urlscan.io logo urlscan.io
SecurityTrails logo

act.ewg.org Open in urlscan Pro
45.60.33.183  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.everyaction.com/k/9694469/96229021/-735725687?nvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9FV0cvRVdHLzEvNzEzO...
Effective URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6...
Submission: On September 08 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 6 countries across 22 domains to perform 76 HTTP transactions. The main IP is 45.60.33.183, located in United States and belongs to INCAPSULA - Incapsula Inc, US. The main domain is act.ewg.org.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on October 5th 2018. Valid for: 2 years.
This is the only time act.ewg.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 45.60.33.183 19551 (INCAPSULA)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
5 52.239.157.138 8075 (MICROSOFT...)
5 2600:9000:205... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
2 172.217.22.2 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 216.58.210.2 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 152.199.19.160 15133 (EDGECAST)
6 2a03:2880:f02... 32934 (FACEBOOK)
2 2606:2800:234... 15133 (EDGECAST)
2 40.114.13.25 8075 (MICROSOFT...)
1 147.75.204.150 54825 (PACKET)
2 143.204.208.10 16509 (AMAZON-02)
1 143.204.214.52 16509 (AMAZON-02)
1 147.75.204.174 54825 (PACKET)
1 147.75.32.75 54825 (PACKET)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 51.140.6.23 8075 (MICROSOFT...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.99.128.52 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
76 25
12    45.60.33.183 (United States)

ASN19551 (INCAPSULA - Incapsula Inc, US)
click.everyaction.com
act.ewg.org
advocator.ngpvan.com
fastaction.ngpvan.com
secure.everyaction.com
secure.ngpvan.com
1    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    2606:4700:20::6819:7824 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
c.shpg.org
5    52.239.157.138 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
nvlupin.blob.core.windows.net
5    2600:9000:2057:800:12:303c:8700:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d3rse9xjbp8270.cloudfront.net
3    2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
17    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    172.217.22.2 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f2.1e100.net
www.googleadservices.com
2    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f2.1e100.net
googleads.g.doubleclick.net
1    2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    152.199.19.160 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
az416426.vo.msecnd.net
6    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
platform.twitter.com
2    40.114.13.25 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
profile.ngpvan.com
1    147.75.204.150 (Chicago, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-8
static.hotjar.com
2    143.204.208.10 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-208-10.fra53.r.cloudfront.net
d1aqhv4sn5kxtx.cloudfront.net
1    143.204.214.52 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-52.fra53.r.cloudfront.net
js.verygoodvault.com
1    147.75.204.174 (Chicago, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-2
script.hotjar.com
1    147.75.32.75 (Amsterdam, Netherlands)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-9
vars.hotjar.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    51.140.6.23 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
dc.services.visualstudio.com
6    2606:4700::6810:4fa5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.lightboxcdn.com
1    23.99.128.52 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: waws-prod-dm1-001.cloudapp.net
lightboxapi1.azurewebsites.net
1    2606:4700::6810:51a5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
api1.lightboxcdn.com
Domain Requested by
17 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
act.ewg.org
7 act.ewg.org act.ewg.org
6 www.lightboxcdn.com act.ewg.org
www.lightboxcdn.com
5 connect.facebook.net act.ewg.org
connect.facebook.net
5 d3rse9xjbp8270.cloudfront.net act.ewg.org
d3rse9xjbp8270.cloudfront.net
www.google-analytics.com
5 nvlupin.blob.core.windows.net act.ewg.org
3 www.googletagmanager.com act.ewg.org
d3rse9xjbp8270.cloudfront.net
2 www.facebook.com act.ewg.org
2 d1aqhv4sn5kxtx.cloudfront.net www.googletagmanager.com
2 profile.ngpvan.com d3rse9xjbp8270.cloudfront.net
az416426.vo.msecnd.net
2 platform.twitter.com act.ewg.org
platform.twitter.com
2 stats.g.doubleclick.net act.ewg.org
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
1 api1.lightboxcdn.com az416426.vo.msecnd.net
1 lightboxapi1.azurewebsites.net www.lightboxcdn.com
1 secure.ngpvan.com az416426.vo.msecnd.net
1 secure.everyaction.com az416426.vo.msecnd.net
1 fastaction.ngpvan.com d3rse9xjbp8270.cloudfront.net
1 dc.services.visualstudio.com az416426.vo.msecnd.net
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 advocator.ngpvan.com az416426.vo.msecnd.net
1 js.verygoodvault.com d3rse9xjbp8270.cloudfront.net
1 static.hotjar.com act.ewg.org
1 staticxx.facebook.com connect.facebook.net
1 az416426.vo.msecnd.net act.ewg.org
1 www.google.de act.ewg.org
1 www.google.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 c.shpg.org act.ewg.org
1 ajax.googleapis.com act.ewg.org
1 click.everyaction.com 1 redirects
76 32

This site contains links to these domains. Also see Links.

Domain
fastaction.ngpvan.com
www.ewg.org
Subject Issuer Validity Valid
act.ewg.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-05 -
2020-10-04		 2 years crt.sh
*.googleapis.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
ssl376474.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-05-13 -
2019-11-19		 6 months crt.sh
*.blob.core.windows.net
Microsoft IT TLS CA 5		 2019-05-22 -
2021-05-22		 2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
www.google.de
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2018-03-30 -
2020-03-30		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-08-24 -
2019-10-19		 2 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2018-11-19 -
2019-11-27		 a year crt.sh
*.ngpvan.com
RapidSSL RSA CA 2018		 2018-02-08 -
2021-02-07		 3 years crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2019-08-07 -
2019-11-05		 3 months crt.sh
*.verygoodvault.com
Amazon		 2019-05-15 -
2020-06-15		 a year crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2019-08-07 -
2019-11-05		 3 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2019-08-07 -
2019-11-05		 3 months crt.sh
dc.services.visualstudio.com
Microsoft IT TLS CA 5		 2019-08-30 -
2021-08-30		 2 years crt.sh
ssl516460.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-24 -
2020-03-01		 6 months crt.sh
*.everyaction.com
Sectigo RSA Domain Validation Secure Server CA		 2019-02-19 -
2021-02-18		 2 years crt.sh
*.azurewebsites.net
DigiCert SHA2 Secure Server CA		 2019-07-22 -
2021-07-22		 2 years crt.sh

This page contains 6 frames:

Primary Page: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Frame ID: 970D0ABFF29A0E139A50C87FEBAB6370
Requests: 72 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: CD0DFCB5C779F99AF41FB0339E3C429E
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.097c1f5038f9e8a0d62a39a892838d66.html?origin=https%3A%2F%2Fact.ewg.org
Frame ID: 0AC4F8479520194F9715CE5CCA1CB1FB
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Frame ID: 317DE40F22BDF4B251DB387093376AE3
Requests: 1 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/lightbox.js?mb=1567957625526&lv=1
Frame ID: E7C19AD1FA0F9EB403003DDE97F6CEB1
Requests: 2 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/lclst/a3241e66-5c6a-4d48-8161-225ef2c02084/ls.html?purl=https%3A%2F%2Fact.ewg.org%2Fonlineactions%2FntMTOZN5ZEiIPcMt1ojN6Q2%3Femci%3D0a226147-50cf-e911-bcd0-281878391efb%26emdi%3D30e9553e-a6d0-e911-bcd0-2818784d4349%26ceid%3D1497666%26contactdata%3Ds6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%252f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%252bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%252fDXguWh%252bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC%26sourceid%3D1017618%26amp%3D&vid=a3241e66-5c6a-4d48-8161-225ef2c02084&se=0&prev=0&cb=637032124261961970
Frame ID: A06CB06506919B8B0B002C86500E1FE0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://click.everyaction.com/k/9694469/96229021/-735725687?nvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhb... HTTP 302
    https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /lightbox.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

76
Requests

100 %
HTTPS

50 %
IPv6

22
Domains

32
Subdomains

25
IPs

6
Countries

1809 kB
Transfer

5343 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.everyaction.com/k/9694469/96229021/-735725687?nvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9FV0cvRVdHLzEvNzEzODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiMzBlOTU1M2UtYTZkMC1lOTExLWJjZDAtMjgxODc4NGQ0MzQ5IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJZSUpEQFBBTUYuT1JHIg0KfQ%3D%3D&hmac=Z7I8ArPfPKflQEVgQE1dZyy0mHNuuq9jLdbGRf4oVMk=&emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2F2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2BbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2FDXguWh%2Bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp HTTP 302
    https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071783566/?random=420479830&cv=9&fst=*&num=1&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8l2&sendb=1&ig=1&frm=0&url=https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2%3Femci%3D0a226147-50cf-e911-bcd0-281878391efb%26emdi%3D30e9553e-a6d0-e911-bcd0-2818784d4349%26ceid%3D1497666%26contactdata%3Ds6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%252f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%252bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%252fDXguWh%252bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC%26sourceid%3D1017618%26amp%3D&tiba=Get%20Toxic%20Heavy%20Metals%20Out%20of%20Our%20Jewelry!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=eCJ1XabaDMWHrAToy4KwAQ&sscte=1&crd=&gtd=&eitems=ChEI8M3S6wUQ9pCmqKm9n9jCARIdAOkaQ-w0UdbajXIlJUvPt76zjPiOf9wnvqna30M HTTP 302
  • https://www.google.com/pagead/1p-conversion/1071783566/?random=420479830&cv=9&fst=*&num=1&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8l2&sendb=1&ig=1&frm=0&url=https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2%3Femci%3D0a226147-50cf-e911-bcd0-281878391efb%26emdi%3D30e9553e-a6d0-e911-bcd0-2818784d4349%26ceid%3D1497666%26contactdata%3Ds6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%252f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%252bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%252fDXguWh%252bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC%26sourceid%3D1017618%26amp%3D&tiba=Get%20Toxic%20Heavy%20Metals%20Out%20of%20Our%20Jewelry!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=eCJ1XabaDMWHrAToy4KwAQ&eitems=ChEI8M3S6wUQ9pCmqKm9n9jCARIdAOkaQ-xsH3Qu4EGlp1yfy5lyuTiQn7U5P8YWXV4&random=4213056575&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/1071783566/?random=420479830&cv=9&fst=*&num=1&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8l2&sendb=1&ig=1&frm=0&url=https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2%3Femci%3D0a226147-50cf-e911-bcd0-281878391efb%26emdi%3D30e9553e-a6d0-e911-bcd0-2818784d4349%26ceid%3D1497666%26contactdata%3Ds6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%252f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%252bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%252fDXguWh%252bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC%26sourceid%3D1017618%26amp%3D&tiba=Get%20Toxic%20Heavy%20Metals%20Out%20of%20Our%20Jewelry!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=eCJ1XabaDMWHrAToy4KwAQ&eitems=ChEI8M3S6wUQ9pCmqKm9n9jCARIdAOkaQ-xsH3Qu4EGlp1yfy5lyuTiQn7U5P8YWXV4&random=4213056575&resp=GooglemKTybQhCsO&ipr=y

76 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set ntMTOZN5ZEiIPcMt1ojN6Q2
act.ewg.org/onlineactions/
Redirect Chain
  • https://click.everyaction.com/k/9694469/96229021/-735725687?nvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9FV0cvRVdHLzEvNzEzODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiMzBlOTU1M2UtYTZkMC1lOTExLWJj...
  • https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoi...
10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
aa040a993aacc3f8f644760817819c9f7eb58208002200753188c2569448683e
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
act.ewg.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Set-Cookie
TiPMix=90.1894426858935; path=/; HttpOnly; Domain=act.ewg.org visid_incap_1852917=aaefmZWqQ1+P0ibtacf7g3YidV0AAAAAQUIPAAAAAAA+JPcRhY2XZ88MayQO925g; expires=Mon, 07 Sep 2020 08:42:07 GMT; path=/; Domain=.ewg.org nlbi_1852917=YpaXM9Hr5xBvn5p2AbumDAAAAADK1nvv2foPWOGuWWoiHYwa; path=/; Domain=.ewg.org incap_ses_770_1852917=U9dUFG4ZsCqvjL0q0pevCncidV0AAAAAYzyT0sLZJjjq5WNZAz/0Uw==; path=/; Domain=.ewg.org
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Access-Control-Expose-Headers
Request-Context
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Date
Sun, 08 Sep 2019 15:47:02 GMT
X-Iinfo
0-18525741-18525750 NNNN CT(90 180 0) RT(1567957622884 22) q(0 0 2 1) r(4 4) U12
X-CDN
Incapsula
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-cache
Pragma
no-cache
Expires
-1
Location
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Access-Control-Expose-Headers
Request-Context
X-Powered-By
ASP.NET
Date
Sun, 08 Sep 2019 15:47:02 GMT
Content-Length
0
Set-Cookie
visid_incap_1392949=6nvA94PsQdKEVAbVaJdpWnYidV0AAAAAQUIPAAAAAADHCAPf9h0Bec9QQll1bXJM; expires=Mon, 07 Sep 2020 08:42:06 GMT; path=/; Domain=.everyaction.com nlbi_1392949=D0OFQ/fdSlddldCQuiPdvwAAAABOGrK4uSC+Rw3EVVHOF/IK; path=/; Domain=.everyaction.com incap_ses_770_1392949=kqDjTkKMeDlZjL0q0pevCnYidV0AAAAAH9UWy9IWz3LXl4L7dihDDg==; path=/; Domain=.everyaction.com
X-Iinfo
13-127802655-127802663 NNNN CT(0 0 0) RT(1567957622654 18) q(0 0 0 -1) r(1 1) U11
X-CDN
Incapsula
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: act.ewg.org
URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 27 Aug 2019 16:53:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1032816
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
30399
x-xss-protection
0
last-modified
Thu, 25 Jan 2018 15:33:24 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Aug 2020 16:53:27 GMT
sp.js
c.shpg.org/278/ 		35 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.shpg.org/278/sp.js
Requested by
Host: act.ewg.org
URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:7824 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad64e9f436f476fb988197ae48418be1fd5e29d33239ea3d8ed8a21f8f67d81
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
51320f0bab70cba8-VIE
date
Sun, 08 Sep 2019 15:47:04 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
EXPIRED
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
status
200
cache-control
public, max-age=1800
content-encoding
br
expires
Sun, 08 Sep 2019 16:17:04 GMT
ga.js
nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/ 		45 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/ga.js
Requested by
Host: act.ewg.org
URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 08 Sep 2019 15:47:03 GMT
Last-Modified
Mon, 05 Aug 2019 21:46:13 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D719EE5622AE57
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
fad21ad4-601e-0123-7e5c-663866000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
46274
jquery.mailcheck.min.js
nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/jquery.mailcheck.min.js
Requested by
Host: act.ewg.org
URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b3b360dc7d412894d4772b986c10a6cfdf06ad89a522135fadf757aa7434ed02

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 08 Sep 2019 15:47:03 GMT
Last-Modified
Mon, 05 Aug 2019 21:46:36 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D719EE63CA579A
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
c1eb6935-f01e-00a1-4b5c-66df63000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
2041
script-error
act.ewg.org/js/ 		228 B
527 B 		Script
General
Check archive.org
Download Go to
Full URL
https://act.ewg.org/js/script-error?v=GeYv9wZQnND5uIxL5ZRwfSHLeWRBgivVndhzehZsiRA1
Requested by
Host: act.ewg.org
URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
8e56bfbe35470230925fd927d16342b3f18d1bc0751b1405c2c26999440426b0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 08 Sep 2019 15:47:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Jul 2019 15:18:08 GMT
X-CDN
Incapsula
Content-Type
text/javascript; charset=utf-8
X-Iinfo
0-18525741-0 0CNN RT(1567957622884 438) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=28078265, public
Content-Length
163
Expires
Wed, 29 Jul 2020 15:18:08 GMT
EWG_Logo_green.png
nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/EWG_Logo_green.png
Requested by
Host: act.ewg.org
URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
85112008f74106bf7dc8348c58a5585b6349daa95b0508f818c9482623389958

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 08 Sep 2019 15:47:03 GMT
Last-Modified
Thu, 21 Mar 2019 13:17:40 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D6ADFF984217C0
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
7542aa54-001e-00b4-105c-661dfa000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
125671
email-checker-embed.js
nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/email-checker-embed.js
Requested by
Host: act.ewg.org
URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
09c09240791dd7620b5353be9461a38903e62d4f3a9c877480eb286f312ac87b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 08 Sep 2019 15:47:03 GMT
Last-Modified
Wed, 07 Aug 2019 21:09:04 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D71B7B7A97FEB6
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
3fa7ff41-301e-00b7-775c-661efd000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
1172
at.js
d3rse9xjbp8270.cloudfront.net/ 		878 KB
252 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3rse9xjbp8270.cloudfront.net/at.js
Requested by
Host: act.ewg.org
URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f34b8767a40c9c087c13b6b2b3747a1b45d6d25fafe93e8364fe68fa4d58a77

Request headers

Sec-Fetch-Mode
cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Origin
https://act.ewg.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 08 Sep 2019 15:07:21 GMT
content-encoding
gzip
age
2382
x-cache
Hit from cloudfront
status
200
content-length
257648
access-control-allow-origin
*
last-modified
Thu, 29 Aug 2019 13:40:38 GMT
server
AmazonS3
etag
"c5f6c1f71af1bb9654474a0be4b140bb"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70f.cloudfront.net (CloudFront)
cache-control
max-age=900, s-maxage=86400, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
CnHqUpzY-LXob4eRqSwd_giid_m6acr973c1G1E6OmjUk-sGmndWGw==
base-js.gif
act.ewg.org/Content/images/ 		35 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://act.ewg.org/Content/images/base-js.gif
Requested by
Host: act.ewg.org
URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 08 Sep 2019 15:47:03 GMT
Last-Modified
Wed, 04 Sep 2019 23:29:34 GMT
X-CDN
Incapsula
Etag
"03e59b7863d51:0"
Content-Type
image/gif
X-Iinfo
0-18525741-0 0CNN RT(1567957622884 1035) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=9529, public
Content-Length
35
Expires
Sun, 08 Sep 2019 18:25:52 GMT
gtm.js
www.googletagmanager.com/ 		102 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ
Requested by
Host: act.ewg.org
URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
65acd4faaf7dc993945851860260e5807faf7f555ba9ea0f9feaa62c5163aaae
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 08 Sep 2019 15:47:04 GMT
content-encoding
br
last-modified
Sun, 08 Sep 2019 15:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
30206
x-xss-protection
0
expires
Sun, 08 Sep 2019 15:47:04 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
3811
date
Sun, 08 Sep 2019 14:43:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Sun, 08 Sep 2019 16:43:33 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.2 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
cafe /
Resource Hash
8c88d6a0ae774f43c52a16b37d0134231b235ddf98ce9eb7f28c587c31b59d5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 08 Sep 2019 15:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
9186
x-xss-protection
0
server
cafe
etag
1827501119694548318
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 08 Sep 2019 15:47:04 GMT
js
www.google-analytics.com/gtm/ 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-PMD7D89&t=gtm2&cid=949777343.1567957624
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5d81cd6b6b332f9c04694c999bb3cb49a555b6a5cc6b809e13a6f578d72d86e7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 08 Sep 2019 15:47:04 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
25421
x-xss-protection
0
expires
Sun, 08 Sep 2019 15:47:04 GMT
collect
www.google-analytics.com/ 		35 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=945359623&t=pageview&_s=1&dl=https%3A%2F%2Fact.ewg.org%2Fonlineactions%2FntMTOZN5ZEiIPcMt1ojN6Q2%3Femci%3D0a226147-50cf-e911-bcd0-281878391efb%26emdi%3D30e9553e-a6d0-e911-bcd0-2818784d4349%26ceid%3D1497666%26contactdata%3Ds6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%252f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%252bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%252fDXguWh%252bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC%26sourceid%3D1017618%26amp%3D&ul=en-us&de=UTF-8&dt=Get%20Toxic%20Heavy%20Metals%20Out%20of%20Our%20Jewelry!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEADQ~&jid=1534932948&gjid=447522547&cid=949777343.1567957624&tid=UA-296149-25&_gid=51968724.1567957624&gtm=2wg8l2PPNMZJ&cg2=onlineactions&cg3=act.ewg.org&z=1850247404
Requested by
Host: act.ewg.org
URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2019 00:26:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1524028
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-296149-25&cid=949777343.1567957624&jid=1534932948&gjid=447522547&_gid=51968724.1567957624&_u=YGBAgEADQ~&z=553868225
Requested by
Host: act.ewg.org
URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 08 Sep 2019 15:47:04 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/1071783566/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/1071783566/?random=1567957624150&cv=9&fst=1567957624150&num=1&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8l2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fact.ewg.org%2Fonlineactions%2FntMTOZN5ZEiIPcMt1ojN6Q2%3Femci%3D0a226147-50cf-e911-bcd0-281878391efb%26emdi%3D30e9553e-a6d0-e911-bcd0-2818784d4349%26ceid%3D1497666%26contactdata%3Ds6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%252f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%252bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%252fDXguWh%252bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC%26sourceid%3D1017618%26amp%3D&tiba=Get%20Toxic%20Heavy%20Metals%20Out%20of%20Our%20Jewelry!&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.2 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
cafe /
Resource Hash
e00bd8bb05098b488d5e5191c17d9e710d45da7b4425656d3aaefdf40485f07f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Sep 2019 15:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
1399
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/1071783566/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071783566/?random=420479830&cv=9&fst=*&num=1&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...
  • https://www.google.com/pagead/1p-conversion/1071783566/?random=420479830&cv=9&fst=*&num=1&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd...
  • https://www.google.de/pagead/1p-conversion/1071783566/?random=420479830&cv=9&fst=*&num=1&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=...
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/1071783566/?random=420479830&cv=9&fst=*&num=1&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8l2&sendb=1&ig=1&frm=0&url=https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2%3Femci%3D0a226147-50cf-e911-bcd0-281878391efb%26emdi%3D30e9553e-a6d0-e911-bcd0-2818784d4349%26ceid%3D1497666%26contactdata%3Ds6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%252f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%252bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%252fDXguWh%252bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC%26sourceid%3D1017618%26amp%3D&tiba=Get%20Toxic%20Heavy%20Metals%20Out%20of%20Our%20Jewelry!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=eCJ1XabaDMWHrAToy4KwAQ&eitems=ChEI8M3S6wUQ9pCmqKm9n9jCARIdAOkaQ-xsH3Qu4EGlp1yfy5lyuTiQn7U5P8YWXV4&random=4213056575&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: act.ewg.org
URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Sep 2019 15:47:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 08 Sep 2019 15:47:04 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/1071783566/?random=420479830&cv=9&fst=*&num=1&value=0&label=Pg0mCKq7vZYBEI69iP8D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8l2&sendb=1&ig=1&frm=0&url=https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2%3Femci%3D0a226147-50cf-e911-bcd0-281878391efb%26emdi%3D30e9553e-a6d0-e911-bcd0-2818784d4349%26ceid%3D1497666%26contactdata%3Ds6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%252f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%252bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%252fDXguWh%252bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC%26sourceid%3D1017618%26amp%3D&tiba=Get%20Toxic%20Heavy%20Metals%20Out%20of%20Our%20Jewelry!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=eCJ1XabaDMWHrAToy4KwAQ&eitems=ChEI8M3S6wUQ9pCmqKm9n9jCARIdAOkaQ-xsH3Qu4EGlp1yfy5lyuTiQn7U5P8YWXV4&random=4213056575&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		95 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: act.ewg.org
URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
013819105effb1832cbcbcfcc6317b0045170a7f671bd953a21f0847fa1a2e6e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 08 Sep 2019 15:47:04 GMT
content-encoding
gzip
content-md5
7JhCKwvLjoUoS5N/nN9LRA==
x-cache
HIT
status
200
content-length
21636
x-ms-lease-status
unlocked
last-modified
Tue, 11 Jun 2019 21:34:18 GMT
server
ECAcc (frc/8FA5)
etag
0x8D6EEB48F61B4AC
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9853965d-801e-0007-132f-661261000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400, immutable
x-ms-version
2009-09-19
gtm.js
www.googletagmanager.com/ 		67 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PM473M
Requested by
Host: act.ewg.org
URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
100f3b6608c2d06b44006e5bf6624c7e274a7a4fa2f9ceba1640a14409e8fa52
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 08 Sep 2019 15:47:04 GMT
content-encoding
br
last-modified
Sun, 08 Sep 2019 15:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
23307
x-xss-protection
0
expires
Sun, 08 Sep 2019 15:47:04 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: act.ewg.org
URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
46779e3cad2b91e0d18dacc02663720d2ad84c9546508c7df89dc89f706dac79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
bdPwyYLlX50KPlOn5jbKnw==
status
200
content-length
1781
etag
"32675995b55236c459f4a4e816bf8619"
x-fb-debug
RD1jsNH60pItB7BIFaKk6zDfUsj3dm9YdhNNhS7MeAg0FMxeap9gNetTBthJ76sel9j3a3X5yYxmnj9oHxDaTA==
x-fb-trip-id
2000377899
x-fb-content-md5
f1c63df0027837ff56476b2c7332b832
x-frame-options
DENY
date
Sun, 08 Sep 2019 15:47:04 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 08 Sep 2019 15:51:07 GMT
widgets.js
platform.twitter.com/ 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: act.ewg.org
URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4197) /
Resource Hash
f1106d00331995db22eee14181b1510b7ec3b7e780e0e4fa6827c66aaa2a99b4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 08 Sep 2019 15:47:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Sep 2019 20:15:11 GMT
Server
ECS (fcn/4197)
Etag
"c94e1412de2586837b1f5f0a672cec7e+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
28055
jewels-background-4-1900px.jpg
nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/ 		325 KB
326 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/jewels-background-4-1900px.jpg
Requested by
Host: act.ewg.org
URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
205338343ea6e51032370ab86baf04c802386f1bf17ad01bd7796bd985a51c9c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 08 Sep 2019 15:47:04 GMT
Last-Modified
Wed, 04 Sep 2019 19:43:52 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D7317036DF755C
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
7542abc1-001e-00b4-525c-661dfa000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
333024
sdk.js
connect.facebook.net/en_US/ 		200 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=ec713778405e7b9695787df1b87d7c81&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
ccd053017fdae8464083266bb6715aa4a011743f2e8729a23c7216a641a71b43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Origin
https://act.ewg.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
VS1uGtt0kmSjndg5IKEYqg==
status
200
content-length
60758
etag
"76391fdb548f426f9c32db11a2121151"
x-fb-debug
Dwgcz+6bA0y20Yq9gyqCLvi0/kJZBsLlbSOiRfVPjmj7I2efgWa2JMFr13p6xCZtwv7oTPipIfEmleZtq3fxRg==
x-fb-trip-id
420120009
x-fb-content-md5
95a226be48eca50fad70bf761beb4c79
x-frame-options
DENY
date
Sun, 08 Sep 2019 15:47:04 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Mon, 07 Sep 2020 15:06:20 GMT
with-js.gif
act.ewg.org/Content/images/ 		35 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://act.ewg.org/Content/images/with-js.gif
Requested by
Host: act.ewg.org
URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 08 Sep 2019 15:47:04 GMT
Last-Modified
Wed, 04 Sep 2019 23:29:34 GMT
X-CDN
Incapsula
Etag
"03e59b7863d51:0"
Content-Type
image/gif
X-Iinfo
0-18525741-0 0CNN RT(1567957622884 1860) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=9529, public
Content-Length
35
Expires
Sun, 08 Sep 2019 18:25:53 GMT
_Incapsula_Resource
act.ewg.org/ 		108 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.ewg.org/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=393359598
Requested by
Host: act.ewg.org
URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
59b12bb82f6bce4a51799b0729477cd791a337a89d9bd1d297d5325ca01915f9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Encoding
gzip
Cache-Control
no-cache
Content-Length
15742
Content-Type
application/javascript
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 08 Sep 2019 15:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
877
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
1296
x-xss-protection
0
expires
Sun, 08 Sep 2019 16:32:27 GMT
xd_arbiter.php
staticxx.facebook.com/connect/ Frame CD0D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=ec713778405e7b9695787df1b87d7c81&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=

Response headers

status
200
content-encoding
br
content-type
text/html; charset=utf-8
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Sat, 05 Sep 2020 20:39:59 GMT
cache-control
public,max-age=31536000,immutable
x-fb-debug
FVsw7NGU/I9sJfXJaucIyqoxy8nTEkNq3WhGZULQwrNA0W5x8d1fTP80YpoWJ+C8qxlbSDgF1w8VKOO176HUXw==
content-length
11727
x-fb-trip-id
2000377899
date
Sun, 08 Sep 2019 15:47:04 GMT
widget_iframe.097c1f5038f9e8a0d62a39a892838d66.html
platform.twitter.com/widgets/ Frame 0AC4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.097c1f5038f9e8a0d62a39a892838d66.html?origin=https%3A%2F%2Fact.ewg.org
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40D9) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sun, 08 Sep 2019 15:47:04 GMT
Etag
"7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified
Thu, 05 Sep 2019 20:14:23 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40D9)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5816
identity
profile.ngpvan.com/ 		72 B
849 B 		Script
General
Check archive.org
Download Go to
Full URL
https://profile.ngpvan.com/identity?callback=_jqjsp
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.114.13.25 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
3b28a3112a58e0fbe982ba98e98ef9eddd734aea7c4ec88e3b00427a9fcff96d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 08 Sep 2019 15:47:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
X-Powered-By
Express, ASP.NET
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
Content-Type
text/javascript; charset=utf-8
Content-Length
192
ETag
W/"48-1ib6djeWrHakZrHocFCOvfaf/CQ"
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=databag
gtm.js
www.googletagmanager.com/ 		69 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d43836181816cab0a1fe6306719242a3d48862030061c029073ce7c81882f0c3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 08 Sep 2019 15:47:04 GMT
content-encoding
br
last-modified
Sun, 08 Sep 2019 15:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
22806
x-xss-protection
0
expires
Sun, 08 Sep 2019 15:47:04 GMT
at.min.css
d3rse9xjbp8270.cloudfront.net/ 		107 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3rse9xjbp8270.cloudfront.net/at.min.css
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
586da77625222bd42cdc5ca526d8c0a4b6d013d3a6326501943c1a90a9137ae1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 08 Sep 2019 14:45:50 GMT
content-encoding
gzip
age
3674
x-cache
Hit from cloudfront
status
200
content-length
20017
access-control-allow-origin
*
last-modified
Wed, 14 Aug 2019 21:59:14 GMT
server
AmazonS3
etag
"228c5107593e487f44e83e1411cf8924"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
cache-control
max-age=900, s-maxage=86400, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
XOolDwnG_hkDS4yQVTXsN_pqKXeEhcP24kyZu3G5LiRS5EWInGWbhA==
extra.min.css
d3rse9xjbp8270.cloudfront.net/ 		93 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63e779ec6d8aa4176b3ffcf1720c8bebe8dfc29c6b8da77dcb04d512faea8bdb

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 08 Sep 2019 14:45:51 GMT
content-encoding
gzip
age
3674
x-cache
Hit from cloudfront
status
200
content-length
20056
access-control-allow-origin
*
last-modified
Wed, 14 Aug 2019 21:59:14 GMT
server
AmazonS3
etag
"597b273ae79c234a7387d38e67548441"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
cache-control
max-age=900, s-maxage=86400, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
XcBGq7FNo_-pN3P6Qyl4PyC3hQsjqbpGOF54Z3yOENS2B6Vc8xx7DQ==
hotjar-1161534.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1161534.js?sv=6
Requested by
Host: act.ewg.org
URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.204.150 Chicago, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-8
Software
openresty /
Resource Hash
e6c748051af1fdbb5dc0387216bda0c18ad35c116f6245dbc4ff3119bf734087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 08 Sep 2019 15:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
section-io-tag
hotjar
age
66
status
200
section-io-cache
Hit
vary
Accept-Encoding
content-length
1956
server
openresty
cache-control
max-age=60
x-frame-options
SAMEORIGIN
etag
W/929dc362cf6bab89c79b5e961a21d300
access-control-max-age
600
section-io-origin-status
304
access-control-allow-origin
*
x-cache-hit
1
section-io-origin-time-seconds
0.124
section-io-id
82f32c40e9e1e9622ce008b4a9560dc6
accept-ranges
bytes
content-type
application/javascript
at.js
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 		878 KB
252 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.10 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-208-10.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bee921717eaa88a5a96691b994da8dc6ee3354e71dc89a2ef618c2814ae1c3dc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 08 Sep 2019 13:50:45 GMT
Content-Encoding
gzip
Age
6980
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
257653
Access-Control-Allow-Origin
*
Last-Modified
Thu, 29 Aug 2019 13:40:38 GMT
Server
AmazonS3
ETag
"4d9fecd51c31556cad435ccf4c9adba4"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Via
1.1 d01ad8df731d3f120823f9e20df55147.cloudfront.net (CloudFront)
Cache-Control
max-age=900, s-maxage=86400, public
X-Amz-Cf-Pop
FRA53-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
lDuoSofXO2ZKNvh0SPQ23Rtl5RYuc05WGz24JWzn-8VuLtUJM1r8Vg==
fbevents.js
connect.facebook.net/en_US/ 		121 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: act.ewg.org
URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
31604
x-xss-protection
0
pragma
public
x-fb-debug
qIyTw2+CS9/xnZPIByM1iLGilz0zvemxdbR0Aq/sCTy3dLg0VsIGNifOYDi2Bi0KnNcINs1F6cwk6B3CKQ33Gg==
x-fb-trip-id
2000377899
x-frame-options
DENY
date
Sun, 08 Sep 2019 15:47:04 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
AC2nt8erbFu3svSWxmyTZr1b.js
js.verygoodvault.com/vgs-collect/1/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.52 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-52.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1ea98199c0cd8511cfe5a02bb293b6731b48cc67f16bc7787b89cab39a7666de

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
KvRBiipx0NNHnOKXXWeP73zNbFpe2Gie
Content-Encoding
gzip
Last-Modified
Tue, 03 Sep 2019 14:06:43 GMT
Server
AmazonS3
Age
42
Date
Sun, 08 Sep 2019 15:46:24 GMT
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
eCkwHjdTLq-WPX2nCzsXHbWSlo9dWm-K5G0OGdHTSZPtZP1DkJM2nA==
ngpForm
advocator.ngpvan.com/https%3a%2f%2fact.ewg.org%2fv1%2fForms%2fntMTOZN5ZEiIPcMt1ojN6Q2/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://advocator.ngpvan.com/https%3a%2f%2fact.ewg.org%2fv1%2fForms%2fntMTOZN5ZEiIPcMt1ojN6Q2/ngpForm
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
Cowboy / Express
Resource Hash
d9f31b61d16b7ec21217bcd0a44b504187d0e293b2e692c23e8a30532a20903e

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Sun, 08 Sep 2019 15:47:05 GMT
Via
1.1 vegur
Server
Cowboy
X-Powered-By
Express
Etag
W/"1ec5-sybqCTOXsdH0k+BdIVQv9+q7xIM"
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://act.ewg.org
X-Iinfo
4-62212966-62212969 NNNN CT(85 205 0) RT(1567957624886 18) q(0 0 2 0) r(5 5) U4
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Encoding
gzip
Transfer-Encoding
chunked
X-CDN
Incapsula
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=945359623&t=event&ni=1&_s=1&dl=https%3A%2F%2Fact.ewg.org%2Fonlineactions%2FntMTOZN5ZEiIPcMt1ojN6Q2%3Femci%3D0a226147-50cf-e911-bcd0-281878391efb%26emdi%3D30e9553e-a6d0-e911-bcd0-2818784d4349%26ceid%3D1497666%26contactdata%3Ds6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%252f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%252bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%252fDXguWh%252bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC%26sourceid%3D1017618%26amp%3D&ul=en-us&de=UTF-8&dt=Get%20Toxic%20Heavy%20Metals%20Out%20of%20Our%20Jewelry!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%20Tracking&ea=0%25&el=https%3A%2F%2Fact.ewg.org%2Fonlineactions%2FntMTOZN5ZEiIPcMt1ojN6Q2%3Femci%3D0a226147-50cf-e911-bcd0-281878391efb%26emdi%3D30e9553e-a6d0-e911-bcd0-2818784d4349%26ceid%3D1497666%26contactdata%3Ds6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%252f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%252bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%252fDXguWh%252bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC%26sourceid%3D1017618%26amp%3D&_u=aGDACEALR~&jid=83366518&gjid=583222397&cid=949777343.1567957624&tid=UA-296149-25&_gid=51968724.1567957624&_r=1&gtm=2wg8l2PPNMZJ&z=694064432
Requested by
Host: act.ewg.org
URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Sep 2019 15:47:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
_Incapsula_Resource
act.ewg.org/ 		1 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://act.ewg.org/_Incapsula_Resource?SWKMTFSR=1&e=0.7729573890501567
Requested by
Host: act.ewg.org
URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
no-cache
Content-Length
1
Content-Type
text/plain
431673573640385
connect.facebook.net/signals/config/ 		308 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/431673573640385?v=2.9.4&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
222ccd47edcba35fa954ad1ce6e7a9d58b3c80de3636153cdd2969207c47ad65
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
79815
x-xss-protection
0
pragma
public
x-fb-debug
9kK9fTFyu6SkVHTEjWspL4//RO60AOMWmWfEL6PW6nwcOpxHH2LrjL+bLgBqJqO3fo0YRlEP7GyT4cQomr8kDA==
x-fb-trip-id
2000377899
x-frame-options
DENY
date
Sun, 08 Sep 2019 15:47:05 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
sweetspot.js
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/sweetspot.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.10 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-208-10.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d32edd2deab9a90a989acdfb16d6fcf57bbe15acb7716c3d851e10f1fcfc1163

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 04 Jun 2019 01:11:14 GMT
Via
1.1 d01ad8df731d3f120823f9e20df55147.cloudfront.net (CloudFront)
Age
27660
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
8149
Last-Modified
Wed, 01 Mar 2017 15:31:32 GMT
Server
AmazonS3
ETag
"37a7034ed35eb1d861eba8fca5dbdea6"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900, s-maxage=86400, public
X-Amz-Cf-Pop
FRA53-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
lwcdLK0MyASTeCrtMY_YjuFSWuEh52Om2f0K_j_UMat8O2Z7lTmMTQ==
modules.4d71caa5b820d76ee739.js
script.hotjar.com/ 		426 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.4d71caa5b820d76ee739.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1161534.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.204.174 Chicago, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-2
Software
/
Resource Hash
38896119b5b0007bd7b5066e7c4825ed18a0a741890546619445250cdf4efadc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 08 Sep 2019 15:47:05 GMT
content-encoding
br
last-modified
Thu, 05 Sep 2019 12:36:45 GMT
status
200
etag
"2b450139f51541542dec21ed468002e5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.063
section-io-origin-status
200
accept-ranges
bytes
section-io-id
b409efd7a568982e2fc308afedd882b6
content-length
72902
box-90f3a29ef7448451db5af955688970d7.html
vars.hotjar.com/ Frame 317D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1161534.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.32.75 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-9
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-90f3a29ef7448451db5af955688970d7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=

Response headers

status
200
date
Sun, 08 Sep 2019 15:47:05 GMT
content-type
text/html
content-length
787
cache-control
max-age=31536000
content-encoding
br
last-modified
Tue, 13 Aug 2019 14:18:56 GMT
etag
"5ee1a7ca3792b75767626ba3f51572aa"
section-io-origin-status
200
section-io-origin-time-seconds
0.057
vary
Accept-Encoding
accept-ranges
bytes
section-io-id
c6391c7c7ea88d4cf73a9ec1efd53aab
inferredEvents.js
connect.facebook.net/signals/plugins/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
10218
x-xss-protection
0
pragma
public
x-fb-debug
kPh1ro6dQ1l8gliyhM7aoVbsPRwSKXTA/FoTgHBisi2nXAwSET+RVGbcXfAfjIXx8y9FQVpC2vJLTQNrBn7Gzg==
x-fb-trip-id
2000377899
x-frame-options
DENY
date
Sun, 08 Sep 2019 15:47:05 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=431673573640385&ev=PageView&dl=https%3A%2F%2Fact.ewg.org%2Fonlineactions%2FntMTOZN5ZEiIPcMt1ojN6Q2%3Femci%3D0a226147-50cf-e911-bcd0-281878391efb%26emdi%3D30e9553e-a6d0-e911-bcd0-2818784d4349%26ceid%3D1497666%26contactdata%3Ds6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%252f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%252bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%252fDXguWh%252bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC%26sourceid%3D1017618%26amp%3D&rl=&if=false&ts=1567957625154&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.1.1567957625152.682850981&it=1567957625058&coo=false&rqm=GET
Requested by
Host: act.ewg.org
URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 08 Sep 2019 15:47:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Sun, 08 Sep 2019 15:47:05 GMT
nvtag
profile.ngpvan.com/v2/data/sLJwZK2mGwT9FrnHFx7TyK06/ 		2 B
673 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://profile.ngpvan.com/v2/data/sLJwZK2mGwT9FrnHFx7TyK06/nvtag
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.114.13.25 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Sun, 08 Sep 2019 15:47:05 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
Express, ASP.NET
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary
Origin,Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://act.ewg.org
Access-Control-Allow-Credentials
true
Content-Length
123
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=databag
track
dc.services.visualstudio.com/v2/ 		96 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
411122d14adc4bc002b891888c499170fed6159ad31ebf2474abc79fe71aadb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
7AB8FB94-5583-4313-8868-890316A6CFA7
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Access-Control-Max-Age
3600
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Date
Sun, 08 Sep 2019 15:47:05 GMT
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length
96
lightbox_inline.js
www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/lightbox_inline.js?mb=1567957625463
Requested by
Host: act.ewg.org
URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f793d0ef8e7b2b0a2f5271e63c4be9cfaefcf746af1b849d353bf75e420d20d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 08 Sep 2019 15:47:05 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
o+td2hMqqGlNUrKlAG8B3A==
age
32
cf-polished
origSize=2379
status
200
x-ms-lease-status
unlocked
last-modified
Wed, 04 Sep 2019 16:47:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
abb09b3a-d01e-0006-6942-63a2b9000000
x-ms-version
2009-09-19
cf-ray
51320f176f1d59ee-VIE
cf-bgj
minify
lightbox.js
www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/ Frame E7C1 		326 B
279 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/lightbox.js?mb=1567957625526&lv=1
Requested by
Host: act.ewg.org
URL: https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b73d62248328166d022859de067672f393b6497b2153b433c717e14672d49226

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 08 Sep 2019 15:47:05 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
341268
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cf-ray
51320f179f3059ee-VIE
user.js
www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/ Frame E7C1 		785 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/user.js?cb=637032124268809345
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/lightbox.js?mb=1567957625526&lv=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
de71efa1fccf1dbffe5c4298e290fac612ee54a4d539294d1ddbe0b1175e2a27

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 08 Sep 2019 15:47:05 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
6ua5oxzj/VEETUu1IOn/UA==
age
341267
cf-polished
origSize=1256067
status
200
last-modified
Wed, 04 Sep 2019 16:47:06 GMT
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
2ab99e47-701e-00cc-6442-633174000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
cf-ray
51320f17cf4f59ee-VIE
expires
Mon, 07 Sep 2020 15:47:05 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
3812
date
Sun, 08 Sep 2019 14:43:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Sun, 08 Sep 2019 16:43:33 GMT
identity
fastaction.ngpvan.com/api/v1/ 		186 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fastaction.ngpvan.com/api/v1/identity?callback=_jqjsp&_1567957625577=
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
Cowboy / Express
Resource Hash
be06a01a728cd32b2d9ff91b4313b37389f116238c6ff25366115f0b813b269c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-CDN
Incapsula
X-Powered-By
Express
Transfer-Encoding
chunked
P3p
CP="NOI ADM DEV COM NAV OUR STP"
X-Iinfo
11-48078061-48078066 NNNN CT(87 193 0) RT(1567957625465 30) q(0 0 3 1) r(4 4) U4
Date
Sun, 08 Sep 2019 15:47:05 GMT
Connection
keep-alive
Content-Encoding
gzip
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=FastAction
Server
Cowboy
Etag
W/"ba-446164849"
Vary
X-HTTP-Method-Override, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
truncated
/ 		73 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
glyphicons-regular.woff2
d3rse9xjbp8270.cloudfront.net/fonts/ 		94 KB
95 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3rse9xjbp8270.cloudfront.net/fonts/glyphicons-regular.woff2
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591

Request headers

Sec-Fetch-Mode
cors
Referer
https://d3rse9xjbp8270.cloudfront.net/at.min.css
Origin
https://act.ewg.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 07 Sep 2019 16:23:01 GMT
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70f.cloudfront.net (CloudFront)
age
84244
x-cache
Hit from cloudfront
status
200
content-length
96388
last-modified
Tue, 06 Aug 2019 22:40:56 GMT
server
AmazonS3
etag
"aca35251952e72d9e32d41217f0f97ab"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-id
VqkVrGXO1saNu10LN7rB8NT-1uZaBzTXKLI9hrLVYySXG0oX3kBVJg==
truncated
/ 		784 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
fast-action.png
d3rse9xjbp8270.cloudfront.net/images/ 		1019 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rse9xjbp8270.cloudfront.net/images/fast-action.png
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
557afa4ab7c9f72d664c4b24fdac9550f4a76fd2be10eaa1e50b13fe1985c321

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://d3rse9xjbp8270.cloudfront.net/at.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 01 Sep 2019 09:44:04 GMT
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
age
626582
x-cache
Hit from cloudfront
status
200
content-length
1019
last-modified
Tue, 06 Aug 2019 22:41:02 GMT
server
AmazonS3
etag
"fe324c0498d28e434d58e6d547ba19a1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
_tVdu3fUFOZ08EDGlvkBTcTD1O-T-31kPerCBEvggAaCeKp7zlXFlw==
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=945359623&t=timing&_s=1&dl=https%3A%2F%2Fact.ewg.org%2Fonlineactions%2FntMTOZN5ZEiIPcMt1ojN6Q2%3Femci%3D0a226147-50cf-e911-bcd0-281878391efb%26emdi%3D30e9553e-a6d0-e911-bcd0-2818784d4349%26ceid%3D1497666%26contactdata%3Ds6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%252f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%252bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%252fDXguWh%252bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC%26sourceid%3D1017618%26amp%3D&ul=en-us&de=UTF-8&dt=Get%20Toxic%20Heavy%20Metals%20Out%20of%20Our%20Jewelry!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Downloading&utl=Forms&utt=577&_u=aGDACEALR~&jid=647142127&gjid=1265669398&cid=949777343.1567957624&tid=UA-28243511-22&_gid=51968724.1567957624&_r=1&gtm=2wg8l25L2FSL&z=662755927
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Sep 2019 15:47:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=945359623&t=event&ni=1&_s=1&dl=https%3A%2F%2Fact.ewg.org%2Fonlineactions%2FntMTOZN5ZEiIPcMt1ojN6Q2%3Femci%3D0a226147-50cf-e911-bcd0-281878391efb%26emdi%3D30e9553e-a6d0-e911-bcd0-2818784d4349%26ceid%3D1497666%26contactdata%3Ds6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%252f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%252bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%252fDXguWh%252bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC%26sourceid%3D1017618%26amp%3D&ul=en-us&de=UTF-8&dt=Get%20Toxic%20Heavy%20Metals%20Out%20of%20Our%20Jewelry!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=AdvocacyForm&ea=Form%20Load&el=Minimal&ev=9&_u=aGDACEALR~&jid=350499314&gjid=1391685914&cid=949777343.1567957624&tid=UA-28243511-24&_gid=51968724.1567957624&_r=1&gtm=2wg8l25L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FEWG%2FEWG%2F1%2F71381&cd3=4507037%2C4507088&cd4=201909%20-%20California%20CA%20SB%20647%20Lead%20in%20Jewelry&cd5=ntMTOZN5ZEiIPcMt1ojN6Q2&z=509023099
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Sep 2019 15:47:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=945359623&t=pageview&_s=1&dl=https%3A%2F%2Fact.ewg.org%2Fonlineactions%2FntMTOZN5ZEiIPcMt1ojN6Q2%3Femci%3D0a226147-50cf-e911-bcd0-281878391efb%26emdi%3D30e9553e-a6d0-e911-bcd0-2818784d4349%26ceid%3D1497666%26contactdata%3Ds6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%252f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%252bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%252fDXguWh%252bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC%26sourceid%3D1017618%26amp%3D&ul=en-us&de=UTF-8&dt=Get%20Toxic%20Heavy%20Metals%20Out%20of%20Our%20Jewelry!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAiEALR~&jid=963142399&gjid=886773950&cid=949777343.1567957624&tid=UA-28243511-24&_gid=51968724.1567957624&gtm=2wg8l25L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FEWG%2FEWG%2F1%2F71381&cd3=4507037%2C4507088&cd4=201909%20-%20California%20CA%20SB%20647%20Lead%20in%20Jewelry&cd5=ntMTOZN5ZEiIPcMt1ojN6Q2&z=960794582
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2019 00:26:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1524029
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-28243511-24&cid=949777343.1567957624&jid=963142399&gjid=886773950&_gid=51968724.1567957624&_u=aGDAiEALR~&z=450512175
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 08 Sep 2019 15:47:05 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=945359623&t=event&ni=1&_s=1&dl=https%3A%2F%2Fact.ewg.org%2Fonlineactions%2FntMTOZN5ZEiIPcMt1ojN6Q2%3Femci%3D0a226147-50cf-e911-bcd0-281878391efb%26emdi%3D30e9553e-a6d0-e911-bcd0-2818784d4349%26ceid%3D1497666%26contactdata%3Ds6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%252f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%252bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%252fDXguWh%252bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC%26sourceid%3D1017618%26amp%3D&ul=en-us&de=UTF-8&dt=Get%20Toxic%20Heavy%20Metals%20Out%20of%20Our%20Jewelry!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=AdvocacyForm&ea=Form%20Load&el=Minimal&ev=9&_u=aGDACEALR~&jid=&gjid=&cid=949777343.1567957624&tid=UA-296149-25&_gid=51968724.1567957624&gtm=2wg8l2PPNMZJ&z=442586462
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2019 00:26:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1524029
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=945359623&t=timing&_s=1&dl=https%3A%2F%2Fact.ewg.org%2Fonlineactions%2FntMTOZN5ZEiIPcMt1ojN6Q2%3Femci%3D0a226147-50cf-e911-bcd0-281878391efb%26emdi%3D30e9553e-a6d0-e911-bcd0-2818784d4349%26ceid%3D1497666%26contactdata%3Ds6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%252f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%252bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%252fDXguWh%252bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC%26sourceid%3D1017618%26amp%3D&ul=en-us&de=UTF-8&dt=Get%20Toxic%20Heavy%20Metals%20Out%20of%20Our%20Jewelry!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Processing&utl=Forms&utt=36&_u=aGDACEALR~&jid=&gjid=&cid=949777343.1567957624&tid=UA-28243511-22&_gid=51968724.1567957624&gtm=2wg8l25L2FSL&z=1295509261
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2019 00:26:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1524029
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ntMTOZN5ZEiIPcMt1ojN6Q2
act.ewg.org/v1/Track/ 		0
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://act.ewg.org/v1/Track/ntMTOZN5ZEiIPcMt1ojN6Q2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-CDN
Incapsula
Date
Sun, 08 Sep 2019 15:47:05 GMT
X-Frame-Options
SAMEORIGIN
X-Iinfo
0-18525741-18525750 SNNN RT(1567957622884 2641) q(0 0 0 -1) r(1 1) U2
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
-1
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=945359623&t=timing&_s=1&dl=https%3A%2F%2Fact.ewg.org%2Fonlineactions%2FntMTOZN5ZEiIPcMt1ojN6Q2%3Femci%3D0a226147-50cf-e911-bcd0-281878391efb%26emdi%3D30e9553e-a6d0-e911-bcd0-2818784d4349%26ceid%3D1497666%26contactdata%3Ds6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%252f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%252bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%252fDXguWh%252bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC%26sourceid%3D1017618%26amp%3D&ul=en-us&de=UTF-8&dt=Get%20Toxic%20Heavy%20Metals%20Out%20of%20Our%20Jewelry!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Render&utl=Forms&utt=22&_u=aGDACEALR~&jid=&gjid=&cid=949777343.1567957624&tid=UA-28243511-22&_gid=51968724.1567957624&gtm=2wg8l25L2FSL&z=21770744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2019 00:26:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1524029
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=945359623&t=event&ni=1&_s=1&dl=https%3A%2F%2Fact.ewg.org%2Fonlineactions%2FntMTOZN5ZEiIPcMt1ojN6Q2%3Femci%3D0a226147-50cf-e911-bcd0-281878391efb%26emdi%3D30e9553e-a6d0-e911-bcd0-2818784d4349%26ceid%3D1497666%26contactdata%3Ds6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%252f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%252bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%252fDXguWh%252bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC%26sourceid%3D1017618%26amp%3D&ul=en-us&de=UTF-8&dt=Get%20Toxic%20Heavy%20Metals%20Out%20of%20Our%20Jewelry!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=AdvocacyForm&ea=Form%20Fill&el=FastAction&ev=1&_u=aGDACEALR~&jid=&gjid=&cid=949777343.1567957624&tid=UA-296149-25&_gid=51968724.1567957624&gtm=2wg8l2PPNMZJ&z=707518558
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2019 00:26:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1524029
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=945359623&t=timing&_s=1&dl=https%3A%2F%2Fact.ewg.org%2Fonlineactions%2FntMTOZN5ZEiIPcMt1ojN6Q2%3Femci%3D0a226147-50cf-e911-bcd0-281878391efb%26emdi%3D30e9553e-a6d0-e911-bcd0-2818784d4349%26ceid%3D1497666%26contactdata%3Ds6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%252f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%252bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%252fDXguWh%252bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC%26sourceid%3D1017618%26amp%3D&ul=en-us&de=UTF-8&dt=Get%20Toxic%20Heavy%20Metals%20Out%20of%20Our%20Jewelry!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Fill&utl=Forms&utt=7&_u=aGDACEALR~&jid=&gjid=&cid=949777343.1567957624&tid=UA-28243511-22&_gid=51968724.1567957624&gtm=2wg8l25L2FSL&z=1649848426
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2019 00:26:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1524029
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=945359623&t=timing&_s=1&dl=https%3A%2F%2Fact.ewg.org%2Fonlineactions%2FntMTOZN5ZEiIPcMt1ojN6Q2%3Femci%3D0a226147-50cf-e911-bcd0-281878391efb%26emdi%3D30e9553e-a6d0-e911-bcd0-2818784d4349%26ceid%3D1497666%26contactdata%3Ds6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%252f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%252bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%252fDXguWh%252bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC%26sourceid%3D1017618%26amp%3D&ul=en-us&de=UTF-8&dt=Get%20Toxic%20Heavy%20Metals%20Out%20of%20Our%20Jewelry!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Form&utl=Forms&utt=670&_u=aGDACEALR~&jid=&gjid=&cid=949777343.1567957624&tid=UA-28243511-22&_gid=51968724.1567957624&gtm=2wg8l25L2FSL&z=655257430
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2019 00:26:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1524029
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=945359623&t=timing&_s=1&dl=https%3A%2F%2Fact.ewg.org%2Fonlineactions%2FntMTOZN5ZEiIPcMt1ojN6Q2%3Femci%3D0a226147-50cf-e911-bcd0-281878391efb%26emdi%3D30e9553e-a6d0-e911-bcd0-2818784d4349%26ceid%3D1497666%26contactdata%3Ds6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%252f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%252bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%252fDXguWh%252bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC%26sourceid%3D1017618%26amp%3D&ul=en-us&de=UTF-8&dt=Get%20Toxic%20Heavy%20Metals%20Out%20of%20Our%20Jewelry!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Total&utt=709&_u=aGDACEALR~&jid=&gjid=&cid=949777343.1567957624&tid=UA-28243511-22&_gid=51968724.1567957624&gtm=2wg8l25L2FSL&z=21708065
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2019 00:26:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1524029
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=431673573640385&ev=Microdata&dl=https%3A%2F%2Fact.ewg.org%2Fonlineactions%2FntMTOZN5ZEiIPcMt1ojN6Q2%3Femci%3D0a226147-50cf-e911-bcd0-281878391efb%26emdi%3D30e9553e-a6d0-e911-bcd0-2818784d4349%26ceid%3D1497666%26contactdata%3Ds6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%252f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%252bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%252fDXguWh%252bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC%26sourceid%3D1017618%26amp%3D&rl=&if=false&ts=1567957625680&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Get%20Toxic%20Heavy%20Metals%20Out%20of%20Our%20Jewelry!%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Get%20Toxic%20Heavy%20Metals%20Out%20of%20Our%20Jewelry!%22%2C%22og%3Adescription%22%3A%22Stand%20up%20for%20children%E2%80%99s%20health%20and%20urge%20your%20state%20assembly%20member%20to%20vote%20yes%20on%20SB%20647!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fnvlupin.blob.core.windows.net%2Fimages%2Fvan%2FEWG%2FEWG%2F1%2F71381%2Fimages%2Fjewels-background-1900px.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.4&r=stable&ec=1&o=30&fbp=fb.1.1567957625152.682850981&it=1567957625058&coo=false&es=automatic&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 08 Sep 2019 15:47:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Sun, 08 Sep 2019 15:47:05 GMT
fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637032124261961970
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/user.js?cb=637032124268809345
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 08 Sep 2019 15:47:05 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
q4B4xYJoZwx9ikt94o1nCA==
age
337693
cf-polished
origSize=6016
x-ms-meta-cbmodifiedtime
Wed, 10 Apr 2019 18:50:43 GMT
status
200
last-modified
Wed, 10 Apr 2019 19:06:17 GMT
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-ms-request-id
fb8edc5c-501e-013a-7c4a-635037000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
cf-ray
51320f18cfeb59ee-VIE
expires
Mon, 07 Sep 2020 15:47:05 GMT
ls.html
www.lightboxcdn.com/lclst/a3241e66-5c6a-4d48-8161-225ef2c02084/ Frame A06C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/lclst/a3241e66-5c6a-4d48-8161-225ef2c02084/ls.html?purl=https%3A%2F%2Fact.ewg.org%2Fonlineactions%2FntMTOZN5ZEiIPcMt1ojN6Q2%3Femci%3D0a226147-50cf-e911-bcd0-281878391efb%26emdi%3D30e9553e-a6d0-e911-bcd0-2818784d4349%26ceid%3D1497666%26contactdata%3Ds6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%252f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%252bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%252fDXguWh%252bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC%26sourceid%3D1017618%26amp%3D&vid=a3241e66-5c6a-4d48-8161-225ef2c02084&se=0&prev=0&cb=637032124261961970
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/user.js?cb=637032124268809345
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
www.lightboxcdn.com
:scheme
https
:path
/lclst/a3241e66-5c6a-4d48-8161-225ef2c02084/ls.html?purl=https%3A%2F%2Fact.ewg.org%2Fonlineactions%2FntMTOZN5ZEiIPcMt1ojN6Q2%3Femci%3D0a226147-50cf-e911-bcd0-281878391efb%26emdi%3D30e9553e-a6d0-e911-bcd0-2818784d4349%26ceid%3D1497666%26contactdata%3Ds6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%252f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%252bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%252fDXguWh%252bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC%26sourceid%3D1017618%26amp%3D&vid=a3241e66-5c6a-4d48-8161-225ef2c02084&se=0&prev=0&cb=637032124261961970
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
accept-encoding
gzip, deflate, br
cookie
__cfduid=dda716d11ef6b7ed8723e005f928ab3ff1567957625
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=

Response headers

status
200
date
Sun, 08 Sep 2019 15:47:06 GMT
content-type
text/html
content-md5
xa1/rdPe0J6SwxlD7atkzw==
last-modified
Wed, 04 Sep 2019 20:07:08 GMT
x-ms-request-id
59f41c7e-d01e-0085-675c-660214000000
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
cf-cache-status
MISS
expires
Mon, 07 Sep 2020 15:47:06 GMT
cache-control
public, max-age=31536000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
51320f18cff459ee-VIE
content-encoding
br
t.gif
www.lightboxcdn.com/z9g/ 		35 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lightboxcdn.com/z9g/t.gif?c=1567957625716&h=act.ewg.org&e=p&u=42018
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 08 Sep 2019 15:47:05 GMT
cf-cache-status
HIT
content-md5
KNaBTzCeoon4R8ac+RGUxg==
age
204352
cf-polished
status=not_needed
x-ms-meta-cbmodifiedtime
Tue, 26 Feb 2019 00:59:40 GMT
status
200
content-length
35
x-ms-lease-status
unlocked
last-modified
Tue, 26 Feb 2019 01:15:02 GMT
server
cloudflare
etag
0x8D69B87D5A1B25F
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
x-ms-request-id
48b7eafb-401e-010c-457d-f6fd65000000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
51320f18cff059ee-VIE
cf-bgj
imgq:85
sLJwZK2mGwT9FrnHFx7TyK06
secure.everyaction.com/Databag/Profile/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.everyaction.com/Databag/Profile/sLJwZK2mGwT9FrnHFx7TyK06
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-CDN
Incapsula
Date
Sun, 08 Sep 2019 15:47:05 GMT
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
https://act.ewg.org
X-Iinfo
11-48078102-48078110 NNNN CT(0 0 0) RT(1567957625693 13) q(0 0 0 -1) r(1 1) U11
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
sLJwZK2mGwT9FrnHFx7TyK06
secure.ngpvan.com/Databag/Profile/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/Databag/Profile/sLJwZK2mGwT9FrnHFx7TyK06
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-CDN
Incapsula
Date
Sun, 08 Sep 2019 15:47:05 GMT
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
https://act.ewg.org
X-Iinfo
13-127803277-127803278 NNNN CT(0 0 0) RT(1567957625693 14) q(0 0 0 -1) r(1 1) U11
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=945359623&t=event&ni=1&_s=1&dl=https%3A%2F%2Fact.ewg.org%2Fonlineactions%2FntMTOZN5ZEiIPcMt1ojN6Q2%3Femci%3D0a226147-50cf-e911-bcd0-281878391efb%26emdi%3D30e9553e-a6d0-e911-bcd0-2818784d4349%26ceid%3D1497666%26contactdata%3Ds6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%252f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%252bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%252fDXguWh%252bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC%26sourceid%3D1017618%26amp%3D&ul=en-us&de=UTF-8&dt=Get%20Toxic%20Heavy%20Metals%20Out%20of%20Our%20Jewelry!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=AdvocacyForm&ea=Form%20Fill&el=FastAction&ev=1&_u=aGDACEALR~&jid=&gjid=&cid=949777343.1567957624&tid=UA-296149-25&_gid=51968724.1567957624&gtm=2wg8l2PPNMZJ&z=21433107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2019 00:26:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1524029
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
z
lightboxapi1.azurewebsites.net/z9l/42018/act.ewg.org/jsonp/ 		218 B
510 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lightboxapi1.azurewebsites.net/z9l/42018/act.ewg.org/jsonp/z?cb=1567957626536&callback=jQuery17107163395610863006_1567957625710&_=1567957626537
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/user.js?cb=637032124268809345
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.99.128.52 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
waws-prod-dm1-001.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
54d4b8a866acc1a3a604f33d242d08895e7be0ac22006e5b7671ce858dbcdc91

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 08 Sep 2019 15:47:06 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Length
297
Vary
Accept-Encoding
Content-Type
application/javascript
z.gif
api1.lightboxcdn.com/z9u/LIewXglgNlCGD0BWAdABgAQApiwMYQDsAXEAZwAsBudASWIFMp0dd0B5AZXQA10BGVAH0-AFkGIAlOgCCAB1lR6AdXoAjANIQiSAMwB2ZDoBsWdQAkAKsAAyAGnRQIAa3roA4vVxOQUgMLkAJxAAW3p4PRE0Qz0AJgBOZD4jOPQO... 		183 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api1.lightboxcdn.com/z9u/LIewXglgNlCGD0BWAdABgAQApiwMYQDsAXEAZwAsBudASWIFMp0dd0B5AZXQA10BGVAH0-AFkGIAlOgCCAB1lR6AdXoAjANIQiSAMwB2ZDoBsWdQAkAKsAAyAGnRQIAa3roA4vVxOQUgMLkAJxAAW3p4PRE0Qz0AJgBOZD4jOPQOWAAzWACIXQNjIA__XZX/z.gif
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
dd787044f07fb551657e198707ea27bfddcf6cf53bd6e8bf5efd6322a5273cba

Request headers

Accept
*/*
Referer
https://act.ewg.org/onlineactions/ntMTOZN5ZEiIPcMt1ojN6Q2?emci=0a226147-50cf-e911-bcd0-281878391efb&emdi=30e9553e-a6d0-e911-bcd0-2818784d4349&ceid=1497666&contactdata=s6efWzPYc7XxODjVHanSqT1xlICCoiA73jnfFPdZhcj%2f2cjmzs4nQAsovpxDCBz6UXFV6NjF6SbSS%2bbCR4z9LUTAxOldbcDMRa51tpkbGHYvvCjCIw%2fDXguWh%2bg943BAqrLMjmzVrad2DJoFMP0kwjQ1uUKtsPU0UcIFqC5M8sfWu57QvyOAeTgHi8nZtwJC&sourceid=1017618&amp=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 08 Sep 2019 15:47:06 GMT
content-encoding
br
cf-cache-status
HIT
age
48498
x-powered-by
ASP.NET
status
200
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
cf-ray
51320f1e1cc1cbb0-VIE
expires
Mon, 09 Sep 2019 15:47:06 GMT

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer function| $ function| jQuery object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| google_optimize string| $p_url string| $p_cached_url number| $p_org_id boolean| $p_session_only boolean| $p_supports_do_not_track number| $p_fb_app_id string| $p_fb_app_domain object| $p_source_param function| get_link_param function| strTrim object| SharePop object| _gat object| _gaq object| Kicksend object| appInsights function| handleScriptLoadError function| fbAsyncInit object| twttr object| $email object| $hint object| FB function| _ object| CSSModal object| intlTelInputGlobals function| intlTelInput object| Braintree object| nvtag object| request object| preset_pages function| __extends object| Microsoft object| AI object| __twttrll object| __twttr object| Backbone function| _jqjsp object| atLayer function| hj object| _hjSettings function| fbq function| _fbq object| user object| nvtag_plugins function| cardFromNumber function| cardFromType function| luhnCheck function| hasTextSelected function| safeVal function| replaceFullWidthChars function| reFormatNumeric function| reFormatCardNumber function| formatCardNumber function| formatBackCardNumber function| reFormatExpiry function| formatExpiry function| formatForwardExpiry function| formatForwardSlashAndSpace function| formatBackExpiry function| reFormatCVC function| restrictNumeric function| restrictCardNumber function| restrictExpiry function| restrictCVC function| setCardType object| __core-js_shared__ object| VgForm object| SecureForm object| VGSCollect object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| transactionFilter function| oldPush boolean| sweetSpotEnabled object| nvtag_callbacks function| lightboxjs function| lightboxlib object| formview object| DIGIOH_API object| LIGHTBOX_API undefined| jQuery17107163395610863006_1567957625710 object| jQuery17107163395610863006

14 Cookies

Domain/Path Name / Value
.facebook.com/ Name: fr
Value: 0bODqAbRt3OQTreAy..BddSJ5...1.0.BddSJ5.
.ewg.org/ Name: _hjid
Value: d89e9f75-0850-401e-9ee1-d6fee5498141
.ewg.org/ Name: _fbp
Value: fb.1.1567957625152.682850981
act.ewg.org/ Name: ai_session
Value: nB5k|1567957624928.72|1567957624928.72
act.ewg.org/ Name: ai_user
Value: rpaP0|2019-09-08T15:47:04.926Z
.ewg.org/ Name: _dc_gtm_UA-296149-25
Value: 1
.ewg.org/ Name: visid_incap_1852917
Value: aaefmZWqQ1+P0ibtacf7g3YidV0AAAAAQUIPAAAAAAA+JPcRhY2XZ88MayQO925g
.ewg.org/ Name: _ga
Value: GA1.2.949777343.1567957624
.ewg.org/ Name: _gat_UA-296149-25
Value: 1
.act.ewg.org/ Name: TiPMix
Value: 90.1894426858935
.ewg.org/ Name: _gcl_au
Value: 1.1.387622570.1567957624
.ewg.org/ Name: incap_ses_770_1852917
Value: U9dUFG4ZsCqvjL0q0pevCncidV0AAAAAYzyT0sLZJjjq5WNZAz/0Uw==
.ewg.org/ Name: nlbi_1852917
Value: YpaXM9Hr5xBvn5p2AbumDAAAAADK1nvv2foPWOGuWWoiHYwa
.ewg.org/ Name: _gid
Value: GA1.2.51968724.1567957624

7 Console Messages

Source Level URL
Text
console-api warning URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js(Line 1)
Message:
AI: CannotSerializeObjectNonSerializable message:"Attempting to serialize an object which does not implement ISerializable" props:"{name:baseData}"
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Downloading (Forms): 576.157958984375ms
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Processing (Forms): 35.647705078125ms
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Render (Forms): 22.47265625ms
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Fill (Forms): 6.556884765625ms
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Form (Forms): 669.5009765625ms
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Total: 708.87109375ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

act.ewg.org
advocator.ngpvan.com
ajax.googleapis.com
api1.lightboxcdn.com
az416426.vo.msecnd.net
c.shpg.org
click.everyaction.com
connect.facebook.net
d1aqhv4sn5kxtx.cloudfront.net
d3rse9xjbp8270.cloudfront.net
dc.services.visualstudio.com
fastaction.ngpvan.com
googleads.g.doubleclick.net
js.verygoodvault.com
lightboxapi1.azurewebsites.net
nvlupin.blob.core.windows.net
platform.twitter.com
profile.ngpvan.com
script.hotjar.com
secure.everyaction.com
secure.ngpvan.com
static.hotjar.com
staticxx.facebook.com
stats.g.doubleclick.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.lightboxcdn.com
143.204.208.10
143.204.214.52
147.75.204.150
147.75.204.174
147.75.32.75
152.199.19.160
172.217.22.2
216.58.210.2
23.99.128.52
2600:9000:2057:800:12:303c:8700:21
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::6819:7824
2606:4700::6810:4fa5
2606:4700::6810:51a5
2a00:1450:4001:819::2008
2a00:1450:4001:81e::2003
2a00:1450:4001:81f::2004
2a00:1450:4001:821::200a
2a00:1450:4001:825::200e
2a00:1450:400c:c06::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
40.114.13.25
45.60.33.183
51.140.6.23
52.239.157.138
013819105effb1832cbcbcfcc6317b0045170a7f671bd953a21f0847fa1a2e6e
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
09c09240791dd7620b5353be9461a38903e62d4f3a9c877480eb286f312ac87b
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
100f3b6608c2d06b44006e5bf6624c7e274a7a4fa2f9ceba1640a14409e8fa52
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756
1ea98199c0cd8511cfe5a02bb293b6731b48cc67f16bc7787b89cab39a7666de
1f34b8767a40c9c087c13b6b2b3747a1b45d6d25fafe93e8364fe68fa4d58a77
205338343ea6e51032370ab86baf04c802386f1bf17ad01bd7796bd985a51c9c
222ccd47edcba35fa954ad1ce6e7a9d58b3c80de3636153cdd2969207c47ad65
38896119b5b0007bd7b5066e7c4825ed18a0a741890546619445250cdf4efadc
3b28a3112a58e0fbe982ba98e98ef9eddd734aea7c4ec88e3b00427a9fcff96d
411122d14adc4bc002b891888c499170fed6159ad31ebf2474abc79fe71aadb2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46779e3cad2b91e0d18dacc02663720d2ad84c9546508c7df89dc89f706dac79
54d4b8a866acc1a3a604f33d242d08895e7be0ac22006e5b7671ce858dbcdc91
557afa4ab7c9f72d664c4b24fdac9550f4a76fd2be10eaa1e50b13fe1985c321
586da77625222bd42cdc5ca526d8c0a4b6d013d3a6326501943c1a90a9137ae1
59b12bb82f6bce4a51799b0729477cd791a337a89d9bd1d297d5325ca01915f9
5d81cd6b6b332f9c04694c999bb3cb49a555b6a5cc6b809e13a6f578d72d86e7
5f793d0ef8e7b2b0a2f5271e63c4be9cfaefcf746af1b849d353bf75e420d20d
63e779ec6d8aa4176b3ffcf1720c8bebe8dfc29c6b8da77dcb04d512faea8bdb
65acd4faaf7dc993945851860260e5807faf7f555ba9ea0f9feaa62c5163aaae
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85112008f74106bf7dc8348c58a5585b6349daa95b0508f818c9482623389958
8c88d6a0ae774f43c52a16b37d0134231b235ddf98ce9eb7f28c587c31b59d5a
8e56bfbe35470230925fd927d16342b3f18d1bc0751b1405c2c26999440426b0
aa040a993aacc3f8f644760817819c9f7eb58208002200753188c2569448683e
b3b360dc7d412894d4772b986c10a6cfdf06ad89a522135fadf757aa7434ed02
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
b73d62248328166d022859de067672f393b6497b2153b433c717e14672d49226
bad64e9f436f476fb988197ae48418be1fd5e29d33239ea3d8ed8a21f8f67d81
be06a01a728cd32b2d9ff91b4313b37389f116238c6ff25366115f0b813b269c
bee921717eaa88a5a96691b994da8dc6ee3354e71dc89a2ef618c2814ae1c3dc
ccd053017fdae8464083266bb6715aa4a011743f2e8729a23c7216a641a71b43
d32edd2deab9a90a989acdfb16d6fcf57bbe15acb7716c3d851e10f1fcfc1163
d43836181816cab0a1fe6306719242a3d48862030061c029073ce7c81882f0c3
d9f31b61d16b7ec21217bcd0a44b504187d0e293b2e692c23e8a30532a20903e
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591
dd787044f07fb551657e198707ea27bfddcf6cf53bd6e8bf5efd6322a5273cba
de71efa1fccf1dbffe5c4298e290fac612ee54a4d539294d1ddbe0b1175e2a27
e00bd8bb05098b488d5e5191c17d9e710d45da7b4425656d3aaefdf40485f07f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6c748051af1fdbb5dc0387216bda0c18ad35c116f6245dbc4ff3119bf734087
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1106d00331995db22eee14181b1510b7ec3b7e780e0e4fa6827c66aaa2a99b4
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc