7482894ecd8e63a41f552adbed383435bbd3c98afed18b426200ce53333e557
da3e0c3df1cd1caa36a34a9889b0a5701edb885034b9fe20757e0f83576dbcfd
dc01c64a3730a7d5c7edc33769a6dbeac72629a16fb24a90b69db2a5a7e31677
dc0af7c7484b805bdd8d1f28e8a9d423ee920bf490114129c0c755af290b932f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12733a6c38b7b68342353522af5c0fcbbf9bb9a28f39ed203513bd7876f6d55
f57e7be36045409ccad0d3d5eece561c50f5aa9d257c207894322e31d68de8fa
f61e85ce22003fd361d3c76000e409300261da8072380da0eb300ff0ba278676
f72117e611b8f7e7a3aac02f8735a20b3f5dd8710d01c034c1289edb82ca0251
f8aeac4e914652a3bd33be1ad8f09682ac64ea3a18b3338c52d7e354f43a3c6e
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

www.ewg.org Open in urlscan Pro 2606:4700:10::6816:174b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

123 Requests

98 %HTTPS

62 %IPv6

25 Domains

35 Subdomains

26 IPs

4 Countries

2761 kBTransfer

7938 kBSize

34 Cookies

11 Outgoing links

Page URL History

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ewg.org Open in urlscan Pro
2606:4700:10::6816:174b Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

98 %
HTTPS

62 %
IPv6

25
Domains

35
Subdomains

26
IPs

4
Countries

2761 kB
Transfer

7938 kB
Size

34
Cookies

123 HTTP transactions
1 data transactions